ENISA publishes today a short paper aiming to identify and tackle the security challenges that the IoT ecosystem brings to Cloud and vice-versa.
In the last few years, we have witnessed a burst of Internet of Things (IoT) products and Cloud has evolved to accommodate the needs of IoT applications, providing many new features specific to aggregating, storing and processing data generated by IoT.
This work combines the existing knowledge of ENISA in IoT and Cloud security and presents an analysis of security challenges and potential security takeaways that vendors of IoT devices and Cloud Service Providers can consider. Among the security takeaways, end-to-end security and adoption of baseline security measures are the ones confirming the need for a holistic approach on security for the IoT ecosystem.
ENISA’s work on Baseline security recommendations for IoT introduced an IoT high-level reference model, which encompasses key elements that promote a significant degree of interoperability across different assets, platforms and environments for IoT. The ENISA IoT high-level reference model formed the basis for this work to divide the challenges and takeaways in three main dimensions: analysis, connectivity and integration.
The paper includes also four attack scenarios, which highlight how these security challenges can be materialised, and concludes mapping the challenges to the security takeaways.
For more information read the full paper: Towards secure convergence of Cloud and IoT