Over the last couple of years, the Internet of Things has become a topic of interest and speculation for most technology enthusiasts — specifically their tenuous relationship with security. But wisely-utilized smart cards applications may be able to bring more security to IoT devices.
IoT provides the framework that allows better integration between the physical world and electronic devices over existing networks making these devices smarter.
IoT enabled devices can be seen not only in industries like manufacturing, construction, logistics and agriculture but also in smart homes and smart automobiles. Gartner estimates that 20 billion dedicated functional devices will be connected online by 2020.
Most of the speculation around IoT has centered around the security of these devices. Since they are connected over existing networks, IoT devices are vulnerable to attacks from hackers and other miscreants in the society.
There have been several IoT related vulnerabilities and attacks reported both in industrial environment as well the consumer electronics sector.
Smart cards as security measures
Smart cards have long been used for securing different types of human-network transactions. For example, they are used to make secure payments for purchases over the banks payment network.
Smart card access control allows employers to grant specific, controlled access to buildings and facilities. They can also be combined with other form of authentication techniques like pins, passwords, and biometrics to implement a stronger authentication protocol.
The secure microcontroller inside a smart card also known as a smart chip allows it to store and process data and carry secure communication with smart card readers. Let us now see how the security mechanisms provided by the smart could be integrated into IoT systems to secure them.
The Secure Technology Alliance recommends the use of embedded hardware security for IoT devices. This would require that untouchable security components and encryption capabilities should be built directly into the IoT devices at the manufacturing stage.
Read Next: Security Risks & Potential Dangers of IoT
Embedded technology can be used to protect the identity of the devices and prevent unauthorized tampering.
This embedded security could be provided by smart chips which would protect the privacy and security of the devices as well as the vast amount of data the devices generate.
The chips would not only control how the devices would perform under normal conditions but also how they would react when tampered or attacked in any way.
The need of securing IoT devices has also led to the manufacture of special chips called secure elements. A secure element is a microprocessor chip that is able to store, process and protect that in an isolated trusted environment in a connected device.
They can store cryptographic keys and enhance memory security. They also offer tamper-resistant environment for cryptographic data. Various secure elements with enhanced interface logic can be embedded in IoT devices and industrial connected equipment’s to offer smart card level digital security.
Secure elements help to ensure that access is granted only to authorized applications and people.
Smart cards can also be used to login the user to the IoT server. The server would authenticate the user and a unique session key would be generated that will enable the user to securely use connected IoT devices.
Smart cards can also help in encryption key management between the card, user and the device. This will ensure the confidentiality and integrity of the sensitive information being transmitted.
In conclusion, IoT devices need to be secured by design instead of security being an afterthought. Enhanced smart chips or secure elements can be embedded into the IoT device to authenticate devices and applications just like smart cards are used to authenticate people.
Smart cards can also be used to authenticate IoT device users and administrators. Thus smart card technology can be used to secure both device-to-device interactions as well as device-to-human interactions.