CN106789946A - A kind of Internet of Things security evaluation method - Google Patents
A kind of Internet of Things security evaluation method Download PDFInfo
- Publication number
- CN106789946A CN106789946A CN201611079905.8A CN201611079905A CN106789946A CN 106789946 A CN106789946 A CN 106789946A CN 201611079905 A CN201611079905 A CN 201611079905A CN 106789946 A CN106789946 A CN 106789946A
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- risk
- security
- evaluation method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/147—Network analysis or design for predicting network behaviour
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of Internet of Things security evaluation method of internet of things field, the Internet of Things security evaluation method is comprised the following steps that:S1:Basic Internet of Things data are obtained by the sensing layer of Internet of Things;S2:Information interior on a large scale is integrated using the Internet of Internet of Things, in case treatment;S3:Demand for security to Internet of Things is analyzed;S4:Identify the major security threat of Internet of things system and the approach of threat and Internet of things system defect technically, leak and weak link;S5:The risk that assessment Internet of things system faces, the present invention carries out test and evaluation with the security evaluation technology and security risk assessment technology of Internet of Things to the sensing layer and Internet of Internet of Things, form the ability of Internet of Things security evaluation and risk assessment service, the ruuning situation of node can be tested in real-time collecting network and be recorded and analyzed, it is logical to the extensive fortune of Internet of Things to build safety curtain.
Description
Technical field
The present invention relates to internet of things field, specially a kind of Internet of Things security evaluation method.
Background technology
Internet of Things is the third wave of Informatization Development after computer, internet development.Internet of Things refers to pass through
Information sensing device, according to the agreement of agreement, couples together article with disparate networks, enters row information and exchanges and communicate, with reality
A kind of network of existing Weigh sensor, positioning, tracking, monitoring and management.Internet of Things will realize that thing is extensive with thing, people and thing
" networking ", the life daily with people of the Internet of things era network will be closer.
Internet of Things is used as a developing emerging network technology, many new security challenge that it faces.At present we
For Internet of Things information security cognition also in the exploratory stage, security assurance information measure is perfect not enough, strengthen Internet of Things
The research of Networks and information security relevant issues is particularly significant and urgent, and the healthy and safe development of Internet of Things industry is also urgent
The support of safety product, security service is needed, therefore, come into operation we have proposed a kind of Internet of Things security evaluation method, with
Solve the above problems.
The content of the invention
It is an object of the invention to provide a kind of Internet of Things security evaluation method, to solve what is proposed in above-mentioned background technology
We are for the cognition of Internet of Things information security also in the exploratory stage at present, and security assurance information measure is perfect not enough, plus
The research of strong Internet of Things Networks and information security relevant issues is particularly significant and urgent, the healthy and safe hair of Internet of Things industry
Exhibition is also in the urgent need to safety product, the problem of the support of security service.
To achieve the above object, the present invention provides following technical scheme:A kind of Internet of Things security evaluation method, the Internet of Things
Net security evaluation method is comprised the following steps that:
S1:By the sensing layer of Internet of Things using video identification, infrared induction, camera, intelligent wireless terminal and all kinds of
The means of sensor, to destination object real-time perception, obtain basic Internet of Things data;
S2:The information for being collected sensing layer using the Internet of Internet of Things is collected by the various networks such as access network
And transmission, information interior on a large scale is integrated, in case treatment;
S3:Demand for security to Internet of Things is analyzed, and identifies Internet of things system according to the result of network analysis
Critical asset;
S4:Identify the major security threat of Internet of things system and the approach of threat with mode and Internet of things system in technology
On defect, leak and weak link;
S5:The influence that is likely to result in Internet of things system of analysis security incident and comprehensive Internet of Things Key Asset, threaten because
Element, fragility and control measure, the influence of comprehensive safety event, the risk that assessment Internet of things system faces, sector-style of going forward side by side nearly are counted
Calculate.
Preferably, in the step S1, the sensing layer of Internet of Things includes mark perception, video-aware, location aware, specialty
Field perceives, and possesses the ability of executive control system.
Preferably, in the step S2, by information transfer is end-to-end or encryption mechanism of node-to-node and it is various not
It is mutually authenticated mechanism to realize ensureing the transmitting of all kinds of perception information safety between network.
Preferably, in the step S3, in the system risk assessment of Internet of Things, the identification for carrying out assets mainly considers thing
Director's part and data.
