Architecture of Internet of Things (IoT)

Internet of Things (IoT) technology has a wide range of applications and the use of the Internet of
Things is growing so faster. It is the networking of physical objects that contain electronics
embedded within their architecture to communicate and sense interactions amongst each other or
to the external environment.
Architecture of IoT
The architecture of IoT is divided into 4 different layers i.e. Sensing Layer, Network Layer, Data
processing Layer, and Application Layer.
 Sensing Layer: The sensing layer is the first layer of the Internet of Things architecture and
is responsible for collecting data from different sources. This layer
includes sensors and actuators that are placed in the environment to gather information
about temperature, humidity, light, sound, and other physical parameters. Wired or wireless
communication protocols connect these devices to the network layer.
 Network Layer: The network layer of an IoT architecture is responsible for providing
communication and connectivity between devices in the IoT system. It includes protocols
and technologies that enable devices to connect and communicate with each other and with
the wider internet. Examples of network technologies that are commonly used in IoT
include WiFi, Bluetooth, Zigbee, and cellular networks such as 4G and 5G technology.
Additionally, the network layer may include gateways and routers that act as intermediaries
between devices and the wider internet, and may also include security features such as
encryption and authentication to protect against unauthorized access.
 Data processing Layer: The data processing layer of IoT architecture refers to the software
and hardware components that are responsible for collecting, analyzing, and interpreting
data from IoT devices. This layer is responsible for receiving raw data from the devices,
processing it, and making it available for further analysis or action. The data processing
layer includes a variety of technologies and tools, such as data management systems,
analytics platforms, and machine learning algorithms. These tools are used to extract
meaningful insights from the data and make decisions based on that data. Example of a
technology used in the data processing layer is a data lake, which is a centralized repository
for storing raw data from IoT devices.
 Application Layer: The application layer of IoT architecture is the topmost layer that interacts
directly with the end-user. It is responsible for providing user-friendly interfaces and
functionalities that enable users to access and control IoT devices. This layer includes
various software and applications such as mobile apps, web portals, and other user
interfaces that are designed to interact with the underlying IoT infrastructure. It also includes
middleware services that allow different IoT devices and systems to communicate and share
data seamlessly. The application layer also includes analytics and processing capabilities
that allow data to be analyzed and transformed into meaningful insights. This can include
machine learning algorithms, data visualization tools, and other advanced analytics
capabilities.
Architecture of IoT
Advantages of IoT
 Execute multiple tasks at a time like a computer.
 Easiest internet connectivity
 Works on GUI (Graphical User Interface) mode because of HDMI port.
 Best suited for server-based applications i.e., can be connected via SSH–Secure Shell-to
access the Rpi command line remotely and file sharing via FTP–File Transfer Protocol.
 More reliable for software applications.
Disadvantages of IoT
 Security concerns and potential for hacking or data breaches.
 Privacy issues related to the collection and use of personal data.
 Dependence on technology and potential for system failures.
 Limited standardization and interoperability among devices.
 Complexity and increased maintenance requirements.
 High initial investment costs.
 Limited battery life on some devices.
 Concerns about job displacement due to automation.
 Limited regulation and legal framework for IoT, which can lead to confusion and uncertainty.
Modern Applications of IoT
 Smart Grids and energy saving
 Smart cities
 Smart homes/Home automation
 Healthcare
 Earthquake detection
  Radiation detection/hazardous gas detection
 Smartphone detection
 Water flow monitoring
 Traffic monitoring
 Smart door lock protection system
 Robots and Drones
 Healthcare and Hospitals, Telemedicine applications
 Biochip Transponders (For animals in farms)
 Heart monitoring implants (Example Pacemaker, ECG real time tracking
(this is comprehensive informarion abot M2M and IOT in a short way)
M2M and IoT Technology Fundamentals: A
Comprehensive Overview
Machine-to-Machine (M2M) communication and the Internet of Things (IoT) are foundational technologies in the
digital transformation модерн (modern) era, enabling a vast network of interconnected devices. While often used
interchangeably, they have distinct characteristics and scopes.

Machine-to-Machine (M2M) Communication

Definition: M2M communication refers to the direct communication between two or more machines or devices, using
wired or wireless channels, without the need for human intervention. It's about enabling devices to exchange data and
perform actions automatically.

Fundamentals:

 Point-to-Point Communication: M2M typically involves direct communication between specific devices.
 Automation: The core idea is to automate processes, data collection, and actions based on a-наперед
визначений (predefined) logic.
 Data Exchange: Devices capture data (e.g., from sensors, RFID tags) and share it with other connected
devices or a central platform.
 Specific Applications: M2M solutions are often built for particular tasks within a closed system, like telemetry,
remote monitoring, and control in industrial settings.
 Network Reliance: M2M can utilize various communication networks, including cellular (like GSM-GPRS,
CDMA EVDO), Wi-Fi, Bluetooth, or even wired connections. The role of these networks is often confined to
being a transport medium.

Key Components of an M2M System:

1. M2M Devices: These are the machines or hardware (e.g., sensors, actuators, embedded systems) that collect
data or perform actions.
2. Communication Network: The infrastructure (wired or wireless) that enables data transmission between
devices. This can include cellular networks, Wi-Fi, or satellite links.
3. Data Processing Units/Software Applications: These interpret the exchanged data, make decisions, and can
trigger automated actions. This could be embedded software or a centralized M2M platform.
4. Gateways (in some architectures): Devices that can act as intermediaries, aggregating data from multiple M2M
devices before transmitting it over a wider network.

Examples of M2M Applications:

 Smart Meters: Utility meters that automatically send consumption data to the utility company.
  Industrial Automation: Machines on a factory floor communicating to optimize production processes.
 Fleet Management: Vehicles sending location and diagnostic data to a central management system.
 Vending Machines: Alerting suppliers when stock is low.

Internet of Things (IoT)

Definition: The Internet of Things (IoT) is a broader concept representing a network of interrelated physical objects
("things"), computing devices, mechanical and digital machines, animals, or people that are provided with unique
identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-
computer interaction. Essentially, it integrates everyday "things" with the internet.

Fundamentals:

 Interconnectedness: IoT connects a vast array of diverse devices to the internet and to each other.
 Data Collection & Analysis: IoT devices typically use sensors to collect data from their environment, which is
then often sent to the cloud for processing, analysis (potentially using AI and machine learning), and storage.
 Cloud Communication: IoT heavily relies on cloud platforms for data storage, processing, and application
management.
 User Interaction: While IoT aims for automation, it often includes user interfaces (e.g., mobile apps,
dashboards) for monitoring, control, and interaction with the IoT ecosystem.
 Scalability: IoT systems are designed to be highly scalable, accommodating a growing number of connected
devices.
 Intelligence: IoT systems often incorporate a higher degree of intelligence, with devices and applications
making informed decisions based on analyzed data.

Key Components of an IoT System:

1. Smart Devices/Things (Sensors & Actuators): These are the physical objects embedded with sensors (to
collect data) and actuators (to perform actions based on data or commands).
2. Connectivity: Various communication protocols and technologies (e.g., Wi-Fi, Bluetooth, Cellular, LPWAN like
LoRaWAN, Zigbee) that connect devices to the internet or other devices.
3. Data Processing (Cloud/Edge): This includes IoT applications and platforms (often cloud-based) that collect,
store, process, and analyze data from IoT devices. Edge computing (processing data closer to where it's
generated) is also becoming crucial.
4. User Interface: Dashboards, mobile apps, or other interfaces that allow users to interact with the IoT system,
visualize data, and manage devices.
5. Analytics and AI/ML: Advanced analytics, artificial intelligence, and machine learning are often used to derive
insights, predict outcomes, and automate complex decision-making.

Examples of IoT Applications:

 Smart Homes: Connected appliances, lighting, security systems, and voice assistants.
 Wearable Technology: Smartwatches and fitness trackers collecting health and activity data.
 Smart Cities: Solutions for traffic management, waste management, public safety, and environmental
monitoring.
 Connected Healthcare: Remote patient monitoring and smart medical devices.
 Industrial IoT (IIoT): Predictive maintenance, supply chain optimization, and smart manufacturing.
 Smart Agriculture: Precision farming using sensors to monitor soil conditions, weather, and crop health.

