Business with internet
RaghavaKrishna
ECS6700Wk2PP.pptxFundamentals of Information Systems Security
Lesson 2
The Internet of Things
Is Changing How We Live
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
1
Learning Objective(s)
Explain information systems security and its effect on people and businesses.
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Key Concepts
The evolution of the Internet of Things (IoT) from the late 1990s to present
The impact that the Internet and IoT have on human and business life
How bricks-and-mortar businesses transform into e-business models with e-commerce and an IoT strategy
How IP mobility is driving IoT to include both personal and business environments
New challenges created by IoT
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
The Internet of Things Is Changing How We Live
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Social Media
Facebook®
Mediums
VoIP
Twitter®
LinkedIn®
Pinterest®
Google+®
Instagram®
IM chat
Audio conference
Video conference
Collaboration
Digital Media
Drivers for Internet of Things (IoT)
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
9/3/2019
(c) ITT Educational Services, Inc.
5
IP-based networking
Connectivity
Smaller and faster computing
Cloud computing
Data analytics
Evolution of IoT
Internet service providers (ISPs)
Radio frequency identification (RFID)
Application service providers (ASPs)
Software as a Service (SaaS)
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
How the Internet and TCP/IP Transform Our Lives
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
The transition to a Transmission Control Protocol/Internet Protocol (TCP/IP) world changed our way of life.
People, families, businesses, educators, and government all communicate differently than they did before.
Nearly everyone has easy access to the Internet.
9/3/2019
(c) ITT Educational Services, Inc.
7
IoT’s Impact on Human and Business Life
The Internet has changed our day-to-day lives
Personally
Socially
Professionally
Use the Internet to:
Check weather, news, and social media sites at home
Check business emails at work
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Store-and-Forward vs. Real-Time Communications
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
9/3/2019
(c) ITT Educational Services, Inc.
9
Real-time
Occurs instantaneously
Store-and-forward
Acceptable delay in transmitting communication
IoT’s Impact on Humans
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Health monitoring and updating
Home security and smart home control systems
Online family member calendars
Near real-time tracking and monitoring via GPS
Online banking, bill paying, and financial transactions
Online e-commerce purchases
IoT’s Impact on Business
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Retail stores
Remote sensors
Traffic-monitoring applications
B2C service delivery model
“Anything as a Service” IoT applications
Virtual workplace
Evolution from Bricks and Mortar to E-Commerce
E-commerce
Sale of goods and services on the Internet
Business-to-consumer (B2C)
Customers purchase goods and services directly from their website
Business-to-business (B2B)
Businesses conduct sales with other businesses
Payment Card Industry Data Security Standard (PCI DSS)
Protects private customer data
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Evolution from Bricks and Mortar to E-Commerce (cont.)
Internet business challenges:
Growing the business through the Internet
Changing an existing conventional business into an e-business
Building secure and highly available websites and e-commerce portals
Building a web-enabled customer-service strategy
Finding new customers with Internet marketing
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
E-business Strategy Elements
E-commerce solution
Internet marketing strategy
E-customer service-delivery strategy
Payment and credit card transaction processing
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Why Businesses Must Have an Internet and IoT Marketing Strategy
Must remain competitive
Bricks-and-mortar business model out of date in global market
Customers require continuous access to information, products, and services
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
But, Internet presence exposes organizations to online risks, threats, and vulnerabilities.
9/3/2019
(c) ITT Educational Services, Inc.
15
IP Mobility
Personal communication devices and mobile phones are powerful
Cell phones are used to extend mobility
Mobile phones, smartphones, and PDAs match the power and flexibility of small computers
Tablets, smartphones, and netbooks fill need for lightweight portable devices
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Mobile Users and Bring Your Own Device (BYOD)
Employees and contractors use their own personal devices to connect to network at office
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Issues with Mobile Computing
Network
Usability
Security
Mobile Applications
Limited web browsers can’t run some traditional applications
Bad interface design causes application failure on mobile devices
Many users from multiple domains found uses for mobile applications
Medical applications were a good fit for mobile applications
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Mobile Applications (cont.)
4G networks provide true IP communications
Mobile IP enables users to:
Move between LAN segments and stay connected without interruption
Maintain a connection to the network as long as the mobile device stays within network coverage
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
IP Mobile Communications
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Mobile IP provides connection transparency for several entities working together to ensure that mobile devices can move from one network to another without dropping connections:
Mobile node (MN): The mobile device that moves from one network to another. The MN has a fixed IP address regardless of the current network.
Home agent (HA): A router with additional capabilities over standard routers, the HA keeps track of the MNs it manages. When an MN leaves the local network, the HA
forwards packets to the MN’s current network.
