Index
A
- access control
- about / Authorization and access control
- access controls
- within communication protocols / Access controls within communication protocols
- ActiveDirectory (AD) / Azure authentication
- Advanced Message Queuing Protocol (AMQP)
- about / Messaging protocols
- AES (advanced encryption standard)
- about / Symmetric encryption
- agile developments
- security / Security in agile developments
- Amazon Glacier
- reference link / AWS IoT
- Amazon Web Services (AWS)
- Amenaza
- URL / Building an attack tree
- application programming interface (API)
- about / The IoT in the enterprise
- application programming interfaces (APIs / Cryptographic security APIs
- Assured Compliance Assessment Solution (ACAS)
- about / Automated search for flaws
- asymmetric encryption
- defining / Asymmetric encryption
- attacks
- and countermeasures, defining / Primer on attacks and countermeasures
- attack tree
- and fault tree, comparing / Fault tree and attack tree differences
- attack trees
- defining / Attack trees
- URL / Attack trees
- building / Building an attack tree
- attribute-based access control (ABAC)
- about / Attribute-based access control, Naming a device
- reference / Attribute-based access control
- authenticated encryption
- examples / Symmetric (MACs)
- authentication, authorization, and accounting (AAA) / 802.1x
- authentication credentials
- defining / Authentication credentials
- passwords / Passwords
- symmetric keys / Symmetric keys
- certificates / Certificates
- biometrics / Biometrics
- OAuth 2.0, using / New work in authorization for the IoT
- authentication security controls
- about / Authentication (and authorization)
- Amazon AWS IAM / Amazon AWS IAM
- Azure authentication / Azure authentication
- authorization
- about / Authorization and access control
- authorization and access controls
- within publish/subscribe protocols / Authorization and access controls within publish/subscribe protocols
- AWS IoT
B
- basic safety messages (BSM)
- about / IEEE 1609.2
- basic safety messages (BSMs) / New privacy approaches for credentials
- Bastille
- Beyond Line of Sight (BLOS) unmanned air system (UAS) / Implementation and integration
- binary analysis
- examples / Analyzing the IoT devices involved
- Black box
- about / Black box
- block chaining modes / Block chaining modes
- Bluetooth-LE
- keys, defining / Bluetooth-LE
- Bluetooth Media Access Control (MAC) address / Privacy impact assessment
- brain-computer interfaces (BCI)
- brain machine interfaces (BMI)
- bring your own device (BYOD)
- Brivo Labs
- BSP (Board Support Package) vendors
- about / IoT device implementation
- Building Security In Maturity Model (BSIMM)
- bulk electric system (BES)
- about / NERC CIP
C
- Center for Internet Security (CIS)
- about / Compliance
- URL / Compliance
- certificate-based key establishment (CBKE)
- about / ZigBee
- Certificate of Cloud Security Knowledge (CCSK)
- about / Certifications
- certificate response
- about / PKI primer
- Certificate Revocation List (CRL)
- about / OCSP
- certificate revocation lists (CRL)
- about / Revocation support
- certificates
- defining / Certificates
- X.509 / X.509
- IEEE 1609.2 / IEEE 1609.2
- certificate signing request (CSR)
- about / PKI for the IoT
- certification and accreditation (C&A) / Compliance
- Certified Cloud Security Professional (CCSP)
- about / Certifications
- Certified Information Privacy Professional (CIPP)
- about / Certifications
- Chief Information Officer (CIO)
- about / The IoT in the enterprise
- chip de-capping / Analyzing the IoT devices involved
- cipher-feedback chaining (CFB)
- about / Block chaining modes
- cipher block chaining (CBC)
- about / Block chaining modes
- ciphersuites
- defining / Ciphersuites
- ciphertext
- defining / Encryption and decryption
- Cisco Application Framework (CAF) / Cisco Fog Computing
- Cisco Fog Computing
- reference link / Cisco Fog Computing
- cloud-enabled directions
- about / Cloud-enabled directions
- on-demand computing (ODC) / On-demand computing and the IoT (dynamic compute resources)
- new distributed trust models / New distributed trust models for the cloud
- cognitive IoT / Cognitive IoT
- cloud-enabled IOT computing
- characteristics / New directions in cloud-enabled IOT computing
- IoT-enablers of cloud / IoT-enablers of the cloud
- cloud-enabled directions / Cloud-enabled directions
- cloud-enabled IoT starter kit
- reference link / Cloud services and the IoT
- Cloud IoT security controls
- about / Cloud IoT security controls
- authentication (and authorization) / Authentication (and authorization)
- software/firmware updates / Software/firmware updates
- end-to-end security recommendations / End-to-end security recommendations
- data integrity, maintaining / Maintain data integrity
- secure bootstrap implementation / Secure bootstrap and enrollment of IoT devices
- IoT devices enrollment / Secure bootstrap and enrollment of IoT devices