M2M vs. IoT: Key Differences and Relationship

While both M2M and IoT involve device communication without human intervention, there are key distinctions:

Feature M2M (Machine-to-Machine) IoT (Internet of Things)

Vast network of diverse devices, often global
Scope Typically point-to-point or small networks
scale
 Direct device-to-device or via local networks; Internet
Connectivity Primarily internet-based, relies on IP protocols
connection not always essential
Uses standard internet protocols (HTTP, FTP,
Communication Often uses traditional protocols, can be proprietary
MQTT, etc.)
Data often sent to cloud for broader analysis
Data Focus Data shared between communicating parties
and use by various applications
Scalability Limited scalability Highly scalable
Often involves more complex data analytics,
Intelligence Some degree of intelligence in devices
AI, and cloud intelligence
More horizontal enabler approach, service-
Architecture More vertical system solutions
centric
Business-to-Business (B2B) and Business-to-
Business Model Primarily Business-to-Business (B2B)
Consumer (B2C)
Open API
Generally no support for Open APIs Supports Open API integrations
Support

Difference between IoT and M2M

1. Internet of Things : IOT is known as the Internet of Things where things are said to be the
communicating devices that can interact with each other using a communication media. Usually every day
some new devices are being integrated which uses IoT devices for its function. These devices use various
sensors and actuators for sending and receiving data over the internet. It is an ecosystem where the
devices share data through a communication media known as the internet or Iot is an ecosystem of
connected physical object that are accessible through internet. Iot means anything which can be connected
to internet and can be controlled or monitored using internet from smart devices or PC.
2. Machine to Machine : This is commonly known as Machine to machine communication. It is a concept
where two or more than two machines communicate with each other without human interaction using a
wired or wireless mechanism. M2M is an technology that helps the devices to connect between devices
without using internet. M2M communications offer several applications such as security, tracking and
tracing, manufacturing and facility management.
Difference between IoT and M2M :

Basis of IoT M2M

Abbreviation Internet of Things Machine to Machine

Devices have objects that are responsible Some degree of intelligence is

Intelligence
for decision making observed in this.

Connection type The connection is via Network and using

The connection is a point to point
used various communication types.

Basis of IoT M2M

 Traditional protocols and
Communication Internet protocols are used such
communication technology
protocol used as HTTP, FTP, and Telnet.
techniques are used

Data is shared between other applications

Data is shared with only the
Data Sharing that are used to improve the end-user
communicating parties.
experience.

Internet connection is required for Devices are not dependent on the

Internet
communication Internet.

Type of It supports point-to-point

It supports cloud communication
Communication communication.

Involves the usage of both Hardware and

Computer System Mostly hardware-based technology
Software.

A large number of devices yet scope is

Scope Limited Scope for devices.
large.

Business 2 Business(B2B) and Business

Business Type used Business 2 Business (B2B)
2 Consumer(B2C)

Open API support Supports Open API integrations. There is no support for Open APIs

It requires Generic commodity devices. Specialized device solutions.

Communication and device

Centric Information and service centric
centric.

Approach used Horizontal enabler approach Vertical system solution approach .

Devices/sensors, connectivity, data Device, area networks, gateway,

Components
processing, user interface Application server.

Smart wearables, Big Data and Cloud, Sensors, Data and Information,
Examples
etc. etc.
Sensors in Internet of Things(IoT)
Generally, sensors are used in the architecture of IOT devices.
Sensors are used for sensing things and devices etc.
A device that provides a usable output in response to a specified measurement.
The sensor attains a physical parameter and converts it into a signal suitable for processing (e.g. electrical,
mechanical, optical) the characteristics of any device or material to detect the presence of a particular
physical quantity.
The output of the sensor is a signal which is converted to a human-readable form like changes in
characteristics, changes in resistance, capacitance, impedance, etc.

IOT HARDWARE
Transducer :
 A transducer converts a signal from one physical structure to another.
 It converts one type of energy into another type.
 It might be used as actuator in various systems.
Sensor Classification :
 Passive & Active
 Analog & digital
 Scalar & vector
1. Passive Sensor –
Can not independently sense the input. Ex- Accelerometer, soil moisture, water level and
temperature sensors.
2. Active Sensor –
Independently sense the input. Example- Radar, sounder and laser altimeter sensors.
 3. Analog Sensor –
The response or output of the sensor is some continuous function of its input parameter. Ex-
Temperature sensor, LDR, analog pressure sensor and analog hall effect.
4. Digital sensor –
Response in binary nature. Design to overcome the disadvantages of analog sensors. Along with
the analog sensor, it also comprises extra electronics for bit conversion. Example – Passive infrared
(PIR) sensor and digital temperature sensor(DS1620).
5. Scalar sensor –
Detects the input parameter only based on its magnitude. The answer for the sensor is a function of
magnitude of some input parameter. Not affected by the direction of input parameters.
Example – temperature, gas, strain, color and smoke sensor.
6. Vector sensor –
The response of the sensor depends on the magnitude of the direction and orientation of input
parameter. Example – Accelerometer, gyroscope, magnetic field and motion detector sensors.
Types of sensors –
 Electrical sensor :

Electrical proximity sensors may be contact or non contact.

Simple contact sensors operate by making the sensor and the component complete an electrical circuit.
Non- contact electrical proximity sensors rely on the electrical principles of either induction for detecting
metals or capacitance for detecting non metals as well.
 Light sensor:

Light sensor is also known as photo sensors and one of the important sensor.
Light dependent resistor or LDR is a simple light sensor available today.
The property of LDR is that its resistance is inversely proportional to the intensity of the ambient light i.e
when the intensity of light increases, it’s resistance decreases and vise versa.
 Touch sensor:
Detection of something like a touch of finger or a stylus is known as touch sensor.
It’s name suggests that detection of something.
They are classified into two types:
1. Resistive type
2. Capacitive type
Today almost all modern touch sensors are of capacitive types.
Because they are more accurate and have better signal to noise ratio.
 Range sensing:
Range sensing concerns detecting how near or far a component is from the sensing position, although they
can also be used as proximity sensors.
Distance or range sensors use non-contact analog techniques. Short range sensing, between a few
millimetres and a few hundred millimetres is carried out using electrical capacitance, inductance and
magnetic technique.
Longer range sensing is carried out using transmitted energy waves of various types eg radio waves,
sound waves and lasers.
  Mechanical sensor:

Any suitable mechanical / electrical switch may be adopted but because a certain amount of force is
required to operate a mechanical switch it is common to use micro-switches.
 Pneumatic sensor:

These proximity sensors operate by breaking or disturbing an air flow.

The pneumatic proximity sensor is an example of a contact type sensor. These cannot be used where light
components may be blown away.
 Optical sensor:

In there simplest form, optical proximity sensors operate by breaking a light beam which falls onto a light
sensitive device such as a photocell. These are examples of non contact sensors. Care must be exercised
with the lighting environment of these sensors for example optical sensors can be blinded by flashes from
arc welding processes, airborne dust and smoke clouds may impede light transmission etc.
 Speed Sensor:

Sensor used for detecting the speed of any object or vehicle which is in motion is known as speed sensor
.For example – Wind Speed Sensors, Speedometer ,UDAR ,Ground Speed Radar .
 Temperature Sensor:
Devices which monitors and tracks the temperature and gives temperature’s measurement as an electrical
signal are termed as temperature sensors .These electrical signals will be in the form of voltage and is
directly proportional to the temperature measurement .
 PIR Sensor:

PIR stands for passive infrared sensor and it is an electronic sensor that is used for the tracking and
measurement of infrared (IR) light radiating from objects in its field of view and is also known as
Pyroelectric sensor .It is mainly used for detecting human motion and movement detection .
 Ultrasonic Sensor:

The principle of ultrasonic sensor is similar to the working principle of SONAR or RADAR in which the
interpretation of echoes from radio or sound waves to evaluate the attributes of a target by generating the
high frequency sound waves .

Actuators in IoT
An IoT device is made up of a Physical object (“thing”) + Controller (“brain”) + Sensors + Actuators +
Networks (Internet). An actuator is a machine component or system that moves or controls the mechanism
of the system. Sensors in the device sense the environment, then control signals are generated for the
actuators according to the actions needed to perform.
A servo motor is an example of an actuator. They are linear or rotatory actuators, can move to a given
specified angular or linear position. We can use servo motors for IoT applications and make the motor
rotate to 90 degrees, 180 degrees, etc., as per our need.
The following diagram shows what actuators do, the controller directs the actuator based on the sensor
data to do the work.
Working of IoT devices and use of Actuators
The control system acts upon an environment through the actuator. It requires a source of energy and a
control signal. When it receives a control signal, it converts the source of energy to a mechanical operation.
On this basis, on which form of energy it uses, it has different types given below.
Types of Actuators :
1. Hydraulic Actuators –

A hydraulic actuator uses hydraulic power to perform a mechanical operation. They are actuated by a
cylinder or fluid motor. The mechanical motion is converted to rotary, linear, or oscillatory motion, according
to the need of the IoT device. Ex- construction equipment uses hydraulic actuators because hydraulic
actuators can generate a large amount of force.
Advantages :

 Hydraulic actuators can produce a large magnitude of force and high speed.
 Used in welding, clamping, etc.
 Used for lowering or raising the vehicles in car transport carriers.
Disadvantages :
 Hydraulic fluid leaks can cause efficiency loss and issues of cleaning.
 It is expensive.
 It requires noise reduction equipment, heat exchangers, and high maintenance systems.
2. Pneumatic Actuators –
A pneumatic actuator uses energy formed by vacuum or compressed air at high pressure to convert into
either linear or rotary motion. Example- Used in robotics, use sensors that work like human fingers by using
compressed air.
Advantages :

 They are a low-cost option and are used at extreme temperatures where using air is a safer option
than chemicals.
 They need low maintenance, are durable, and have a long operational life.
 It is very quick in starting and stopping the motion.
Disadvantages :
 Loss of pressure can make it less efficient.
 The air compressor should be running continuously.
 Air can be polluted, and it needs maintenance.
3. Electrical Actuators –

An electric actuator uses electrical energy, is usually actuated by a motor that converts electrical energy
into mechanical torque. An example of an electric actuator is a solenoid based electric bell.
Advantages :

 It has many applications in various industries as it can automate industrial valves.

