国际云安全联盟CSA发布物联网安全指南 为物联网设备的安全部署提供建议

云安全联盟 (CSA) 公布了一份物联网安全指南，《 Future-proofing the Connected World: 13 Steps to Developing Secure IoT Products》，旨在帮助物联网相关的产品和服务的设计师和开发人员，了解整个开发过程必须纳入的基本安全措施。

报告中提到：

物联网推动了消费、 商业、工业生产过程和实践的转变。在2015 年，市场中出现了许多类型的物联网产品，我们进行了一些真实的研究，结果表明对物联网安全的担忧是真实存在的。基于这些研究，我们了解到物联网产品的安全（并非只是做好自身的安全），而存在更高层次的需求，这些需求包括：

• 需要保护消费者隐私并限制PII及PHI信息的扩散
• 需要保护商业数据并限制敏感信息泄露
• 需要防止物联网产品被用于DDoS攻击
• 需要提防这些产品的折中安全方案所带来的损失和伤害

CSA物联网安全指南 的主要内容

1. 探讨物联网设备的安全挑战
2. CSA物联网工作组进行的一份调查报告分析
3. 探讨物联网部署平台的安全问题
4. 物联网设备的分类及趋势
5. 安全设备的建议及部署流程
6. 给安全工程师一份检查表单，便于遵从于部署流程
7. 一套物联网产品案例及其所面临的威胁

这里将指南的目录主要内容摘录如下

1.The Need for IoT Security

• IoT Products Can Compromise Privacy
• IoT products can lend their computing power to launch DDoS Attacks
• Medical Devices and Medical Standard Protocols are Vulnerable to Attack
• Drones Are Approaching Mainstream Status and Being Used as a Platform
• for Reconnaissance
• Critical national infrastructure can rely on the IoT ecosystem
• Cars are becoming connected and autonomous
• Moving Forward

2.Why Development Organizations Should Care About Securing IoT Products

• IoT Device Security Challenges
• IoT products may be deployed in insecure or physically exposed environments
• Security is new to many manufacturers and there is limited security
• planning in development methodologies
• Security is not a business driver and there is limited security sponsorship
• and management support in development of IoT products
• There is a lack of defined standards and reference architecture for secure IoT development
• There are difficulties recruiting and retaining requisite skills for IoT
• development teams including architects, secure software engineers, hardware security
• engineers, and security testing staff
• The low price point increases the potential adversary pool
• Resource constraints in embedded systems limit security options

3.IoT Security Survey

Guidance for Secure IoT Development

• 1. Start with a Secure Development Methodology
• Security Requirements
• Security Processes
• Perform Safety Impact Assessment
• Perform Threat Modeling
• 2. Implement a Secure Development and Integration Environment
• Evaluate Programming Languages
• OWASP Python Security Project Link
• Integrated Development Environments
• Continuous Integration Plugins
• Testing and Code Quality Processes
• 3. Identify Framework and Platform Security Features
• Selecting an Integration Framework
• Evaluate Platform Security Features
• 4. Establish Privacy Protections
• Design IoT devices, services and systems to collect only the minimum amount
• of data necessary
• Analyze device use cases to support compliance mandates as necessary
• Design opt-in requirements for IoT device, service and system features
• Implement Technical Privacy Protections
• Privacy-enhanced Discovery Features | Rotating Certificates
• 5. Design in Hardware-based Security Controls
• The MicroController (MCU)
• Trusted Platform Modules
• Use of Memory Protection Units (MPUs)
• Incorporate Physically Unclonable Functions
• Use of specialized security chips / coprocessors
• Use of cryptographic modules
• Device Physical Protections
• Tamper Protections
• Guard the Supply Chain
• Self-Tests
• Secure Physical Interfaces
• 6. Protect Data
• Security Considerations for Selecting IoT Communication Protocols
• 7. Secure Associated Applications and Services
• 8. Protect Logical Interfaces / APIs
• Implement Certificate Pinning Support
• 9. Provide a Secure Update Capability
• 10. Implement Authentication, Authorization and Access Control Features
• Using Certificates for Authentication
• Consider Biometrics for Authentication
• Consider Certificate-Less Authenticated Encryption (CLAE)
• OAuth 2.0
• User Managed Access (UMA)
• 12. Establish a Secure Key Management Capability
• Design Secure Bootstrap Functions
• 12. Provide Logging Mechanisms
• 13. Perform Security Reviews (Internal and External)