- security monitoring / Security monitoring
- Cloud Security Alliance (CSA)
- URL / Establish SLAs
- about / Certifications
- cloud service provider (CSP)
- about / Install/update sensors
- cloud service provider IoT offerings
- exploring / Exploring cloud service provider IoT offerings
- AWS IoT / AWS IoT
- Microsoft Azure IoT suite / Microsoft Azure IoT suite
- Cisco Fog computing / Cisco Fog Computing
- IBM Watson IoT platform / IBM Watson IoT platform
- Cloud Service Providers (CSP)
- about / IoT service implementation
- Cloud Service Providers (CSPs)
- cloud services
- and IoT / Cloud services and the IoT
- asset/inventory management / Asset/inventory management
- service provisioning / Service provisioning, billing, and entitlement management
- billing / Service provisioning, billing, and entitlement management
- entitlements management / Service provisioning, billing, and entitlement management
- real-time monitoring / Real-time monitoring
- sensor coordination / Sensor coordination
- customer intelligence / Customer intelligence and marketing
- marketing / Customer intelligence and marketing
- information sharing / Information sharing
- message transport/broadcast / Message transport/broadcast
- IoT threats, examining / Examining IoT threats from a cloud perspective
- CoAP
- URL / CoAP
- cognitive IoT
- predictive health monitoring / Cognitive IoT
- collaborative navigation techniques / Cognitive IoT
- common names (CN)
- about / X.509
- community of interest (COI)
- about / Authorization and access control
- complex compliance environment
- defining / A complex compliance environment
- complex sharing environment
- about / A complex sharing environment
- wearables / Wearables
- smart homes / Smart homes
- compliance
- about / Compliance
- industry-specific compliance regimens / Compliance
- monitoring for / Monitoring for compliance
- concept of operations (CONOPS) / Implementation and integration
- concise binary object representation (CBOR)
- about / OAuth 2.0
- Constrained Application Protocol (CoAP)
- about / Messaging protocols
- Content Delivery Network (CDN) / Microsoft Azure IoT suite
- Continuity of Operations (COOP)
- about / Step 4 – identify threats
- continuous integration (CI)
- security / Security in agile developments
- Continuous Integration (CI)
- about / Automated search for flaws
- controller area network (CAN)
- about / Today's IoT attacks
- controller area network (CAN) bus / IoT and data buses
- controls, OAuth2
- references / REST
- counter mode (CTR)
- about / Counter modes
- counter modes / Counter modes
- Court of Justice of the European Union (CJEU) / Information sharing
- CPS attack
- prerequisites / Example anatomy of a deadly cyber-physical attack
- credential and attribute provisioning
- about / Credential and attribute provisioning
- local access / Local access
- Critical Infrastructure Protection (CIP) / Compliance
- cross-industry collaboration
- defining / Why cross-industry collaboration is vital
- cryptographic controls, for IoT protocols
- cryptographic controls, into IoT communication protocols
- defining / Cryptographic controls built into IoT communication protocols, ZigBee
- Bluetooth-LE / Bluetooth-LE
- Near field communication (NFC) / Near field communication (NFC)
- cryptographic controls, into IoT messaging protocols
- defining / Cryptographic controls built into IoT messaging protocols
- MQTT / MQTT
- CoAP / CoAP
- DDS / DDS
- REST / REST
- cryptographic key management
- defining / Cryptographic key management fundamentals, Summary of key management recommendations
- key generation / Key generation
- key establishment / Key establishment
- key derivation / Key derivation
- key storage / Key storage
- key escrow / Key escrow
- key lifetime / Key lifetime
- key zeroization / Key zeroization
- accounting / Accounting and management
- management / Accounting and management
- cryptographic module principles
- defining / Cryptographic module principles
- cryptographic security APIs
- about / Cryptographic security APIs
- cryptography
- defining, in securing IoT / Cryptography and its role in securing the IoT
- implementing / Cryptographic module principles
- cyber-physical systems (CPS)
- cybersecurity
- versus IoT security / Cybersecurity versus IoT security and cyber-physical systems
- Cybersecurity Assurance Program (CAP)
- cyclic redundancy check (CRC)
D
- Data Distribution Service (DDS)
- about / Messaging protocols
- Data Distribution Standard (DDS)
- about / DDS
- Datagram TLS (DTLS)
- about / Transport protocols
- data link and physical protocols
- about / Data link and physical protocols
- IEEE 802.15.4 / IEEE 802.15.4
- ZWave / ZWave
- Power Line Communications (PLC) / Power Line Communications
- cellular communications / Cellular communications
- data security standard (DSS)
- about / IoT compliance
- decryption
- defining / Encryption and decryption
- dedicated short range communications (DSRC)
- about / IEEE 1609.2