Preferably, in the step S4, in the identification for carrying out security threat to Internet of Things, mainly assets are caused with the not phase
The main body of prestige event, including by network into the involved party of Internet of things system, by physics mode close to Internet of things system
Involved party, system problem, natural calamity and virus and malicious code are identified.
Preferably, in the step S5, during Risk Calculation, using the possibility, the fragility quilt that threaten generation
The complexity that utilizes and the three-dimensional matrice of assets value determine the size of risk, and are arranged according to risk and threaten, while
Frequency and possible influence that calculation risk occurs.
Preferably, described during risk is arranged, definition first threatens valuation system and the threat of potential influence
The appraisal yardstick of the possibility of generation, then its potential influence and possibility, Ran Houpai for each threat assessment for being recognized
Row risk class.
Preferably, by assessing frequency and the possible influence that each asset risk occurs, the risk of assets is determined, first
To assets assignment, the frequency that assessment risk occurs determines value-at-risk further according to assets and the frequency, finally calculates the every of each system
Item assets PTS, and priority level is arranged accordingly.
Compared with prior art, the beneficial effects of the invention are as follows:The present invention uses the security evaluation technology and peace of Internet of Things
Full risk assessment technology carries out test and evaluation to the sensing layer and Internet of Internet of Things, forms Internet of Things security evaluation and risk
The ability of evaluation services, the ruuning situation of node can be tested in real-time collecting network and be recorded and analyzed, to Internet of Things
Extensive fortune logical build safety curtain.
Brief description of the drawings
Fig. 1 is workflow diagram of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.It is based on
Embodiment in the present invention, it is every other that those of ordinary skill in the art are obtained under the premise of creative work is not made
Embodiment, belongs to the scope of protection of the invention.
A kind of Internet of Things security evaluation method, the Internet of Things security evaluation method is comprised the following steps that:
S1:By the sensing layer of Internet of Things using video identification, infrared induction, camera, intelligent wireless terminal and all kinds of
The means of sensor, to destination object real-time perception, obtain basic Internet of Things data, the sensing layer of Internet of Things include mark perceive,
Video-aware, location aware, professional domain are perceived, and possess the ability of executive control system;
S2:The information for being collected sensing layer using the Internet of Internet of Things is collected by the various networks such as access network
And transmission, information interior on a large scale is integrated, in case treatment, by the way that information transfer is end-to-end or encryption of node-to-node
It is mutually authenticated mechanism to realize ensureing the transmitting of all kinds of perception information safety between mechanism and various heterogeneous networks;
S3:Demand for security to Internet of Things is analyzed, and identifies Internet of things system according to the result of network analysis
Critical asset, in the system risk assessment of Internet of Things, the identification for carrying out assets mainly considers physical event and data;
S4:Identify the major security threat of Internet of things system and the approach of threat with mode and Internet of things system in technology
On defect, leak and weak link, in the identification for carrying out security threat to Internet of Things, mainly assets are caused with undesirable thing
The main body of part, including by network enter Internet of things system involved party, by physics mode close to Internet of things system behavior
People, system problem, natural calamity and virus and malicious code are identified;
S5:The influence that is likely to result in Internet of things system of analysis security incident and comprehensive Internet of Things Key Asset, threaten because
Element, fragility and control measure, the influence of comprehensive safety event, the risk that assessment Internet of things system faces, sector-style of going forward side by side nearly are counted
Calculate, during Risk Calculation, using the complexity and assets value that threaten the possibility for occurring, fragility to be utilized
Three-dimensional matrice determine the size of risk, and arranged according to risk and threatened, while the frequency that occurs of calculation risk and possible
Influence, described during risk is arranged, definition first threatens the valuation system of potential influence and threatens the possibility for occurring
Property appraisal yardstick, then then its potential influence and possibility for each threat assessment for being recognized arrange risk class,
By assessing frequency and the possible influence that each asset risk occurs, the risk of assets is determined, first to assets assignment, assessment
The frequency that risk occurs, value-at-risk is determined further according to assets and the frequency, finally calculates each assets PTS of each system, and
Priority level is arranged accordingly.
Although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with
Understanding can carry out various changes, modification, replacement to these embodiments without departing from the principles and spirit of the present invention
And modification, the scope of the present invention be defined by the appended.