 It produces less noise and is safe to use since there are no fluid leakages.
 It can be re-programmed and it provides the highest control precision positioning.
Disadvantages :

 It is expensive.
 It depends a lot on environmental conditions.
Internet of Things (IoT) Gateways
Gateway provides a bridge between different communication technologies which means we can say that a
Gateway acts as a medium to open up connections between the cloud and controller(sensors/devices)
in Internet of Things (IoT). With the help of gateways, it is possible to establish device-to-device or device-
to-cloud communication. A gateway can be a typical hardware device or software program. It enables a
connection between the sensor network and the Internet along with enabling IoT communication, it also
performs many other tasks such as this IoT gateway performs protocol translation, aggregating all data,
local processing, and filtering of data before sending it to the cloud, locally storing data and autonomously
controlling devices based on some inputted data, providing additional device security. The below figure
shows how IoT Gateways establish communication between sensors and the cloud (Data System):As IoT
devices work with low power consumption(Battery power) in other words they are energy constrained so if
they will directly communicate to cloud/internet it won’t be effective in terms of power. So they communicate
with Gateway first using short range wireless
transmission modes/network like ZigBee, Bluetooth, etc
as they consume less power or they can also be
connected using long range like Cellular and WiFi etc.
Then Gateway links them to Internet/ cloud by
converting data into a standard protocol like MQTT.
using ethernet, WiFi/cellular or satellite connection. And
in mostly Gateway is Mains powered unlike sensor
nodes which are battery powered. In practice there are
multiple Gateway devices. Let’s think about a simple IoT
gateway, then our smartphone comes into picture as it
can also work as a basic IoT gateway when we use multiple radio technologies like WiFi, Bluetooth,
Cellular network of smart phone to work on any IoT project in sending and receiving data at that time this
also acts as a basic IoT Gateway.
Key functionalities of IoT Gateway :

 Establishing communication bridge

 Provides additional security.
 Performs data aggregation.
 Pre processing and filtering of data.
 Provides local storage as a cache/ buffer.
 Data computing at edge level.
 Ability to manage entire device.
 Device diagnostics.
  Adding more functional capability.
 Verifying protocols.
Working of IoT Gateway :

1. Receives data from sensor network.

2. Performs Pre processing, filtering and cleaning on unfiltered data.
3. Transports into standard protocols for communication.
4. Sends data to cloud.
IoT Gateways are key element of IoT infrastructure as Gateways establish connection for communication
and also performs other task as described above. So IoT Gateway is one of most essential thing when we
start think about an IoT ecosystem.
Advantages of Gateway:

There are several advantages of using a gateway in the Internet of Things (IoT), including:
 Protocol translation: IoT devices typically use different communication protocols, and a gateway
can translate between these protocols to enable communication between different types of devices.
 Data aggregation: A gateway can collect data from multiple IoT devices and aggregate it into a
single stream for easier analysis and management.
 Edge computing: Gateways can perform edge computing tasks such as data processing, analytics,
and machine learning, enabling faster and more efficient decision-making.
 Security: Gateways can act as a secure access point for IoT devices, providing a layer of protection
against cyber threats.
 Scalability: Gateways can support a large number of IoT devices and can be easily scaled up or
down to meet changing needs.
 Improved reliability: Gateways can help to improve the reliability of IoT devices by managing
network connectivity and providing a backup mechanism in case of network failure.
 Cost-effective: Gateways can be a cost-effective way to manage and control a large number of IoT
devices, reducing the need for expensive infrastructure and IT resources.

Basics of Computer Networking

A computer network is a collection of interconnected devices that share resources and information. These
devices can include computers, servers, printers, and other hardware. Networks allow for the efficient
exchange of data, enabling various applications such as email, file sharing, and internet browsing.
Basic Terminologies of Computer Networks
 Network: A network is a collection of computers and devices that are connected together to enable
communication and data exchange.
 Nodes: Nodes are devices that are connected to a network. These can include computers, Servers,
Printers, Routers, Switches, and other devices.
 Protocol: A protocol is a set of rules and standards that govern how data is transmitted over a
network. Examples of protocols include TCP/IP, HTTP, and FTP.
  Topology: Network topology refers to the physical and logical arrangement of nodes on a network.
The common network topologies include bus, star, ring, mesh, and tree.
 Service Provider Networks: These types of Networks give permission to take Network Capacity
and Functionality on lease from the Provider. Service Provider Networks include Wireless
Communications, Data Carriers, etc.
 IP Address: An IP address is a unique numerical identifier that is assigned to every device on a
network. IP addresses are used to identify devices and enable communication between them.
 DNS: The Domain Name System (DNS) is a protocol that is used to translate human-readable
domain names (such as www.google.com) into IP addresses that computers can understand.
 Firewall: A firewall is a security device that is used to monitor and control incoming and outgoing
network traffic. Firewalls are used to protect networks from unauthorized access and other security
threats.
How Does a Computer Network Work?
Basics building blocks of a Computer network are Nodes and Links. A Network Node can be illustrated as
Equipment for Data Communication like a Modem, Router, etc., or Equipment of a Data Terminal like
connecting two computers or more. Link in Computer Networks can be defined as wires or cables or free
space of wireless networks.
The working of Computer Networks can be simply defined as rules or protocols which help in sending and
receiving data via the links which allow Computer networks to communicate. Each device has an IP
Address, that helps in identifying a device.
What do Computer Networks do?
Computer networks first developed in 1950 for military and defense purpose. At that time they are mainly
used to send data through telephone lines and had limited use in business or science.
Today computer networks are essential for businesses also. Modern networks offer more than just
connecting devices. They play a key role in helping businesses adapt to the digital world and succeed.
These networks have become more flexible, automated, and secure, making them even more important in
today’s business environment.
Modern computer networks can:
 Work Virtually: The physical network can be divided into smaller virtual networks. In these virtual
networks, devices are connected and can send data through multiple physical routes. For example,
many business networks use the internet this way.
 Connect on a Large Scale: Modern networks link many smaller, spread-out networks into one big,
powerful system. Automation and monitoring tools help manage and adjust the network as needed,
allowing it to grow or shrink based on demand.
 Adapt Quickly: Many networks are controlled by software, so changes can be made quickly
through a digital dashboard. This allows traffic to be managed easily.
 Keep Data Secure: Built-in security features like encryption and access control protect data.
Additional protections like antivirus software, firewalls, and malware protection can be added to
strengthen network security.

Types of Enterprise Computer Networks

 LAN: A Local Area Network (LAN) is a network that covers a small area, such as an office or a
home. LANs are typically used to connect computers and other devices within a building or a
campus.
  WAN: A Wide Area Network (WAN) is a network that covers a large geographic area, such as a city,
country, or even the entire world. WANs are used to connect LANs together and are typically used
for long-distance communication.
 Cloud Networks: Cloud Networks can be visualized with a Wide Area Network (WAN) as they can
be hosted on public or private cloud service providers and cloud networks are available if there is a
demand. Cloud Networks consist of Virtual Routers, Firewalls, etc.
These are just a few basic concepts of computer networking. Networking is a vast and complex field, and
there are many more concepts and technologies involved in building and maintaining networks. Now we
are going to discuss some more concepts on Computer Networking.
 Open system: A system that is connected to the network and is ready for communication.
 Closed system: A system that is not connected to the network and can’t be communicated with.
Types of Computer Network Architecture

Computer Network falls under these broad Categories:

 Client-Server Architecture: Client-Server Architecture is a type of Computer Network Architecture
in which Nodes can be Servers or Clients. Here, the server node can manage the Client Node
Behaviour.
 Peer-to-Peer Architecture: In P2P (Peer-to-Peer) Architecture, there is not any concept of a
Central Server. Each device is free for working as either client or server.
Network Devices

An interconnection of multiple devices, also known as hosts, that are connected using multiple paths for the
purpose of sending/receiving data or media. Computer networks can also include multiple
devices/mediums which help in the communication between two different devices; these are known
as Network devices and include things such as routers, switches, hubs, and bridges.

Network Devices
Network Topology

The Network Topology is the layout arrangement of the different devices in a network. Some types of
network topologies are:
 Bus Topology: In bus topology all devices are connected to a single central cable called a bus.
Data is sent along this cable and all devices share the same connection. Simple and cheap to set
up but if the main cable fails the whole network goes down.
 Star Topology: In star topology all devices are connected to a central node called hub or switch.
The hub controls the flow of data between devices. If one device fails the rest of the network is
unaffected. But, if the central hub fails the whole network stops working.
 Ring Topology: In ring topology devices are connected in a circular loop with each device
connected to two others. Data travels in one direction (or sometimes both) passing through each
device until it reaches its destination. A failure in one device can affect the whole network.
  Mesh Topology: In mesh topology every device is connected to every other device in the network.
It provides multiple paths for data so if one path fails another can take over.
 Tree Topology: Tree topology is the combination of star and bus topology. Tree topology is good for
organizing large networks and allows for easy expansion.
 Hybrid Topology: Hybrid topology is the combination of two or more different topologies (like star
and mesh). It is flexible and can be customized based on the network’s specific needs.