- Defense Advanced Research Projects Agency (DARPA)
- about / Security monitoring
- Denial of Service (DoS)
- about / Step 4 – identify threats
- Department of Homeland Security (DHS)
- detection and analysis
- about / Detection and analysis
- compromised system, analyzing / Analyzing the compromised system
- IoT devices, analyzing / Analyzing the IoT devices involved
- escalation / Escalate and monitor
- monitoring / Escalate and monitor
- deterministic random bit generators (DRBGs)
- about / Random number generation
- digital forensics and incident response (DFIR) / Detection and analysis
- digital signature
- defining / Digital signatures
- symmetric (MACs) / Symmetric (MACs)
- Discrepancy Reports (DRs) / System security verification and validation (V
- disposal phase, IoT system lifecycle / Dispose
- secure device disposal and zeroization / Secure device disposal and zeroization
- data purging / Data purging
- inventory control / Inventory control
- data archival / Data archiving and records management
- records management / Data archiving and records management
- distinguished names (DN)
- about / X.509
- distributed denial of service (DDOS) / Software defined networking (SDN)
- distributed trust authorities (DTA) / New distributed trust models for the cloud
- DNS-based Authentication of Named Entities (DANE) / Planning for provisioning mechanisms
- Docker
- reference link / Containers for deployment support
- domain name system (DNS) integration / Planning for provisioning mechanisms
- DSA (digital signature algorithm)
- about / Digital signatures
E
- Elastic Search (ES) / AWS IoT
- Electronic code book (ECB)
- about / Symmetric encryption
- electronic control units (ECU) / Safety impact assessment
- electronic control units (ECUs)
- about / Today's IoT attacks
- Electronic Key Management System (EKMS)
- electronic serial numbers (ESNs)
- about / Naming a device
- Elliptic curve (EC)
- Elliptic curve DSA (ECDSA)
- about / Digital signatures
- Elliptic Curve Qu-Vanstone (ECQV)
- about / ZigBee
- encryption
- defining / Encryption and decryption
- symmetric encryption / Symmetric encryption
- asymmetric encryption / Asymmetric encryption
- advantages / Asymmetric encryption
- End Entities (EE)
- about / PKI primer
- Explicit trust / PKI primer
- Cross-certification / PKI primer
- end entity
- about / PKI primer
- enterprise IoT cloud security architecture
- Extensible Markup Language (XML)
- about / XMPP
F
- fault and attack tree analysis
- merging / Merging fault and attack tree analysis
- fault tree
- and attack tree, comparing / Fault tree and attack tree differences
- fault tree analysis (FTA)
- Federal Information Processing Standards (FIPS)
- about / ThingWorx
- Federal Information Protection Standards (FIPS) / Compliance
- FIDO
- URL / Biometrics
- FIPS 140-2
- reference / Cryptographic module principles
- Fitbit
- Fog Computing
- about / Edge
- Food and Drug Administration (FDA) / Compliance
- ForgeRock
- Funtenna
- about / Security monitoring
- Fuzz testing
- about / Fuzz testing
G
- Galois counter mode (GCM)
- about / Counter modes, Symmetric (MACs), Ciphersuites
- Gartner
- reference / Why cross-industry collaboration is vital
- General Purpose Input/Output (GPIO) pins
- about / The hardware
- Geographic Information System (GIS)
- about / Building an attack tree
- GMAC (Galois message authentication code)
- about / Symmetric (MACs)
- governance, risk, and compliance (GRC) / IoT compliance
H
- Hardsploit
- hardware security module (HSM)
- about / Key storage
- hardware security modules (HSM)
- hashes
- defining / Hashes
- High Tech Crime Investigation Association (HTCIA)
- about / Escalate and monitor
- HIPAA/HITECH
- about / HIPAA/HITECH
- references / HIPAA/HITECH
- Hypr Biometric Security
- URL / Biometrics
I
- IAM
- defining, for IoT / An introduction to identity and access management for the IoT
- IBM Watson IoT platform
- about / IBM Watson IoT platform
- reference link / IBM Watson IoT platform
- MQTT and REST interfaces / MQTT and REST interfaces
- Identity and Access Management (IAM) service
- about / Authentication/authorization
- identity lifecycle
- defining / The identity lifecycle
- naming conventions, establishing / Establish naming conventions and uniqueness requirements
- device, naming / Naming a device
- secure bootstrap / Secure bootstrap
- credential and attribute provisioning / Credential and attribute provisioning
- account monitoring and control / Account monitoring and control
- account updates / Account updates
- account suspension / Account suspension
- account, deactivating / Account/credential deactivation/deletion
- identity relationship management (IRM) / Identity relationship management and context
- Identity Relationship Management (IRM)
- about / Authentication/authorization
- identity relationship management and context
- about / Identity relationship management and context
- attribute-based access control (ABAC) / Attribute-based access control