Claims (8)
1. a kind of Internet of Things security evaluation method, it is characterised in that:The Internet of Things security evaluation method is comprised the following steps that:
S1:Video identification, infrared induction, camera, intelligent wireless terminal and all kinds of sensings are utilized by the sensing layer of Internet of Things
The means of device, to destination object real-time perception, obtain basic Internet of Things data;
S2:The information for being collected sensing layer using the Internet of Internet of Things is collected and is passed by the various networks such as access network
It is defeated, information interior on a large scale is integrated, in case treatment;
S3:Demand for security to Internet of Things is analyzed, and identifies the important of Internet of things system according to the result of network analysis
Assets;
S4:Identify the major security threat of Internet of things system and approach and the mode of threat and Internet of things system technically
Defect, leak and weak link;
S5:It is the influence that is likely to result in Internet of things system of analysis security incident and comprehensive Internet of Things Key Asset, deterrent, crisp
Weak property and control measure, the influence of comprehensive safety event, the risk that assessment Internet of things system faces, and carry out Risk Calculation.
2. a kind of Internet of Things security evaluation method according to claim 1, it is characterised in that:In the step S1, Internet of Things
The sensing layer of net includes that mark perception, video-aware, location aware, professional domain are perceived, and possess the energy of executive control system
Power.
3. a kind of Internet of Things security evaluation method according to claim 1, it is characterised in that:In the step S2, pass through
Information transfer is end-to-end or node-to-node encryption mechanism and various heterogeneous networks between mechanism is mutually authenticated to realize protecting
Hinder the transmitting of all kinds of perception information safety.
4. a kind of Internet of Things security evaluation method according to claim 1, it is characterised in that:In the step S3, in thing
In the system risk assessment of networking, the identification for carrying out assets mainly considers physical event and data.
5. a kind of Internet of Things security evaluation method according to claim 1, it is characterised in that:In the step S4, right
Internet of Things is carried out in the identification of security threat, and mainly assets are caused with the main body of undesirable event, including enters thing by network
The involved party of networked system, by physics mode close to the involved party of Internet of things system, system problem, natural calamity and virus and
Malicious code is identified.
6. a kind of Internet of Things security evaluation method according to claim 1, it is characterised in that:In the step S5, in wind
During danger calculates, using the three-dimensional for threatening the possibility, the complexity that fragility is utilized and assets value that occur
Matrix determines the size of risk, and is arranged according to risk and threaten, while the frequency that occurs of calculation risk and possible influence.
7. a kind of Internet of Things security evaluation method according to claim 6, it is characterised in that:The mistake in arrangement risk
Cheng Zhong, first definition threaten the valuation system of potential influence and threaten the appraisal yardstick of the possibility for occurring, then for being known
Its potential influence of other each threat assessment and possibility, then arrange risk class.
8. a kind of Internet of Things security evaluation method according to claim 6, it is characterised in that:By assessing each assets wind
Frequency and possible influence that danger occurs, determine the risk of assets, first to assets assignment, the frequency that assessment risk occurs, then
Determine value-at-risk according to assets and the frequency, finally calculate each assets PTS of each system, and arrange priority level accordingly.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611079905.8A CN106789946A (en) | 2016-11-30 | 2016-11-30 | A kind of Internet of Things security evaluation method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611079905.8A CN106789946A (en) | 2016-11-30 | 2016-11-30 | A kind of Internet of Things security evaluation method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106789946A true CN106789946A (en) | 2017-05-31 |
Family
ID=58901310
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611079905.8A Pending CN106789946A (en) | 2016-11-30 | 2016-11-30 | A kind of Internet of Things security evaluation method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106789946A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107888605A (en) * | 2017-11-27 | 2018-04-06 | 国家计算机网络与信息安全管理中心 | A kind of Internet of Things cloud platform traffic security analysis method and system |
