物聯網是近20 年來最熱門的科技趨勢之一。隨著大量的物聯網裝置加入,機器設備相繼智慧化 與網路化,物聯網的安全性已躍升為重要的議題。根據美國聯邦貿易委員會(FTC)在2015 年的物聯網 設備的安全建議報告,物聯網相關裝置與物聯網基礎設施將面臨嚴峻的安全問題,且不安全的物聯網 可能帶來嚴重的損失。 本計畫將物聯網安全分成三個部分:來自無線感測網路內部的攻擊、雲霧端平台或聯網遭受的外 部攻擊以及資料儲存系統的安全。無線感測網路內部的攻擊是指受感染的感測裝置由內部攻擊所在之 感測網路。由於感測裝置本身的計算/通訊能力有限,如何提供有效且低計算/低通訊要求的安全機制 是第一年計畫的重點。第二年計畫的重點是處理感測網路上傳資料到雲霧端,或從雲霧端下載資料時 遭受來自感測網路外部的惡意攻擊。目前感測網路使用不同的通訊協定連上雲霧端,如何讓這些通訊 協定共存而且安全的通訊,避免駭客藉由感測裝置攻擊其它系統是我們的目標。最後是物聯網資料的 儲存系統安全。大量的物聯網感測資料上傳至雲霧端儲存系統進行備份,然而目前這樣的備份方式對 於機密性的資料是否提供足夠的安全與隱私保護,避免未授權的存取與資料濫用是我們第三年計畫的重點。 ;The Internet of Things (IoT) has become one of the most popular technology in the past twenty years. With enormous number of IoT devices, and the intellectualization and networklization of machine devices, the security of IoT has hence become the most important issue. According to the IoT security recommendation report of the Federal Trade Commission (FTC) at 2015, IoT relevant devices and infrastructure have encountered a great deal of security challenges. The insecurity of IoT Network will cause severe loss. Our project organizes the IoT security issue into three sections: first, is the insider attack from wireless sensor networks; second, is the cloud/fog computing platform being attacked from the outsider; and last, is the storage security in IoT. The insider attack means that wireless sensing networks are attacked by the infected sensor devices. Due to sensors’ limited computing/communication capability, our project’s first year’s emphasis would be on how to provide an efficient and low cost security mechanism. The second year’s emphasis is to deal with the malicious outsider attack when the IoT network is uploading or downloading data from the cloud/fog computing platform. Current wireless sensor networks use different protocols for cloud/fog computing platform connection; our objectives is to make these different protocols coexist with one another, and to avoid hacker using the sensor devices to attack other systems. Last is the security of IoT data storage system. In IoT, massive amount of data is uploaded to the cloud/fog computing storage system for data backups. The main focus of our project in the third year is to avoid unauthorized access and information abuse.