- role-based access control (RBAC) / Role-based access control
- third-party data requirements / Consider third-party data requirements
- keys and certificates, managing / Manage keys and certificates
- identity services engine (ISE) / Cisco Fog Computing
- implementation and integration, IoT system lifecycle
- about / Implementation and integration
- IoT security CONOPS document / IoT security CONOPS document
- network and security integration / Network and security integration
- system security verification and validation (V&V) / System security verification and validation (V
- security training / Security training
- secure configurations / Secure configurations
- incident response planning
- about / Incident response planning
- IoT system categorization / IoT system categorization
- IoT incident response procedures / IoT incident response procedures
- cloud provider's role / The cloud provider's role
- IoT incident response team composition / IoT incident response team composition
- detection and analysis / Detection and analysis
- containment / Containment, eradication, and recovery
- eradication / Containment, eradication, and recovery
- recovery / Containment, eradication, and recovery
- post-incident activities / Post-incident activities
- incident response preparation / Incident response planning
- industry-specific compliance regimens, compliance
- PCI (Payment Card Industry) / Compliance
- NERC (North American Electric Reliability Corporation) / Compliance
- USPS (US Postal Service) / Compliance
- SAE (Society of Automotive Engineers) / Compliance
- NIST (National Institutes for Standards and Technology) / Compliance
- HIPAA / Compliance
- information assurance (IA)
- information practices (FIPs) privacy principles
- consent / Respect for user privacy
- accuracy / Respect for user privacy
- access / Respect for user privacy
- compliance / Respect for user privacy
- infrastructure-as-a-service (IaaS) / Examining IoT threats from a cloud perspective
- initialization vector (IV)
- integer factorization cryptography (IFC)
- integrated circuits (IC)
- about / The hardware
- integrated modular avionics (IMA)
- International Association of Privacy Professionals (IAPP)
- reference link / Privacy engineering professionals
- International Association of Privacy Professionals (iAPP)
- about / Certifications
- Internet Engineering Task Force (IETF)
- Internet of Things (IoT)
- defining / Defining the IoT
- IoT
- references / Defining the IoT
- using / IoT uses today
- energy industry / Energy industry and smart grid
- smart grid / Energy industry and smart grid
- connected vehicles and transportation / Connected vehicles and transportation
- manufacturing / Manufacturing
- wearables / Wearables
- implantables / Implantables and medical devices
- medical devices / Implantables and medical devices
- defining / The things in the IoT
- hardware / The hardware
- operating systems / Operating systems
- communications / IoT communications
- messaging protocols / Messaging protocols
- transport protocols / Transport protocols
- network protocols / Network protocols
- data link and physical protocols / Data link and physical protocols
- data collection / IoT data collection, storage, and analytics
- storage and analytics / IoT data collection, storage, and analytics
- integration platforms and solutions / IoT integration platforms and solutions
- need for securing / The IoT of the future and the need to secure
- and cognitive systems / The future – cognitive systems and the IoT
- cryptographic primitives, types / Types and uses of cryptographic primitives in the IoT
- cryptographic primitives, uses / Types and uses of cryptographic primitives in the IoT
- and cryptography, future / Future directions of the IoT and cryptography
- IAM infrastructure / IoT IAM infrastructure
- privacy challenges / Privacy challenges introduced by the IoT
- IoT, in enterprise
- defining / The IoT in the enterprise
- IoT-enablers, cloud
- software defined networking (SDN) / Software defined networking (SDN)
- data services / Data services
- container support, for secure development environments / Container support for secure development environments
- containers, for deployment support / Containers for deployment support
- microservices / Microservices
- Move to 5G connectivity / The move to 5G connectivity
- IoT attacks
- defining / Today's IoT attacks
- wireless reconnaissance and mapping / Wireless reconnaissance and mapping
- security protocol attacks / Security protocol attacks
- physical security attacks / Physical security attacks
- application security attacks / Application security attacks
- IoT attack types
- about / Common IoT attack types
- attack trees / Attack trees
- fault (failure) trees / Fault (failure) trees and CPS
- CPS / Fault (failure) trees and CPS
- cyber-physical attack, example / Example anatomy of a deadly cyber-physical attack
- IoT compliance
- defining / IoT compliance