| CN108810033A (en) * | 2018-07-25 | 2018-11-13 | 安徽三实信息技术服务有限公司 | A kind of Internet of Things safety control system and control method |
| CN108965321A (en) * | 2018-08-10 | 2018-12-07 | 重庆工程学院 | A kind of Security Architecture of Internet of Things |
| CN110458463A (en) * | 2019-08-15 | 2019-11-15 | 西南交通大学 | A kind of electric power Internet of Things safety evaluation method based on Interval Intuitionistic Fuzzy decision |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202178786U (en) * | 2011-07-20 | 2012-03-28 | 武汉爱迪智能工程有限公司 | Data sharing service system based on internet of things |
| CN104023023A (en) * | 2014-06-13 | 2014-09-03 | 乐山师范学院 | IOT security risk distributed evaluation method |
-
2016
- 2016-11-30 CN CN201611079905.8A patent/CN106789946A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202178786U (en) * | 2011-07-20 | 2012-03-28 | 武汉爱迪智能工程有限公司 | Data sharing service system based on internet of things |
| CN104023023A (en) * | 2014-06-13 | 2014-09-03 | 乐山师范学院 | IOT security risk distributed evaluation method |
Non-Patent Citations (2)
| Title |
|---|
| 李成等: "物联网风险评估和等级保护浅析", 《现代电信科技》 * |
| 雷璟: "物联网安全测评和风险评估技术研究", 《电讯技术》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107888605A (en) * | 2017-11-27 | 2018-04-06 | 国家计算机网络与信息安全管理中心 | A kind of Internet of Things cloud platform traffic security analysis method and system |
| CN107888605B (en) * | 2017-11-27 | 2020-11-24 | 国家计算机网络与信息安全管理中心 | Internet of things cloud platform flow security analysis method and system |
| CN108810033A (en) * | 2018-07-25 | 2018-11-13 | 安徽三实信息技术服务有限公司 | A kind of Internet of Things safety control system and control method |
| CN108965321A (en) * | 2018-08-10 | 2018-12-07 | 重庆工程学院 | A kind of Security Architecture of Internet of Things |
| CN110458463A (en) * | 2019-08-15 | 2019-11-15 | 西南交通大学 | A kind of electric power Internet of Things safety evaluation method based on Interval Intuitionistic Fuzzy decision |
| CN110458463B (en) * | 2019-08-15 | 2022-06-03 | 西南交通大学 | Electric power Internet of things security assessment method based on interval intuitive fuzzy decision |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AlDairi | Cyber security attacks on smart cities and associated mobile technologies | |
| Ma et al. | COVID-19 and cyber fraud: Emerging threats during the pandemic | |
| Mahbub | Progressive researches on IoT security: An exhaustive analysis from the perspective of protocols, vulnerabilities, and preemptive architectonics | |
| CN106789946A (en) | A kind of Internet of Things security evaluation method | |
| Butt et al. | Security and privacy in smart cities: issues and current solutions | |
| Ahmed et al. | False data injection attacks in healthcare | |
| CN103793639B (en) | A kind of method and device of Real time identification transmission data | |
| US20160057164A1 (en) | Device for quantifying vulnerability of system and method therefor | |
| CN106790294A (en) | A kind of 5G network security risk evaluations method | |
| CN113472547B (en) | Safety monitoring system based on block chain | |
| CN108989434B (en) | Medical service method based on Internet of Things | |
| Vegesna | Methodology for Mitigating the Security Issues and Challenges in the Internet of Things (IoT) Framework for Enhanced Security | |
| Bokhari et al. | Cybersecurity strategy under uncertainties for an IoE environment | |
| Yeboah-ofori et al. | Cybercrime and risks for cyber physical systems: A review | |
| KR101464736B1 (en) | Security Assurance Management System and Web Page Monitoring Method | |
| Majeed et al. | Devising a secure architecture of internet of everything (IoE) to avoid the data exploitation in cross culture communications | |
| Saini et al. | Challenges and opportunities in secure smart cities for enhancing the security and privacy | |
| Ahmed | Security and privacy in smart cities: Challenges and opportunities | |
| Rana et al. | Cyber security threats in IoT: A review | |
| Casola et al. | Toward automated threat modeling of edge computing systems | |
| Bush | National strategy for information sharing: Successes and challenges in improving terrorism-related information sharing | |
| Jadhav et al. | Understanding the correlation among factors of cyber system’s security for internet of things (IoT) in smart cities | |
| KR20160046767A (en) | Server for assessing personal information protection | |
| Prasat et al. | Analysis of Cross-Domain Security and Privacy Aspects of Cyber-Physical Systems | |
| Ganesh Babu et al. | Big data security using IoT-based smart grid communications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Wang Yafei Inventor after: Zheng Junhui Inventor after: Hu Haifeng Inventor after: Zhou Zhiqing Inventor after: Wang Qiming Inventor after: Wang Wei Inventor after: Shi Hesheng Inventor after: Di Weiqing Inventor after: Wang Feifei Inventor after: Ding Yafei Inventor after: Yu Heng Inventor before: Wang Yafei |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170531 |