Network Topology
Network Protocols
A protocol is a set of rules or algorithms which define the way how two entities can communicate across the
network and there exists a different protocol defined at each layer of the OSI model. A few such protocols
are TCP, IP, UDP, ARP, DHCP, FTP, and so on.
 Transmission Control Protocol/Internet Protocol (TCP/IP): TCP/IP is the foundational protocol
suite of the internet, enabling reliable communication. TCP Ensures data is delivered reliably and in
order and IP routes data packets to their destination based on IP addresses.
 Hypertext Transfer Protocol (HTTP) and HTTPS: HTTP and HTTPS protocols used for
transmitting web pages. In HTTP communication is unsecured and in HTTPS secured
communication using SSL/TLS encryption.
 Simple Mail Transfer Protocol (SMTP): SMTP protocol used to send email. SMTP protocol works
with other protocols like POP3 and IMAP for email retrieval.
 File Transfer Protocol (FTP): FTP protocol used for transferring files between computers. Includes
commands for uploading, downloading, and managing files on a remote server.
 Dynamic Host Configuration Protocol (DHCP): DHCP protocol automatically assigns IP
addresses to devices on a network. Reduces manual configuration and IP address conflicts.
 Domain Name System (DNS): DNS Translates human-friendly domain names into IP addresses.
Ensures seamless navigation on the internet.

 Unique Identifiers of Network

IP Address (Internet Protocol address): Also known as the Logical Address, the IP Address is the
network address of the system across the network. To identify each device in the world-wide-web, the
Internet Assigned Numbers Authority (IANA) assigns an IPV4 (Version 4) address as a unique identifier to
each device on the Internet. The length of an IPv4 address is 32 bits, hence, we have 232 IP addresses
available. The length of an IPv6 address is 128 bits.
In Windows Type “ipconfig” in the command prompt and press ‘Enter’, this gives us the IP address of the
device. For Linux, Type “ifconfig” in the terminal and press ‘Enter’ this gives us the IP address of the
device.
MAC Address (Media Access Control address): Also known as physical address, the MAC Address is
the unique identifier of each host and is associated with its NIC (Network Interface Card). A MAC address is
assigned to the NIC at the time of manufacturing. The length of the MAC address is: 12-nibble/ 6 bytes/ 48
bits Type “ipconfig/all” in the command prompt and press ‘Enter’, this gives us the MAC address.
Port: A port can be referred to as a logical channel through which data can be sent/received to an
application. Any host may have multiple applications running, and each of these applications is identified
using the port number on which they are running.
DNS Server: DNS stands for Domain Name System. DNS is basically a server that translates web
addresses or URLs (ex: www.google.com) into their corresponding IP addresses. We don’t have to
remember all the IP addresses of each and every website. The command ‘nslookup’ gives you the IP
address of the domain you are looking for. This also provides information on our DNS Server. \

Domain IP Address
ARP: ARP stands for Address Resolution Protocol. It is used to convert an IP address to its
corresponding physical address(i.e., MAC Address). ARP is used by the Data Link Layer to identify the
MAC address of the Receiver’s machine.
RARP: RARP stands for Reverse Address Resolution Protocol. As the name suggests, it provides the IP
address of the device given a physical address as input. But RARP has become obsolete since the time
DHCP has come into the picture.
The Domain Name System (DNS) is a critical component of computer networking. It converts easily
recognizable domain names, such as www.example.com, into numerical IP addresses that computers use
to identify each other on the network.
How DNS Works?

DNS works efficiently, translating user-friendly domain names into IP addresses, allowing seamless
navigation on the internet. Below step by step working of DNS:
 User Input: When a user enters a domain name in a browser, the system needs to find its IP
address.
 DNS Query: The user’s device sends a DNS query to the DNS resolver.
 Resolver Request: The DNS resolver checks its cache for the IP address. If not found, it forwards
the request to the root DNS server.
 Root DNS Server: The root DNS server provides the address of the TLD (Top-Level Domain)
server for the specific domain extension (e.g., .com).
 TLD DNS Server: The TLD server directs the resolver to the authoritative DNS server for the actual
domain.
 Authoritative DNS Server: The authoritative DNS server knows the IP address for the domain and
provides it to the resolver.
 Response to User: The resolver stores the IP address in its cache and sends it to the user’s
device.
 Access Website: With the IP address, the user’s device can access the desired website.
Network Security
Ensuring the security of a network is crucial to protect data and resources from unauthorized access and
attacks. Key aspects of network security include:
 Firewalls: Devices or software that monitor and control incoming and outgoing network traffic based
on security rules.
 Encryption: The process of encoding data to prevent unauthorized access. Commonly used
in VPNs, HTTPS, and secure email.
 Intrusion Detection Systems (IDS): Tools that monitor network traffic for suspicious activity and
potential threats.
 Access Control: Mechanisms that restrict access to network resources based on user identity and
role.
 Regular Updates and Patching: Keeping software and hardware up to date to protect against
vulnerabilities.
Why Use Computer Networks?

Computer network play a important role in modern life. Here are some key benefits of computer networks:
 Fast and Easy Communication: Networks enable all types of digital communication, like emails,
messaging, file sharing, video calls, and streaming.
 More Storage Space: Suppose if we don’t have a cloud storage then we have to store data in
physical files that will consume a physical space so computer network provide a storage for storing
data.
 Easier Sharing of Information: Networks make it simpler for users and teams to share resources
and information. Teams can collaborate more easily, and users get faster response from network
devices.
 Better Security: Well designed networks are more reliable and give businesses more options for
keeping data safe. They come with built-in security features like encryption and access controls to
protect sensitive information from cyber threats.

What is Data Management?

Over the last few decades, the constant development of cloud systems, artificial intelligence, and
the Internet of Things has achieved remarkable growth in collaborating with big data. With the more
complex structures, data management contributes a lot at the enterprise level to manage the data. It is
most important to understand that the data management system plays an important role in ensuring the
smooth functioning of businesses and organizations that mainly deal with data.

An efficient approach of collecting, filtering, as well as deploying data sets in a structured manner to
achieve the projected organization’s goals and decision-making process. In the effective data
management system, it is the most important process for the information technology sector. It runs
business applications by providing analytical information. The whole process is a combination of different
functions that are collectively developed to ensure accessibility to the data. In this blog, we are going to
discuss today the critical concepts of data management and its significance, with the associated risks
and difficulties of the data handling process.
What is Data Management?
Data management is a functional system for collecting and analyzing raw datasets. The main goal of this
process is to help people, and organizations and optimize the use of data by maintaining the policy and
regulations. There are some key components of data management include as:
It is the first and foremost process, where you need to collect and gather the data from various sources in a
raw format. They could be structured or unstructured. You need to sort the data in a secure and organized
manner. This step involves selecting appropriate storage technology based on the data volume.
Collection of data is the first and foremost process, where you need to collect and gather the data from
various sources in a raw format. They could be structured or unstructured. You need to sort the data in a
secure and organized manner. This step involves selecting appropriate storage technology based on the
data volume. Processing the data is an important process to filter the data into a structured format. It
involves data cleaning, aggregating, and enhancing the dataset to make it more meaningful. When you
need to assure the accuracy and reliability of the data, you should maintain the data quality which involves
the validation rules, and error-checking processes.

Maintaining data security and privacy processes implement security measures to protect the data from
unauthorized access, security breaches, and data loss by imposing data encryption and access control.
Furthermore, it is important to analyze the data by applying the data mining process, machine learning,
and data visualization processes. There are different types of data management lifecycles in the market,
by which organizations can maintain the business and regulatory requirements to develop a durable data
set. It leads to managing the process of metadata and provides detailed information about
the structure, mining process, and data usage to perform the process effectively.
Importance of Data Management