- challenges / Challenges associated with IoT compliance
- existing compliance standards support, examining / Examining existing compliance standards support for the IoT, NIST CPS efforts, HIPAA/HITECH, PCI DSS, NIST Risk Management Framework (RMF)
- IoT compliance program
- defining / An IoT compliance program
- executive oversight / Executive oversight
- policies and procedures / Policies, procedures, and documentation
- documentation / Policies, procedures, and documentation
- training and education / Training and education, Data security, The IoT, network, and cloud
- references / Defense-in-depth
- testing / Testing
- internal compliance monitoring / Internal compliance monitoring, Install/update sensors, Automated search for flaws, System design updates
- periodic risk assessments / Periodic risk assessments, Black box, White box assessments, Fuzz testing
- IoT device
- lifecycle / The IoT device lifecycle
- implementation / IoT device implementation
- and service deployment / IoT device and service deployment
- in operation / Focusing on the IoT device in operation
- IoT devices
- references / ZigBee
- IoT IAM infrastructure
- 802.1x / 802.1x
- PKI, for IoT / PKI for the IoT
- IoT incident response
- threats, to safety and security / Threats both to safety and security
- defining / Threats both to safety and security
- executing / Threats both to safety and security
- planning / Planning and executing an IoT incident response
- IoT incident response team composition
- about / IoT incident response team composition
- communications planning / Communication planning
- IRP exercises / Exercises and operationalizing an IRP in your organization
- IRP, operationalizing / Exercises and operationalizing an IRP in your organization
- IoT penetration test tools
- about / IoT penetration test tools
- BlueMaho / IoT penetration test tools
- Bluelog / IoT penetration test tools
- crackle / IoT penetration test tools
- SecBee / IoT penetration test tools
- KillerBee / IoT penetration test tools
- scapy-radio / IoT penetration test tools
- Wireshark / IoT penetration test tools
- Aircrack-ng / IoT penetration test tools
- Chibi / IoT penetration test tools
- Hardsploit / IoT penetration test tools
- HackRF / IoT penetration test tools
- Shikra / IoT penetration test tools
- IoT Privacy Impact Assessment (PIA)
- performing, guidelines / Guide to performing an IoT PIA
- reference link / Overview, Information sharing
- IoT Privacy Impact Assessment (PIA), performing
- about / Guide to performing an IoT PIA
- overview / Overview
- issues, reference link / Overview
- authorities / Authorities
- collected information, characterizing / Characterizing collected information
- collected information, uses / Uses of collected information
- security / Security
- notice / Notice
- data retention / Data retention
- information sharing (onward transfer) / Information sharing
- redress / Redress
- auditing and accountability / Auditing and accountability
- IoT relationship platforms
- about / IoT relationship platforms
- Xively / Xively
- ThingWorx / ThingWorx
- IoT security and cyber-physical systems
- versus cybersecurity / Cybersecurity versus IoT security and cyber-physical systems
- IoT security CONOPS document / IoT security CONOPS document
- IoT security service
- reference / Security monitoring
- IoT service
- implementation / IoT service implementation, IoT device and service deployment
- attributes / Naming a device
- IoT system
- example / Threat modeling an IoT system
- assets, identifying / Step 1 – identify the assets
- system/architecture overview, creating / Step 2 – create a system/architecture overview
- decomposing / Step 3 – decompose the IoT system
- threats, identifying / Step 4 – identify threats
- threats, documenting / Step 5 – document the threats
- threats, rating / Step 6 – rate the threats
- IoT systems
- implementing / Lessons learned and systematic approaches, Implementing IoT systems in a compliant manner
- threat modeling / Threat modeling an IoT system
- IoT systems and compliance
- challenges / IoT compliance
- IOx architecture
- fog nodes / Cisco Fog Computing
- host OS / Cisco Fog Computing
- fog director / Cisco Fog Computing
- ITU-T Y.2060
- Device / The things in the IoT
- Thing / The things in the IoT
J
- Jabber Instant Messaging (IM)
- about / XMPP
K
- key encryption key (KEK)
- about / Key establishment
- key encryption keys (KEK)
- about / Symmetric keys
- key management infrastructure (KMI)
- key management interoperability protocol (KMIP)
L
- leaf node
- about / Building an attack tree
- Let's Encrypt
- URL / Account updates
- location obscurer proxy (LOP) / Privacy impacts on IoT security systems
- logical access control systems (LACS)
- Low Rate Wireless Personal Area Networks (LRWPAN)
- about / Network protocols
M
- managed security service providers (MSSPs)
- about / Security monitoring
- management information bases (MIBs)
