Three Layer Security (3LS) for IoT

 

The concept of Internet of Things (IoT) is not new, it is just a name for something that electrical engineers and IT guys have been doing for years. All what is new is more wireless devices and more different types of protocols for wireless communication, such as Wi-Fi, Bluetooth, Cellular 3G / 4G (LTE) / 5G, Zigbee, Z-Wave, RFID, LTE-M, EC GSM, NB-IoT, MIOTY, LoRa en SigFox. But yes, IoT is currently very attractive, because millions of IoT devices are already in use in the world and in the coming years it will only get more. You can find it in your thermostat, lighting, wireless switches, roller shutters / blinds, refrigerator, washing machine, coffee maker, etc. All these devices can be connected to each other in a wireless network, hence the name IoT. And all these devices can be controlled by one device, your mobile phone.

 

What about security?

Well, that's a big problem right now. When you watch the news, you increasingly see and hear that the IoT devices are not well protected. 80% of the companies that design the IoT devices have a lack of good staff who can achieve security for IoT devices. Even if they have skilled staff, time and money would be the factor that stops them from building security on their devices. Because selling now is better than try to fix it in the future afterwards. But the truth is, that IoT devices cannot be restored in the future if security is not taken seriously in the design from the beginning. Why? If the hardware is not selected correctly and the chosen hardware is not suitable for security, it is impossible to correct this with a firmware update. And if a remote firmware update is not built into the initial design, it is completely impossible to add a security layer to the device.

 

Three Layer Security (3LS) is the solution

That is why Qubidia has devised an innovative design for this problem, namely the Three Layer Security or simply 3LS.

Two of these three layers are known and have been used for years. The added secure layer is fairly new in the IoT business. And that is the physical level protection that protects you against data theft if your device is stolen. Later in this article you can read more about it. Qubidia has taken this security very seriously and has spent years of research and development to realize this. It was very risky and not knowing whether it is possible at all. And now that it's done, the Three Layer Security is implemented as a base layer for all devices.

 

 

 

 

How is it secured?

 

Security Layer 1

protect your device against data theft

The first layer is the base layer and this includes protection at the physical level. It can be compared to a house without doors and windows, completely closed and nobody can enter or leave. To realize this, Qubidia use encryption to secure the operating system and data. If your device is stolen, this security layer will prevent the thief from accessing your data. Qubidia therefore always recommends to make a backup of your data. Because this protection has been implemented in such a way that even the maker of the device cannot access it.

 

Security Layer 2

protect your device against eavesdropping

But, in order to be able to access your data, at least one port must be open. And that's why a firewall is used, to ensures that only the required ports are opened and all others are kept closed. The firewall can be compared to a house with one or more doors. Due to the firewall, the device can only be accessed via a browser on your laptop and by entering the IP address in the browser you have access to the software of the device. The device can also be accessed via an app on your mobile phone or tablet. The app automatically searches for the IP address, so you don't have to do anything. Useful to know is that you can find the IP address with the corresponding device name in your router in your overviews of all your connected devices. The device use the http or https port and two other ports for the Portal software. This means that these ports must be opened to work properly. We recommend that you always use https, as it is encrypted. The mobile apps always use https and thus protects the user against eavesdropping by unauthorized persons.

 

Security Layer 3

only you have access

The third layer is then the security layer in the portal software itself. To enter the portal, the user must log in with an e-mail address and a password. Here too Qubidia use encryption and in this case it is the One-Way Encryption. The One-Way encryption means that the password can only be encrypted. The encrypted password can therefore not be decrypted to find out what the password is. Hence the name one-way encryption. The passwords are always stored encrypted in the database and can never be exposed. During logging in, your entered password is encrypted and verified with the stored encrypted password. If these match, then access to the portal software is granted.

 

If you are going to compare these three layers with a house, the first layer is the concrete wall of your house, the second layer is your front door and the third layer is a lock on your front door. And with the right key you can enter your house.

 

EB Sticky Cookie Notice EN

We use cookies

We, Qubidia, use cookies on our website and we are obliged to ask for your permission. These cookies can be used in order to test the quality and effectiveness of our website and the advertisements placed thereon. However, these cookies can also be used for other purposes. Do you want to know more about the cookies we use? Then click here on Cookie Statement.

© 2020 Qubidia. All Rights Reserved.