IoT security issues cannot be ignored Security issues facing the Internet of Things According to the characteristics of the Internet of Things itself, in addition to facing the traditional network security problems of mobile communication networks, the Internet of Things also has some special security problems that are different from the existing mobile network security. This is due to the fact that the Internet of Things is composed of a large number of machines, lacks effective monitoring of equipment by humans, and is caused by the large number of equipment clusters and other related features. These special security issues mainly include the following aspects. Local security issues of IoT machine / aware nodes. Because the application of the Internet of Things can replace people to complete some complex, dangerous and mechanical work. Therefore, most IoT machine / aware nodes are deployed in unsupervised scenarios. Then an attacker can easily access these devices, causing damage to them, and even replacing the hardware and software of the machine through local operations. Aware of network transmission and information security issues. Sensing nodes usually have simple functions (such as automatic thermometers) and low carrying energy (using batteries), so that they cannot have complex security protection capabilities, and sensing networks are diverse, from temperature measurement to hydrological monitoring, from road navigation to automatic Control, their data transmission and messages do not have specific standards, so they cannot provide a unified security protection system. Core network transmission and information security issues. The core network has relatively complete security protection capabilities, but due to the large number of nodes in the Internet of Things and the existence of clusters, it will lead to a denial of service attack due to network congestion due to data transmission from a large number of machines during data propagation. In addition, the security architecture of existing communication networks is designed from the perspective of human communication and is not suitable for machine communication. Using existing security mechanisms will break the logical relationship between IoT machines. Security issues of IoT business. Since IoT devices may be deployed before connecting to the network, and IoT nodes are unattended, how to configure remote contract information and business information for IoT devices becomes a problem. In addition, the huge and diverse IoT platform will inevitably require a strong and unified security management platform, otherwise the independent platform will be overwhelmed by various IoT applications, but in this way, how to log the IoT machines Management of such security information has become a new problem, and may split the trust relationship between the network and the business platform, resulting in a new round of security problems. Security Technology Analysis of Internet of Things In a traditional network, the security of the network layer and the security of the business layer are independent of each other, just as the communication between leaders is different from that between secretaries. A large part of the special security issues of the Internet of Things is due to the integration of the perception network and application platform on the basis of the existing mobile network, that is to say, the leader and the secretary have become one. Therefore, most of the mechanisms in the mobile network can still be applied to the Internet of Things and can provide certain security, such as authentication mechanisms and encryption mechanisms. However, the security mechanism needs to be adjusted and supplemented according to the characteristics of the Internet of Things. 1. Business authentication mechanism in the Internet of Things Traditional authentication distinguishes between different layers. Network layer authentication is responsible for network layer identity authentication, and business layer authentication is responsible for business layer identity authentication. Both exist independently. But in the Internet of Things, in most cases, the machine has a special purpose, so its business applications and network communication are tightly tied together. Since authentication at the network layer is indispensable, the authentication mechanism at the business layer is no longer necessary, but can be designed according to who provides the service and the security sensitivity of the service. For example, when the Internet of Things services are provided by the operator, you can make full use of the results of the network layer authentication without the need for business layer authentication; when the Internet of Things services are provided by a third party, you cannot obtain the password from the network operator Key and other security parameters, it can initiate independent business authentication without considering the authentication of the network layer; or when the business is a sensitive business such as financial services, general service providers will not trust the security level of the network layer, and use more High-level security protection, then you need to do business layer authentication; and when the business is a common business, such as temperature collection services, etc., the service provider believes that network authentication is sufficient, then no longer need business layer authentication. 2. Encryption mechanism in the Internet of Things The traditional network layer encryption mechanism is hop-by-hop encryption, that is, the information is encrypted during transmission, but it needs to be continuously decrypted and encrypted on each passing node, that is, on each node. Plaintext. The traditional business layer encryption mechanism is end-to-end, that is, the information is only in plain text at the sending end and the receiving end, and is cipher text in the transmission process and the forwarding node. Due to the close integration of network connection and business use in the Internet of Things, you are faced with the choice of whether to use hop-by-hop encryption or end-to-end encryption. For hop-by-hop encryption, it can only encrypt links that are necessary to be protected, and because hop-by-hop encryption is performed at the network layer, it can be applied to all services, that is, different services can be on a unified IoT business platform Implement security management so that the security mechanism is transparent to the business. This ensures the low latency, high efficiency, low cost and good scalability of hop-by-hop encryption. However, because hop-by-hop encryption requires data to be decrypted on each transmission node, each node may interpret the plain text of the encrypted message. Therefore, hop-by-hop encryption requires high trustworthiness of each transmission node in the transmission path. As for the end-to-end encryption method, it can choose different security strategies according to the type of business, thereby providing a high level of protection for services with high security requirements. However, end-to-end encryption cannot protect the destination address of the message, because each node that the message passes through must use this destination address to determine how to transmit the message. This leads to the end-to-end encryption method can not cover the source and end of the transmitted message, and is vulnerable to malicious attacks launched by the analysis of communication services. In addition, from the perspective of national policy, end-to-end encryption cannot meet the needs of the national lawful interception policy. 4.2Mm Ribbon Connector,Strip Connectors,Strip Terminal,Strip Connector YUEQING WEIMAI ELECTRONICS CO.,LTD , https://www.weimaicarconn.com