- about / Automated search for flaws
- master service agreement (MSA) / Focusing on the IoT device in operation
- media access control (MAC) / Metadata can leak private information also
- Medium Access Control (MAC)
- about / Data link and physical protocols
- message authentication code (MAC)
- about / Install/update sensors
- Message authentication code (MAC)
- Message authentication codes (MACs)
- about / Symmetric keys
- message queuing telemetry transport (MQTT)
- about / IoT communications
- messaging protocols
- microcontrollers (MCUs) / IoT device hardware
- Microsoft Azure IoT suite
- reference link / Microsoft Azure IoT suite
- Microsoft Security Development Lifecycle (SDL)
- Milagro
- reference link / New distributed trust models for the cloud
- Move to 5G connectivity
- reference link / The move to 5G connectivity
- MQTT
- URL / Messaging protocols
- reference link / MQTT and REST interfaces
- MQTT For Sensor Networks (MQTT-SN)
N
- National Security Agency (NSA)
- about / Cryptographic module principles
- National Vulnerability Database (NVD)
- near-field communications (NFC)
- about / Bluetooth-LE
- Near Field Communication (NFC) transponder / Selecting an MCU
- network and security integration
- about / Network and security integration
- examining, for WSNs / Examining network and security integration for WSNs
- examining, for connected cars / Examining network and security integration for connected cars
- updates to network and security infrastructures, planning / Planning for updates to existing network and security infrastructures
- provisioning mechanisms, planning for / Planning for provisioning mechanisms
- security systems, integrating with / Integrating with security systems
- IoT and data buses / IoT and data buses
- network function virtualization (NFV)
- about / The IoT, network, and cloud
- network protocols
- references / Network protocols
- network time protocol (NTP) / Analyzing the compromised system
- Nexus
- NIST Risk Management Framework (RMF / Compliance
- NIST Risk Management Framework (RMF)
- NIST SP 800-131A
- NIST Special Publication 800-90B
- URL / Random number generation
- non-deterministic random number generator (NDRNG)
- about / Random number generation
O
- OAuth 2.0
- on-board equipment (OBE)
- about / IEEE 1609.2
- On-demand computing (ODC) / On-demand computing and the IoT (dynamic compute resources)
- online certificate status protocol (OCSP)
- about / OCSP
- Online Certificate Status Protocol (OCSP)
- about / Manage keys and certificates
- onward transfer / Information sharing
- OpenDNS report
- OpenID Connect (OIDC) / Amazon AWS IAM
- OpenSSL Heartbleed
- reference / Cryptographic security APIs
- operations and maintenance, IoT system lifecycle
- about / Operations and maintenance
- identities, managing / Managing identities, roles, and attributes
- roles, managing / Managing identities, roles, and attributes
- attributes, managing / Managing identities, roles, and attributes
- identity relationship management and context / Identity relationship management and context
- security monitoring / Security monitoring
- penetration testing / Penetration testing
- compliance monitoring / Compliance monitoring
- configuration management / Asset and configuration management
- asset management / Asset and configuration management
- incident management / Incident management
- forensics / Forensics
- Original Design Manufacturers (ODM)
- about / IoT device implementation
- Original Equipment Manufacturer (OEM)
- about / IoT device implementation
P
- Passive Vulnerability Scanner (PVS)
- about / Automated search for flaws
- Password-based key derivation (PBKDF)
- about / Key derivation
- pay-per-use (PPU)
- payment card industry (PCI) / Compliance
- about / IoT compliance
- Payment Card Industry (PCI) Data Security Standard (DSS) / PCI DSS
- PCI Data Security Standards (DSS) / Compliance
- PCI Security Standards Council
- URL / PCI DSS
- penetration testing
- about / Penetration testing
- red teams / Red and blue teams
- blue teams / Red and blue teams
- hardware security, evaluating / Evaluating hardware security
- airwaves / The airwaves
- IoT penetration test tools / IoT penetration test tools
- perfect forward secrecy (PFS)
- personally identifiable information (PII) / Characterizing collected information
- Physical (PHY)
- about / Data link and physical protocols
- physical access control systems (PACS)
- PIN Transaction Services (PTS) / Compliance
- PKI, for IoT
- PKI primer / PKI primer
- trust stores / Trust stores
- PKI architecture / PKI architecture for privacy
- revocation support / Revocation support
- point of contact (PoC) / IoT incident response team composition
- Power Line Communications (PLC)
- about / Power Line Communications
- pre-master secret (PMS)
- about / Asymmetric encryption, Ciphersuites
- privacy by design (PbD) principles
- about / PbD principles
- privacy embedded, into design / Privacy embedded into design
