Practical Internet of Things Security: Design a security framework for an Internet connected ecosystem, 2/e
暫譯: 實用物聯網安全：為互聯網連接生態系統設計安全框架，第二版

A practical, indispensable security guide that will navigate you through the complex realm of securely building and deploying systems in our IoT-connected world

Key Features

• Learn best practices to secure your data from the device to the cloud
• Use systems security engineering and privacy-by-design principles to design a secure IoT ecosystem
• A practical guide that will help you design and implement cyber security strategies for your organization

Book Description

With the advent of the Internet of Things (IoT), businesses have to defend against new types of threat. The business ecosystem now includes the cloud computing infrastructure, mobile and fixed endpoints that open up new attack surfaces. It therefore becomes critical to ensure that cybersecurity threats are contained to a minimum when implementing new IoT services and solutions.

This book shows you how to implement cybersecurity solutions, IoT design best practices, and risk mitigation methodologies to address device and infrastructure threats to IoT solutions.

In this second edition, you will go through some typical and unique vulnerabilities seen within various layers of the IoT technology stack and also learn new ways in which IT and physical threats interact. You will then explore the different engineering approaches a developer/manufacturer might take to securely design and deploy IoT devices. Furthermore, you will securely develop your own custom additions for an enterprise IoT implementation. You will also be provided with actionable guidance through setting up a cryptographic infrastructure for your IoT implementations. You will then be guided on the selection and configuration of Identity and Access Management solutions for an IoT implementation. In conclusion, you will explore cloud security architectures and security best practices for operating and managing cross-organizational, multi-domain IoT deployments.

What you will learn

• Discuss the need for separate security requirements and apply security engineering principles on IoT devices
• Master the operational aspects of planning, deploying, managing, monitoring, and detecting the remediation and disposal of IoT systems
• Use Blockchain solutions for IoT authenticity and integrity
• Explore additional privacy features emerging in the IoT industry, such as anonymity, tracking issues, and countermeasures
• Design a fog computing architecture to support IoT edge analytics
• Detect and respond to IoT security incidents and compromises

Who this book is for

This book targets IT Security Professionals and Security Engineers (including pentesters, security architects and ethical hackers) who would like to ensure the security of their organization's data when connected through the IoT. Business analysts and managers will also find this book useful.

Table of Contents

1. A Brave New World
2. Vulnerabilities, Attacks and Countermeasures
3. Approaches to Secure Development
4. Secure Design of IoT Devices
5. Operational Security Life Cycle
6. Cryptographic Fundamentals for IoT Security Engineering
7. Identity and Access Management Solutions for the IoT
8. Mitigating IoT Privacy Concerns
9. Setting Up an IoT Compliance Monitoring Program
10. Cloud Security for the IoT
11. IoT Incident Response and Forensic Analysis