Foreign agent (FA): A router with additional capabilities connected to another network (not the HA network), the FA assigns the MN a local address. When the MN connects to another network that supports Mobile IP, it announces itself to the FA.
Care of address (COA): The local address for the MN when it connects to another network, the FA assigns the COA to the MN and sends it to the HA when the MN connects. In many cases, the COA is actually the FA address. The HA forwards any packets for the MN to the COA. The FA receives the packets and forwards them to the MN.
Correspondent node (CN): This is the node that wants to communicate with the MN.
9/3/2019
20
Mobile Node (MN)
Home Agent (HA)
Foreign Agent (FA)
Care of Address (COA)
Correspondent Node (CN)
IP Mobile Communications (cont.)
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
IP Mobile Communications (cont.)
Mobile node (MN) connects to foreign agent (FA).
FA assigns care of address (COA) to MN.
FA sends COA to home agent (HA).
Correspondent node (CN) sends message to MN.
CN’s message for MN goes first to HA.
HA forwards message to COA.
FA forwards message to MN.
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
New Challenges Created by the IoT
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Security: How do you keep the bad guys out if you enable the IoT for your personal and professional life?
Privacy: How do you protect your family’s identity and privacy data from theft or unauthorized access that can lead to identity theft?
Interoperability and standards: How well do IoT manufacturers and ASP developers ensure that devices communicate securely?
Legal and regulatory compliance: What role do the international, federal, and state levels contribute toward legal, tax, and regulatory requirements regarding IoT-related business transactions that involve payment for goods and services?
E-commerce and economic development issues: What are the economic rules of engagement for conducting business on the World Wide Web? How is IoT connectivity
and information sharing to be deployed globally?
9/3/2019
(c) ITT Educational Services, Inc.
23
Security
Privacy
Interoperability
Legal and regulatory compliance
E-commerce and economic dev issues
Security Challenges of IT Devices
Deployed in large quantities (such as sensors or consumer items)
Ubiquitous and can have wide reach into the user or household population
Not maintained or updated devices allow vulnerabilities
Upgrades can be difficult to distribute and deploy
No owner visibility of how the device connects to the Internet
Not physically secure
Capture readings and measurements in the open
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Privacy Challenges
Privacy policy statement
Definition of data, metadata, or analytical data use and rights
Ability for a user to provide consent to a manufacturer’s or application service provider’s privacy policy statement
Determine the domain of privacy
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Interoperability and Standards
Internet Engineering Task Force (IETF) ensures interoperability and standards can be pursued for IoT solutions
Interoperability has significant financial impacts if not properly addressed
Goal is to bring the cost of IoT devices and supporting applications down so they are affordable
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Interoperability and Standards Challenges
Some manufacturers want to design and deploy proprietary IoT devices and solutions
Cost factors to implement functional, operational, technical, and security capabilities into IoT devices and applications
Time-to-market risk
Technology outdated risk
A void in interoperability and standards for IoT devices can create an environment of bad IoT devices
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Legal and Regulatory Issues
Proper handling and protection of sensitive data
Privacy data subject to privacy laws of state you live in as well as state that the IoT hosting company resides in
IoT vendor or solutions provider required to adhere to security control requirements and data protection laws
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Legal and Regulatory IoT Questions
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Who is collecting data?
Who is collecting behavior patterns?
Are they selling this data?
Do they have the right to sell it?
Is there liability associated with the data?
E-Commerce and Economic Development Issues
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
IoT technology has a significant impact on developing economies.
Infrastructure resources: Foundational to the deployment of the IoT, a communication infrastructure and broadband Internet network are needed within that country. This is the foundation for IoT device connectivity and communications in a global marketplace.
Foundational investments: Countries seeking to invest in critical infrastructures may be able to leapfrog past other countries that are struggling with regulatory and legal issues in regard to accelerating deployments.
Technical and industry development: New skills are needed to bring new technologies and economic solutions to bear using the Internet and the IoT as a key economic driver. As IoT technology and industry interoperability and standards mature, so will IoT device deployment and user and business adoption.
Policy and regulatory definitions: Countries and emerging economies are positioned to create and implement policies and regulations to help ensure that security and privacy become part of the deployment.
9/3/2019
(c) ITT Educational Services, Inc.
30
Infrastructure resources
Foundational investments
Technical and industry development
Policy and regulatory definitions
Summary
The evolution of the Internet of Things (IoT) from the late 1990s to present
The impact that the Internet and IoT have on human and business life
How bricks-and-mortar businesses transform into e-business models with e-commerce and an IoT strategy
How IP mobility is driving IoT to include both personal and business environments
New challenges created by IoT
Page ‹#›
Fundamentals of Information Systems Security
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
