Since the IoT for connected life and work is becoming increasingly important, companies must find answers to questions of network security. Private Pre-Shared Keys (PPSK) can help here.
In the private or professional environment we share a wireless network with others, and use for registration, and authentication is usually only a single pre-distributed network key, Pre-Shared Key (PSK) called. In an IoT scenario however, it is better to be able to control where and how this key is passed on to the connected devices. The only way to prevent the unprotected network key an air conditioner or smart lighting system for loophole for attacker.
The question is: How safe are the devices that connect to the network? In the IoT sector are usually relatively simple products that barely have mechanisms to effectively protect yourself and your wireless network. Therefore, they can often be easily chop. This in turn means that access to the network and possibly even sensitive corporate data are extremely vulnerable.
The degree of vulnerability were experts of the security company "Context Information Security" in 2014 by the example of a smart lighting system. By giving yourself access to the central air unit, they initially controlled the lighting system, then changes to the WLAN configuration could make and were in control of the entire building management.
The problem with this kind of lighting systems and IoT devices is generally that they use in most cases only a single pre-distributed keys (PSK) to connect to the network. One reason is that many of these devices only support WPA / WPA2 and not RADIUS.
As the study of context has been distributed keys are never advance a more secure way to authenticate devices. Even the detour via the connection of a separate SSID specifically for this requirement is not recommended because each additional broadcast SSID reduces the overall performance of the WLAN network - a phenomenon that is known as the SSID overhead. So what should companies do to safely and efficiently integrate the variety of devices?
No comments:
Post a Comment