In today’s data-driven world, data management has become a paramount concept, which involves various
organizations, storage, processing, and data protection. It increases data accuracy and accessibility to
ensure user reliability. Here are some key reasons that make Data Management very important:
1. Informed Decision-Making Process: Data is the most important component for businesses and
organizations because they make their important decisions based on data. A proper data
management process ensures that the decision-makers have direct access to the updated
information which helps to make effective choices.
2. Data Quality and Efficiency: A well-managed data set leads to a streamlined process, which helps
to maintain data quality and efficiency. It reduces error risks and poor decision-making.
3. Compliance and Customer Trust: Many organisations have strict regulations to maintain the data
management process properly. It also follows effective processes to handle client data responsibly.
4. Strategy Development and Innovation: In the modern context, data is a valuable asset that can
help organisations to identify trends and potential opportunities with the challenges. It helps to
understand the organisations to culture the market trends with customer behaviour. On the other
hand, effective data management allows you to analyse the previous data to identify the patterns
which lead to the development of new products and solutions.
5. Long-term Sustainability: Proper data management helps organisations to plan for the long run. It
helps to master data management efficiently by reducing redundancies, data duplication, and
unnecessary storage costs.
6. Competitive Advantage: Proper data management entitles organisations to explore market trends,
customer behaviours, and other insights that can help them outperform competitors.
Risks and Challenges in Data Management
While effective data management can produce significant benefits, on the other hand, there are so many
risks and challenges related to it. Here are some aspects of them:
 Security and Privacy: Unauthorised access to sensitive data by hacking can be a cause of data
breaches, which can expose confidential information and may cause financial losses for an
organisation.
 Data Quality: Poor data quality and duplicate data lead to stemming errors during data collection,
leading to incorrect decision-making. It occupies valuable storage and creates confusion during the
analysis process.
  Data Governance: Lack of data ownership and access control can lead to inconsistent data
management. This process leads to security risks and compromises the security of data.
 Data Integration Process: Integrating the data from various sources is difficult, as it contains
different formats and complex structures. It disrupts the proper decision-making and process of data
analysis.
 Data Scaling: Scaling the data management systems is needed to increase the data loads to
maintain the performance by overcoming technical challenges.
 Data Lifecycle Management: Organisations need to be transparent in their data retention policies
which helps to determine the data processing time and which data needs to be deleted. Data
disposal is also needed for security measures to prevent unauthorised access.
 Data Analysis: Analysing complex and various data sets, required to create the advanced analytics
tools. For actionable data insight development, it is needed to understand the business context
properly with the particular domain knowledge.

Understanding IoT in Business

IoT stands for Internet Of Things and can be described as a system of tangible physical
devices according to communication protocols in IoT, that are equipped with sensors,
software as well as other related technologies so that they can communicate and gather
data.

From a business perspective, IoT can join equipment, vehicles, and any other business
assets to a system to monitor the function of this equipment or vehicle as well as other
assets, making decisions, and optimization of operations.

Additionally, businesses looking to collect and process massive amounts of data

generated by IoT devices can benefit from a web scraping solution to efficiently
extract and analyze this information, further enhancing decision-making and
operational strategies.

Key Business Processes Impacted by IoT

1. Supply Chain Management
IoT will improve the transparency of the supply chain by tracking and monitoring
physical assets or goods in real-time from the time they are manufactured to the time
they are delivered to the consumers. Retail supply chain management
software leverages these IoT technologies to provide businesses with real-time insights
into inventory levels, shipment conditions, and delivery routes. These technologies can
notify the firms about the status of raw materials or finished products, the conditions
under which they are shipped, or the routes they take, which in return assists the firms
in predicting customer needs more accurately, cutting costs, and reducing possible
risks like theft.
2. Predictive Maintenance
This means that various IoT devices help in the tracking of the health of various
machines and equipment in terms of potential breakdowns or even failures. Such
maintenance anticipates asset failure and aims at avoiding it, and in the process,
minimizes the time when such an asset is unavailable, creating longer life, and
efficient operation.

For example, manufacturers can use the IoT sensors to take note of certain problems
within industries and arrange for maintenance at the right time thus reducing the
incidence of expensive repair and production breakdowns.

3. Energy Management
IoT solutions assist in saving energy by analyzing energy utilization and determining
wastage levels. They also assist in monitoring energy consumption by using smart
technology such as smart meters and connected devices to cut down the expenses
incurred on energy bills and the usage of energy appliances.

For instance, in a smart building, light and heating ventilation air conditioning systems
can be controlled according to the presence of people and weather and this greatly
reduces energy expenses.

4. Customer Experience
IoT can dramatically change the world of customer interactions through timely and
personalized services. IoT-enabled devices are widely employed in the retail industry
to collect consumers' information, monitor their behavior, and improve shopping
experiences. Additionally, having mobile XR solutions can enhance immersive
experiences, providing more interactive ways to engage with customers.

Some examples of intelligent capabilities include; Smart shelves for example can
inform the staff that certain products are almost out of stock and also inform the
customers of the real-time stock status.

Overview of Everything as a Service (XaaS)

Before only cloud computing technology was there and various cloud service providers were providing
various cloud services to the customers. But now a new concept has emerged i.e Everything as a Service
(XaaS) means anything can now be a service with the help of cloud computing and remote accessing.
Where cloud computing technologies provide different kinds of services over the web networks. In
Everything as a Service, various tools and technologies, and services are provided to users as a service.
Before XaaS and cloud services, companies have to buy licensed products and install them, had to all
securities on their site and provide infrastructure for business purposes. With XaaS, business is simplified
as they have to pay for what they need. This Everything as a Service is also known as Anything as a
Service.
Examples of XaaS :
As XaaS stands for “Everything as a service”, There are many examples. There are many varieties of cloud
computing models like –
SaaS provides many software applications like Google Apps, and Microsoft Office 365. Similarly, PaaS
offers AWS, Heroku, Apache Stratos, and other sources relating to application development and testing.
IaaS helps to deploy and configure virtual machines and manage these remotely. IaaS also provide
services to Azure and Google Computer Engine.
Everything as a Service Model Examples :
1. Hardware as a Service (HaaS) –
Managed Service Providers (MSP) provide and install some hardware on the customer’s site on
demand. The customer uses the hardware according to service level agreements. This model is
very similar to IaaS as computing resources present at MSP’s site are provided to users substituted
for physical hardware.
2. Communication as a Service (CaaS) –
This model comprises solutions for different communication like IM, VoIP, and video conferencing
applications which are hosted in the provider’s cloud. Such a method is cost-effective and reduces
time expenses.
3. Desktop as a Service (DaaS) –
DaaS provider mainly manages storing, security, and backing up user data for desktop apps. And a
client can also work on PCs using third-party servers.
4. Security as a Service (SECaaS) –
In this method, the provider integrates security services with the company’s infrastructure through
the internet which includes anti-virus software, authentication, encryption, etc.
5. Healthcare as a Service (HaaS) –
The healthcare industry has opted for the model HaaS service through electronic medical records
(EMR). IoT and other technologies have enhanced medical services like online consultations, health
monitoring 24/7, medical service at the doorstep e.g. lab sample collection from home, etc.
6. Transport as a Service (TaaS) –
Nowadays, there are numerous apps that help in mobility and transport in modern society. The
model is both convenient and ecological friendly e.g. Uber taxi services is planning to test flying
taxis and self-driving planes in the future.
Benefits in XaaS :
 Cost Saving –
When an organization uses XaaS then it helps in cost-cutting and simplifies IT deployments.
 Scalability –
XaaS can easily handle the growing amount of work by providing the required resources/service.
 Accessibility –
It helps in easy accessing and improving accessibility as long as the internet connection is there.
 Faster Implementation –
It provides faster implementation time to various activities of the organization.
  Quick Modification –
It provides updates for modification as well as undergoes quick updating by providing quality
services.
 Better Security –
It contains improved security controls and is configured to the exact requirements of the business.
 Boost innovation –
While XaaS is used it Streamlines the operations and frees up resources for innovation.
 Flexibility –
XaaS provides flexibility by using cloud services and multiple advanced approaches.
Disadvantages in XaaS :
 Internet Breakage –
Internet breaks sometimes for XaaS service providers where there can also be issues in internet
reliability, provisioning, and managing the infrastructure resources.
 Slowdown –
When too many clients are using the same resources at the same time, the system can slow down.
 Difficult in Troubleshoot –
XaaS can be a solution for IT staff in day-to-day operational headaches, but if anywhere problem
occurs it is harder to troubleshoot it as in XaaS multiple services are included with various
technologies and tools.
 Change brings problems –
If a XaaS provider discontinues a service or alters it gives an impact on XaaS users.

IoT and Cloud Computing

One component that improves the success of the Internet of Things is Cloud Computing. Cloud computing
enables users to perform computing tasks using services provided over the Internet. The use of the Internet
of Things in conjunction with cloud technologies has become a kind of catalyst: the Internet of Things and
cloud computing are now related to each other. These are true technologies of the future that will bring
many benefits.
Due to the rapid growth of technology, the problem of storing, processing, and accessing large amounts of
data has arisen. Great innovation relates to the mutual use of the Internet of Things and cloud technologies.
In combination, it will be possible to use powerful processing of sensory data streams and new monitoring
services. As an example, sensor data can be uploaded and saved using cloud computing for later use as
intelligent monitoring and activation using other devices. The goal is to transform data into insights and thus
drive cost-effective and productive action.
Benefits And Functions of IoT Cloud:
There are many benefits of combining these services –
1. IoT Cloud Computing provides many connectivity options, implying large network access. People
use a wide range of devices to gain access to cloud computing resources: mobile devices, tablets,
laptops. This is convenient for users but creates the problem of the need for network access points.
2. Developers can use IoT cloud computing on-demand. In other words, it is a web service accessed
without special permission or any help. The only requirement is Internet access.
3. Based on the request, users can scale the service according to their needs. Fast and flexible means
you can expand storage space, edit software settings, and work with the number of users. Due to
this characteristic, it is possible to provide deep computing power and storage.
4. Cloud Computing implies the pooling of resources. It influences increased collaboration and builds
close connections between users.
 5. As the number of IoT devices and automation in use grows, security concerns emerge. Cloud
solutions provide companies with reliable authentication and encryption protocols.
6. Finally, IoT cloud computing is convenient because you get exactly as much from the service as you
pay. This means that costs vary depending on use: the provider measures your usage statistics. A
growing network of objects with IP addresses is needed to connect to the Internet and exchange
data between the components of the network.
Pairing with edge computing:
Data processing at the network edge or edge computing is used with IoT solutions and enables faster
processing and response times. To get a better understanding of how this works, consider a large factory
with many implemented IoT sensors. In this situation, it makes sense, before sending data to the cloud for
processing, to aggregate it close to the border to prevent cloud overload by reducing direct connections.