- positive-sum principle / Positive-sum, not zero-sum
- zero-sum privacy approach / Positive-sum, not zero-sum
- end-to-end security / End-to-end security
- visibility and transparency / Visibility and transparency
- user privacy, respecting / Respect for user privacy
- privacy challenges, IoT
- about / Privacy challenges introduced by the IoT
- complex sharing environment / A complex sharing environment
- reference link / Metadata can leak private information also
- private information leakage, by metadata / Metadata can leak private information also
- privacy approaches, for credentials / New privacy approaches for credentials
- privacy impacts / Privacy impacts on IoT security systems
- surveillance, methods / New methods of surveillance
- privacy engineering
- recommendations / Privacy engineering recommendations
- privacy throughout organization / Privacy throughout the organization
- professionals / Privacy engineering professionals
- activities / Privacy engineering activities
- privacy protected information (PPI) / Privacy impact assessment
- processes and agreements, security
- about / Processes and agreements
- secure acquisition process / Secure acquisition process
- secure update process / Secure update process
- service level agreements, establishing / Establish SLAs
- privacy agreements, establishing / Establish privacy agreements
- new liabilities and guard, against risk exposure / Consider new liabilities and guard against risk exposure
- IoT physical security plan, establishing / Establish an IoT physical security plan
- programmable logic controllers (PLCs) / Incident management, Real-time monitoring
- protocol data unit (PDU)
- about / Bluetooth-LE
- Public Key Infrastructure (PKI)
- about / The IoT in the enterprise
- public key infrastructure (PKI) certificates
- about / Authentication/authorization
Q
- Quality of Service (QoS)
- about / DDS
R
- radio frequency (RF)
- random number generation
- defining / Random number generation
- Ravello
- URL / Testing
- Ravello Systems
- reference link / Containers for deployment support
- read-only memory (ROM)
- about / Secure bootstrap
- Read Only Memory (ROM)
- about / The hardware
- real-time operating system (RTOS) / IoT device configurations
- real-time protocols (RTP)
- about / Ciphersuites
- real time operating systems (RTOS)
- about / Operating systems
- registration authority (RA) / Privacy impacts on IoT security systems
- remote procedure calls (RPCs) / Secure gateway and network configurations
- remote terminal units (RTUs) / Real-time monitoring
- representational state transfer (REST)
- about / IoT communications
- reserved MQTT
- reference link / AWS IoT
- return-on-investment (ROI)
- about / Vulnerability
- revocation support
- about / Revocation support
- OCSP / OCSP
- OCSP stapling / OCSP stapling
- SSL pinning / SSL pinning
- risk
- defining / Risks
- road side equipment (RSE)
- about / Biometrics
- roadside equipment (RSE) / Safety impact assessment, Examining network and security integration for connected cars
- roadside units (RSU)
- about / PKI architecture for privacy
- RSA (Rivest, Shamir, Adelman)
- about / Asymmetric encryption
S
- safety
- defining / The classic pillars of information assurance
- safety and security design
- about / Safety and security design
- threat modeling / Threat modeling
- privacy impact assessment (PIA) / Privacy impact assessment
- safety impact assessment / Safety impact assessment
- compliance / Compliance
- security system integration / Security system integration
- Samsung SmartThings hub
- URL / IoT communications
- secure bootstrap
- about / Security system integration
- secure configurations
- about / Secure configurations
- IoT device configurations / IoT device configurations
- secure gateway and network configurations / Secure gateway and network configurations
- secure design, IoT devices
- about / Secure design
- safety and security design / Safety and security design
- processes and agreements / Processes and agreements
- technology selection / Technology selection – security products and services
- secure IoT system implementation lifecycle
- about / The secure IoT system implementation lifecycle
- implementation and integration / Implementation and integration
- operations and maintenance / Operations and maintenance
- disposal phase / Dispose
- secure sockets layer (SSL)
- about / Authentication/authorization
- secure sockets layer (SSL) certificates
- about / Manage keys and certificates
- SecurITree tool
- defining / Building an attack tree
- security
- building, into design and development / Building security in to design and development
- in agile developments / Security in agile developments
- security-as-a-service (SECaaS) / New distributed trust models for the cloud
- security credential management system (SCMS) / Privacy impacts on IoT security systems
- Security Credential Management System (SCMS)