Data centers with this approach make data processing much faster. Yet, an approach that is only based on
the edge will never provide a complete view of business operations. If there is no cloud solution, then the
factory only controls each unit individually. Also, it has no way of imagining how these units work in relation
to each other. This is why only the combination of the edge and the cloud will enable businesses to benefit
from IoT developments.
The Role of Cloud Computing on the Internet of Things:
Cloud computing works to improve the efficiency of daily tasks in conjunction with the Internet of Things.
Cloud computing is about providing a path for data to reach its destination while the Internet of Things
generates a huge amount of data.
According to Amazon Web Services, there are four benefits of cloud computing:
1. No need to pre-guess infrastructure capacity needs
2. Saves money, because you only need to pay for those resources that you use, the larger the scale,
the more savings
3. In a few minutes, platforms can be deployed around the world
4. Flexibility and speed in providing resources to developers

What is IoT Security?

IoT Security is based on a cybersecurity strategy to defend against cyberattacks on IoT devices and the
vulnerable networks they are linked to. There is no built-in security on IoT devices, as IoT devices behave
without being noticed by traditional cybersecurity systems and transport data over the internet in an
unencrypted manner, IoT security is necessary to assist in avoiding data breaches.

Security was not considered during the design of IoT devices. The constant diversity and expansion of IoT
devices and communication channels raises the possibility that cyber attacks may target your company.
What is IoT Security?
IoT security is a technology area that particularly focuses on protecting connected devices and networks in
IoT. The act of protecting these devices and making sure they don't bring risks into a network is known as
IoT security. Attacks are likely to occur to anything linked to the Internet at some time. From the Internet of
Things devices, Attackers may utilize remote access to steal data by using a variety of strategies, including
credential theft and vulnerability exploitation.
Types of IoT Security
IoT security encompasses a multi-layered approach to protect devices, networks, and data. It involves both
user and manufacturer responsibilities.
1. Network Security
This focuses on safeguarding the overall IoT network infrastructure. It involves:
 Establishing a strong network perimeter: Implementing firewalls, intrusion detection systems,
and access controls to prevent unauthorized entry.
 Enforcing zero-trust architecture: Assuming every device and user is potentially malicious,
requiring continuous verification.
 Securing network communication: Encrypting data transmitted between devices and using
secure protocols.
2. Device Security
This centers on protecting individual IoT devices:
 Embedded security agents: Employing lightweight software to monitor device behavior and detect
anomalies.
 Firmware hardening: Ensuring device software is free from vulnerabilities through rigorous testing
and updates.
 Secure boot process: Verifying the integrity of the device's operating system before startup.
3. Data Security

This safeguards the information generated and transmitted by IoT devices:

 Data encryption: Protecting data both at rest and in transit using strong encryption algorithms.
 Data privacy: Implementing measures to protect sensitive information from unauthorized access.
 Data integrity: Ensuring data accuracy and consistency through checksums and other techniques.
How Does IoT Security Work?

 IoT devices are any devices that can store data by connecting to the cloud.
 IoT devices need a special set of cybersecurity guidelines because of how they differ from
conventional mobile devices. They lack the benefit of built-in security guidelines seen in
mobile operating systems like iOS and Android.

 A lot of information is stored in the cloud, if an attacker manages to get access to the user's
account, it might be exploited for identity theft or privacy invasion.
 Although there isn't a single solution for IoT security, cybersecurity experts have made it their
mission to inform manufacturers and developers about secure coding practices and how to
strengthen cloud activity defences.
Importance of IoT Security
 Cyberattacks are a continual concern because of the unusual way that IoT devices are
manufactured and the enormous volume of data they process.
 IoT security is necessary, as evidenced by some high-profile cases in which a common IoT device
was an advantage to breach and attack the wider network.
 Strong IoT security is desperately needed, as seen by the regular threat of vulnerabilities, data
breaches, and other dangers related to the use of IoT devices.
 IoT security, which encompasses a broad variety of tactics, strategies, protocols, and activities
aimed at reducing the growing IoT vulnerabilities of contemporary firms, is essential for
corporations.
Benefits of IoT Security
Below are some benefits of IoT Security
  Network protection: By identifying and preventing threats like Distributed Denial of Service (DDoS)
attacks, which can disrupt and harm the whole network, security solutions may aid in the protection
of the Internet of Things as a whole.
 Privacy protection: These solutions shield user privacy from unauthorized surveillance, data theft,
and device tracking by protecting IoT devices.
 Scalability: Strong IoT security is scalable in that it can keep up with the expansion of an
organization's IoT environment and guarantee security protocols work even as the number of
connected devices rises.
 Device protection: IoT security ensures the lifetime and correct operation of devices by protecting
them from viruses, hacking, and unauthorized access.
Which Industries Need IoT Security?

IoT Security thus has a huge role in various industries because most of them are getting interconnected.
Some of the sectors that really need strong IoT Security:
 Healthcare: Even medical devices, like pacemakers, insulin pumps, and remote patient monitoring
systems, are susceptible to cyber-attacks that may result in the loss of lives.
 Manufacturing: Cyber attacks paralyze ICS/OT environments of critical infrastructure and bring
with them enormous financial losses and safety hazards.
 Energy and Utilities: This sector represents critical infrastructure that is accompanied by a high
utilization of IoT devices, powering power grids and water treatment plants, among others, making
them very attractive targets for cyber-attacks that may have catastrophic consequences.
 Transportation: Autonomous vehicles, smart traffic systems, and connected cars use vast volumes
of data, making them quite vulnerable to hacking and subsequent data breaches.
 Financial Services: IoT-related devices used in banking, payments, and financial transactions
process sensitive financial data and hence require robust security measures against fraud and data
theft.
 Retail: Point-of-sale systems, inventory management data, and customer data are all at risk if IoT
devices are compromised.
 Government: IoT security is necessary for critical infrastructure, national security, and citizen data.
 Agriculture: Cyber-attacks on smart farms and IoT-enabled equipment can affect food production
and its supply chain.
 Building Automation: Security is required for smart buildings with IoT-enabled systems against
unauthorized access and data breaches.
How to protect IoT systems and devices?

Here are the steps to secure IoT Devices

 DNS filtering: Using the Domain Name System to restrict harmful websites is known as DNS
filtering. When DNS filtering is added to a network including IoT devices, it stops such devices from
connecting to domains that are not authorized.
 Encryption: Without encryption, data transfers between IoT devices are susceptible to on-path and
external attackers while travelling over the network. Consider encryption as a means of protecting a
letter's contents during transit via the postal service, similar to an envelope.
 Device authentication: Internet of Things (IoT) devices are connected to servers, other networked
devices, and one other. All connected devices must undergo authentication to prevent unwanted
inputs or requests from third parties.
 Security of credentials: If at all feasible, IoT device admin credentials must be updated. It is
recommended to avoid sharing login credentials between various apps and devices, instead every
device should have its password. In doing so, credential-based attacks are less likely.
 Unit-3
Solution framework for IoT applications
Implementation of Device integration
 Integration refers to the process of making disparately designed programs and data operate well together.
 In the context of establishing end-to-end IoT business solutions, IoT integration means making the
combination of new IoT devices, IoT data, IoT platforms, and IoT applications — combined with IT
assets (business applications, legacy data, mobile, and SaaS) — function effectively together.
 The IoT integration is defined as the set of IoT integration capabilities that IoT project implementers
require to integrate end-to-end IoT business solutions successfully.
 There are several reasons why you might want to facilitate direct and automatic data entry into a computer
system while designing a custom application to support your organization's business processes.
 Perhaps your business has field personnel, such as sales reps or inspectors. Rather than logging data on
dedicated equipment in the field and manually transferring it to the office, these experts may utilize an
iPad to collect data, with the data automatically synchronizing to a centralized database.
 Let's look at five of the most important advantages that device integration can provide in terms of driving
more efficient procedures.
1. Improved data accuracy
An automated approach increases the accuracy of data collected by an organization, in part by removing the
danger of data being erroneously transferred or lost in transit to a centralized system. Furthermore, an integrated
approach allows for automated data validation, resulting in higher-quality data and less opportunities for human
error.
2. Greater efficiency
A process with connected devices is substantially more efficient when properly executed, allowing a team to
focus on higher-value activities rather than manually transmitting data. Because data is processed as soon as it is
collected, not only does the data collection process become more efficient, but an organization may make
judgments or act on more up-to-date data.
3. More effective decentralized team
A decentralized team can have regular access to relevant data with effective device integration, allowing the
support team to monitor and analyze data from any location. This enhanced coordination can be a major benefit
for large or small firms dispersed across the country or the globe.
4. More reliable response strategies
Automated monitoring and extensive logging are possible because of device integration, which means that a
system could trigger alert conditions in particular instances. Rather than depending solely on human inspection,
firms may verify that automated responses to specific mistake scenarios are consistent and trustworthy.
5. An increasingly rich archive of data
Collecting data allows firms the capacity to examine it afterwards, possibly even refining their business processes
further based on the data they collect, much like any database system. Device integration entails creating a
growing and interconnected repository of usable data, which can be quite valuable over time.

Data acquisition and integration

Data Acquisition and Integration for IoT
Data acquisition and integration are fundamental processes in the Internet of Things (IoT) ecosystem. They
involve collecting data from various IoT devices and sensors and then combining and transforming this data into a
unified format for analysis, storage, and decision-making.

Data Acquisition in IoT

Data acquisition is the process of gathering raw data from IoT devices. This involves several steps:
 1. Sensing: IoT devices are equipped with sensors that detect physical parameters (e.g., temperature,
pressure, humidity, light) or collect digital signals (e.g., on/off states).
2. Signal Conditioning: The raw signals from sensors might need to be processed to make them suitable for
digitization. This can involve amplification, filtering, and noise reduction.
3. Analog-to-Digital Conversion (ADC): Since most data processing is digital, analog signals from sensors
are converted into digital values.
4. Data Transmission: The digitized data is then transmitted from the IoT device to a data sink, which could
be a local gateway, edge server, or directly to the cloud. Various communication protocols are used for
this transmission, including:
o Wired: Ethernet, Serial (RS-232, RS-485)
o Wireless: Wi-Fi, Bluetooth, Zigbee, Z-Wave, LoRaWAN, NB-IoT, Cellular (LTE-M, 5G)
5. Data Formatting: The data might be formatted into specific protocols (e.g., MQTT, CoAP, HTTP) for
efficient and standardized transmission.

Technologies involved in IoT Data Acquisition:

 Microcontrollers (MCUs): These are the brains of many IoT devices, responsible for controlling sensors,
processing data, and managing communication. Examples include Arduino and ESP32.
 Single-Board Computers (SBCs): More powerful than MCUs, SBCs like Raspberry Pi can handle more
complex data processing and run operating systems.
 Data Acquisition (DAQ) Systems: Specialized hardware and software for acquiring and digitizing signals
from various sensors. These can range from simple handheld devices to complex industrial systems.
 Wireless Communication Modules: Integrated circuits or modules that handle the transmission of data
over wireless networks (e.g., Wi-Fi modules, Bluetooth chips, LoRa modules).
 IoT Gateways: Devices that act as intermediaries between IoT devices and the cloud, often performing
protocol translation, data aggregation, and edge processing.

Data Integration in IoT

Data integration is the process of combining data from various IoT devices and other relevant sources (e.g.,
enterprise systems, databases, external APIs) into a unified view. This is crucial because IoT deployments often
involve diverse devices generating data in different formats and at varying frequencies.

Key steps in IoT Data Integration:

1. Data Collection: Gathering data from the various IoT devices and other sources.
2. Data Transformation: Converting data from its original format into a consistent and usable format. This
may involve:
o Data Type Conversion: Ensuring numerical values, timestamps, and categorical data are
represented uniformly.
o Unit Conversion: Standardizing units of measurement (e.g., Celsius to Fahrenheit).
o Data Cleaning: Handling missing values, outliers, and inconsistencies.
o Data Aggregation: Summarizing or combining data points (e.g., calculating averages, sums).
o Data Enrichment: Adding contextual information to the data (e.g., device location, timestamp).
3. Data Normalization: Structuring data in a way that reduces redundancy and improves data integrity.
4. Data Storage: Storing the integrated data in a suitable data repository, which could be a:
o Time-Series Database: Optimized for storing time-stamped data (e.g., InfluxDB, TimescaleDB).
o NoSQL Database: Flexible for handling various data formats (e.g., MongoDB, Cassandra).
o Data Lake: A centralized repository for storing large volumes of raw and processed data in various
formats (e.g., AWS S3, Azure Data Lake Storage).
o Data Warehouse: A structured repository for analytical reporting (e.g., Snowflake, Amazon
Redshift).
5. Data Access and Analysis: Providing tools and interfaces for accessing and analyzing the integrated data
to derive insights and support decision-making.

Challenges in IoT Data Integration:

 Data Variety: IoT devices generate diverse data types (numerical, textual, images, video) and formats.
 Data Volume and Velocity: The sheer amount of data generated by numerous IoT devices in real-time can
be overwhelming.
 Data Silos: Data from different devices or systems might be stored in isolated systems, making integration
difficult.
  Interoperability: Devices and systems from different vendors might use different protocols and data
formats, hindering seamless communication and integration.
 Data Quality: Ensuring the accuracy, consistency, and reliability of data from various sources can be
challenging.
 Security and Privacy: Protecting sensitive data during acquisition, transmission, and integration is crucial.
 Latency Requirements: Some IoT applications require real-time data integration and analysis, which can
be challenging with large data volumes and complex transformations.
 Scalability: The data integration infrastructure needs to be scalable to handle the increasing number of
devices and data volumes over time.

Best Practices for IoT Data Acquisition and Integration:

 Develop a Comprehensive Data Strategy: Define clear goals for data acquisition and integration aligned
with business objectives.
 Choose Appropriate Protocols and Technologies: Select communication protocols and data integration
tools that are suitable for the specific IoT application requirements (e.g., latency, bandwidth, security).
 Implement Edge Computing: Process and analyze data closer to the source to reduce latency, bandwidth
usage, and cloud processing costs.
 Standardize Data Formats: Where possible, adopt common data formats and protocols to simplify
integration.
 Ensure Data Quality: Implement data validation and cleaning processes to ensure the accuracy and
reliability of the integrated data.
 Prioritize Security: Implement robust security measures at each stage of data acquisition and integration,
including encryption, authentication, and access control.
 Design for Scalability: Build a data integration infrastructure that can easily scale to accommodate future
growth in devices and data volume.
 Leverage Data Mapping and Metadata Management: Use tools and techniques to understand the
relationships between different data sources and manage metadata effectively.
 Implement Robust Error Handling and Monitoring: Set up systems to detect and handle errors during data
acquisition and integration and continuously monitor the health of the data pipelines.
 Consider Data Governance and Compliance: Adhere to relevant data governance policies and regulatory
requirements.

Device data storage- Unstructured data storage on cloud/local server

Cloud Storage for Unstructured IoT Data

Advantages:

 Scalability: IoT deployments can involve a massive number of devices generating continuous data
streams. Cloud storage offers the virtually unlimited scalability needed to handle this volume without
significant upfront investment in physical infrastructure. Services like AWS S3, Azure Blob Storage, and
Google Cloud Storage are designed for this.
 Cost-Effectiveness: For many IoT projects, especially those with fluctuating data volumes, the pay-as-you-
go model of cloud storage can be more cost-effective than maintaining a large local infrastructure.
 Accessibility and Integration: Cloud platforms provide easy access to data from anywhere and offer a wide
range of integrated services for data processing, analytics, machine learning, and AI. This is crucial for
deriving insights from IoT data.
 Managed Services: Cloud providers handle the underlying infrastructure, security, and maintenance,
reducing the operational burden on the IoT solution provider.
 Global Reach: For geographically distributed IoT deployments, cloud storage offers data centers across
the globe, potentially reducing latency for data ingestion and access.

Disadvantages:

 Latency: Depending on the application, the latency involved in sending data to and retrieving it from the
cloud might be unacceptable for real-time control and critical applications. For instance, autonomous
vehicles or industrial control systems might require immediate local data processing.
 Connectivity Dependence: Reliable internet connectivity is a prerequisite for cloud storage. IoT devices
deployed in remote or areas with poor connectivity might face challenges.
  Security and Privacy Concerns: While cloud providers have robust security measures, some organizations
might have concerns about transmitting and storing sensitive IoT data on third-party infrastructure.
Compliance with data sovereignty regulations can also be a factor.
 Data Egress Costs: Retrieving large volumes of IoT data from the cloud for processing or analysis can
lead to significant egress charges.

Local Server Storage for Unstructured IoT Data

Advantages:

 Low Latency: Local servers offer the lowest possible latency for data access, which is critical for real-time
IoT applications that require immediate processing and response. Edge computing architectures often rely
on local storage for this reason.
 Enhanced Security and Control: Organizations have direct control over the physical security and access to
data stored on their local servers, which can be a major advantage for sensitive IoT data.
 Independence from Internet Connectivity: Local storage ensures continuous data collection and access
even if internet connectivity is intermittent or unavailable. This is vital for critical infrastructure or remote
deployments.
 Predictable Costs (Long-Term): While the initial investment in hardware and setup can be high, the
ongoing costs might be more predictable in the long run compared to variable cloud storage fees,
especially for consistently high data volumes.