- security incident and event manager (SIEM) / Implementing IoT systems in a compliant manner
- security information event management (SIEM) systems / Detection and analysis
- security information event management (SIEM) tool
- about / Security monitoring
- security monitoring
- about / Security monitoring
- security system integration
- about / Security system integration
- accounts and credentials / Accounts and credentials
- patching and updates / Patching and updates
- audit and monitoring / Audit and monitoring
- security training
- about / Security training
- security awareness training, for users / Security awareness training for users
- security administration training, for IoT / Security administration training for the IoT
- seeds
- about / Random number generation
- self-driving vehicle (SDV) / Consider new liabilities and guard against risk exposure
- about / Security monitoring
- service level agreement (SLA) / Privacy impact assessment
- service level agreements (SLA) / Information sharing
- service oriented architecture (SOA) / Microservices
- short-term key (STK)
- about / Bluetooth-LE
- signal phase and timing (SPaT) / New privacy approaches for credentials
- signature verification
- about / Digital signatures
- simple network management protocol (SNMP)
- about / Automated search for flaws
- Simple Storage Service (S3) / AWS IoT
- smart grid
- about / Energy industry and smart grid
- smart meter
- about / Energy industry and smart grid
- software defined networking (SDN)
- about / The IoT, network, and cloud
- software defined networks (SDN)
- about / Edge
- software development kits (SDKs)
- about / Xively
- SP800-90B
- URL / Random number generation
- Special Publications (SP) / Compliance
- Supervisory Acquisition and Data Control (SCADA) systems / Consider new liabilities and guard against risk exposure
- Supervisory Control and Data Acquisition (SCADA)
- symmetric (MACs) / Symmetric (MACs)
- symmetric encryption
- defining / Symmetric encryption
- block chaining modes / Block chaining modes
- counter modes / Counter modes
- symmetric key establishment (SKKE)
- about / ZigBee
- system-of-systems
- about / The IoT in the enterprise
- system on chip (SoC)
- about / Selecting an MCU
- considerations / Selecting an MCU
- system security plans (SSPs) / Policies, procedures, and documentation
T
- technology selection
- about / Technology selection – security products and services
- IoT device hardware / IoT device hardware
- MCU, selecting / Selecting an MCU
- real-time operating system (RTOS), selecting / Selecting a real-time operating system (RTOS)
- IoT relationship platforms / IoT relationship platforms
- cryptographic security APIs / Cryptographic security APIs
- authentication / Authentication/authorization
- authorization / Authentication/authorization
- Fog Computing / Edge
- security monitoring / Security monitoring
- Texas Instruments (TI)
- about / The hardware
- thing shadows
- about / The things in the IoT
- ThingWorx
- about / ThingWorx
- threat-sharing platforms
- examples / Analyzing the compromised system
- threats
- defining / Threats
- threats, vulnerability and risks (TVR)
- Threats/attacks
- defining / Threats/attacks
- references / Threats/attacks
- Transmission Control Protocol (TCP)
- about / Transport protocols
- transport layer security (TLS)
- about / Ciphersuites, Passwords
- trust center link keys (TCLK)
- about / ZigBee
- trusted platform modules (TPMs)
- about / Trust stores
U
- Uniform Resource Indicators (URIs)
- about / CoAP
- uniform resource indicators (URIs)
- about / OAuth 2.0
- unique identifier (UUID)
- universal serial bus (USB) ports / Establish an IoT physical security plan
- University of San Diego, California (UCSD)
- about / Today's IoT attacks
- Unmanned Aerial Systems (UAS)
- about / The IoT in the enterprise
- unmanned aircraft systems (UAS)
- about / The things in the IoT
- unmanned air system (UAS)
- about / Building an attack tree
- US Dept. of Transportation (USDOT)
- about / IEEE 1609.2
- User Datagram Protocol (UDP)
- about / Transport protocols
V
- vehicle-to-infrastructure (V2I)
- about / IEEE 1609.2
- Vehicle-to-Vehicle (V2V)
- vehicle-to-vehicle (V2V) communications
- about / Manage keys and certificates
- vulnerability
- defining / Vulnerability
W
- White box
- assessments / White box assessments
- Windows Server Update Services (WSUS) / Containment, eradication, and recovery
- wireless sensor network (WSN)
- about / CoAP
- wireless sensor networks (WSN)
- about / MQTT
- WSNs (wireless sensor networks)
- about / Install/update sensors
X
Z
- zero-sum approach
- reference link / Positive-sum, not zero-sum
- zeroization
- about / Key zeroization
- ZigBee
- ZigBee-based IoT network online
- reference / IoT device configurations
- ZigBeeAlliance09 / IoT device configurations
- ZigBee Home Automation Public Application Profile (HAPAP) / IoT device configurations
- ZigBee Light Link Profile (ZLL) / IoT device configurations
- ZWave
- references / ZWave