Disadvantages:

 Limited Scalability: Scaling local storage to accommodate the exponential growth of IoT data can be
expensive and complex, requiring significant hardware upgrades and management.
 Higher Upfront Costs and Maintenance: Setting up and maintaining local server infrastructure involves
substantial capital expenditure, as well as ongoing costs for power, cooling, IT staff, and security.
 Limited Accessibility and Integration: Accessing and integrating data on local servers with cloud-based
analytics or other services can be more complex and might require additional software and configurations.
 Responsibility for Maintenance and Security: The organization is fully responsible for the maintenance,
security, backups, and disaster recovery of its local server infrastructure.

Hybrid Approach for Unstructured IoT Data

A hybrid approach often represents the most practical solution for many IoT deployments. This involves:

 Edge Computing: Processing and storing a subset of the most time-sensitive or critical data locally at the
edge (near the devices). This addresses latency and bandwidth concerns.
 Cloud Storage for Long-Term Archival and Analytics: Transferring less time-critical unstructured data to
the cloud for scalable storage, long-term archiving, and leveraging cloud-based big data analytics and AI
services.

Key Considerations for IoT Unstructured Data Storage:

 Data Volume and Velocity: The sheer amount of data generated by IoT devices and the speed at which it's
produced are critical factors.
 Latency Requirements: Real-time applications will heavily favor local or edge storage.
 Connectivity Reliability: Remote or mobile IoT deployments need to consider the reliability of internet
access.
 Security and Compliance: The sensitivity of the data and relevant regulations will influence the choice.
 Cost: Both upfront and ongoing operational costs need to be carefully evaluated.
 Analytics and Processing Needs: Where and how the data will be analyzed will impact the storage location
decision.
Your computer’s physical capacity is no longer a factor in storage capacity. There are numerous choices for
storing your files while preserving space on your computer, phone, or tablet. You can unload files onto a physical
storage device if your devices are slow and running out of capacity. Better still, store your information to the
cloud using the latest storage technology.

Unstructured data used for?

Textual unstructured data can be searched for simple content. Traditional analytics solutions are designed to work
with highly organized relational data, therefore they're useless for unstructured data like rich media, consumer
mteractions, and social media.

Big Data and unstructured data are frequently associated: according to IDC, 90 percent of these massive
databases are unstructured. New technologies for analyzing these and other unstructured sources have lately
become accessible. Such platforms, which are powered by Al and machine learning, operate in near real-time and
educate themselves depending on the patterns and insights they unearth. These systems are being used on big
unstructured datasets to enable applications that have never been conceivable before, such as:

• Examining communications in order to ensure regulatory compliance.

• Customer social media chats and interactions are being tracked and analyzed.

• Obtaining trustworthy information on common customer behavior and preferences.

Cloud storage

Cloud storage, while not technically a device, is the newest and most adaptable sort of computer storage. The
"cloud" is a massive collection of servers situated in data centers all over the world, rather than a single location
or thing. You're saving a document on these servers when you save it to the cloud.

Because cloud storage stores everything online, it saves space by not using any of your computer's secondary
storage.

Cloud storage offers much better storage capabilities than USB flash drives and other physical choices. You won't
have to search through each device to find the proper file this way.

External hard drives and solid-state drives (HDDs and SSDs) were formerly popular because of their portability,
but they, too, fall short when compared to cloud storage. There aren't many external hard drives that are small
enough to fit in your pocket. They are still physical devices, despite being smaller and lighter than a computer's
internal storage drive. The cloud, on the other hand, may accompany you everywhere you go without taking up
physical space or exposing you to the physical risks of an external drive.

External storage devices were also popular as a speedy way to transfer files, but they’re only useful if each actual
device can be accessed. As many firms increasingly function remotely, cloud computing is flourishing.

Creating a Cloud Strategy for Unstructured Data

Unstructured data is becoming a bigger issue for businesses. A growing number of these businesses have billions
of files and storage capabilities exceeding 1 terabyte. These businesses are turning to the cloud to help them deal
with some of their unstructured data management issues.
The issue is that most cloud solutions isolate unstructured data storage into its own silo. IT must maintain this
separate silo on its own, employing a completely different storage software stack than the organization's
on-premises storage. As a result, the company runs one file system in the cloud and another on-premises.

Developing an Unstructured Data Strategy for the Cloud

When developing an unstructured data strategy that takes use of the cloud, IT must ensure that the solution can
support all cloud use cases. Unstructured data can be stored on the cloud, and cloud storage can be used as an
archive tier. They can also use cloud computing to quickly scale up thousands of processors to evaluate an
unstructured data set. Companies may also want to use the cloud to enable distributed access to a shared data set.

On-Premises Lives On!

At the same time, many enterprises will continue to rely on their on-premises processing and storage capabilities
to handle and store unstructured data volumes on a daily basis. When it comes to processing and storing
unstructured data, both on-premises and cloud storage have distinct advantages. Each organization's strategy
should ensure that both organizations' distinct talents are utilized.

Same File System Software On-Premises and in the Cloud

In an ideal world, businesses would seek out solutions that allow them to execute file system software both
on-premises and in the cloud. Because the two places are using the same software, they can communicate with
one another. It also eliminates the need for IT to learn two alternative approaches to managing the same data set
Applications can now move smoothly between on-premises and cloud environments without requiring any
changes.
Because the two instances use the same file system software, both on-premises and in the cloud, they may
collaborate. Organizations can, for example, employ the storage solution's replication software to duplicate data
to the cloud-based file system. It also means that the cloud file system can be used as an archive by the
on-premises file system. The file system software must allow the company to swiftly detect inactive material and
move it to a cloud archive storage tier to enable archiving. Archiving has become a simple issue of moving data
from one file system to another from the standpoint of the file system.
Each instance of the file system software, whether on-premises or in one of the supported cloud providers, can
take advantage of the specific capabilities accessible to it. For example, each site may have a distinct scaling
model. Because CPU resources are relatively static onpremises, the software can scale by deploying nodes with
pre-defined CPU and storage capacity Because CPU resources are available by the minute in the cloud, software
may allow for momentary, huge scaling of processing to speed up IO-intensive applications. When the job is
finished, the file system software can "return" any unused processing power.

Solving the Remote Employee Problem

Organizations can also provide distributed and secure data access by using the same software in the cloud as they
do on-premise. For instance, if a company wishes to allow a new employee to work on data from a remote
location, it can migrate the data to a cloud-based file system.
The employee can then use cloud processing to work on the data set by creating a workstation instance in the
cloud. In their remote workplace, the individual does not need to download data or have a high-powered desktop.
All of the processing and data transfer is handled by the cloud. The device that is used to connect to the cloud
workstation is similar to a terminal. Following the completion of the task by the remote worker, the business can
view the data in the cloud NAS instance or relocate it back to its on-premises instance.

Storage Swiss Take

The key to a successful cloud strategy for unstructured data is to use the same NAS software on-premises and in
the cloud so that data may flow effortlessly between the two. With this capacity, IT can take advantage of the best
of both on-premises and cloud capabilities.
 Key takeaway
Your computer’s physical capacity is no longer a factor in storage capacity. There are numerous choices for
storing your files while preserving space on your computer, phone, or tablet.
Big Data and unstructured data are frequently associated: according to IDC, 90 percent of these massive
databases are unstructured.
Cloud storage, while not technically a device, is the newest and most adaptable sort of computer storage.
The "cloud" is a massive collection of servers situated in data centers all over the world, rather than a single
location or thing.

Authentication, Authorization of devices

1. Authentication of Devices in IoT
Authentication is the process of verifying the identity of an IoT device. It answers the question: "Who is this
device?" or "Is this device who it claims to be?"

Why is Device Authentication Important in IoT?

 Preventing Unauthorized Access: Ensures that only legitimate and trusted devices can connect to the
network and interact with other devices or cloud services.
 Protecting Data Integrity: Prevents malicious devices from injecting false data into the system.
 Maintaining System Stability: Prevents compromised devices from disrupting the normal operation of the
IoT network.
 Ensuring Secure Updates: Verifies the source of software updates to prevent the installation of malicious
firmware.
 Establishing Trust: Forms the foundation for secure communication and data exchange.

Common Methods for Device Authentication in IoT:

 Pre-shared Keys (PSK): Each device is provisioned with a unique secret key that is also known by the
central authentication server or gateway. During connection, the device proves its identity by
demonstrating knowledge of this key.
o Pros: Simple to implement for smaller deployments.
o Cons: Scalability challenges for large deployments, key management can be complex, a single
compromised key can affect multiple devices.
 Digital Certificates (X.509): Each device is issued a unique digital certificate signed by a trusted
Certificate Authority (CA). The server or other devices can verify the device's identity by validating the
certificate and the chain of trust back to the CA.
o Pros: Strong security, scalable for large deployments, easier key management through certificate
lifecycle management.
o Cons: More complex to implement initially, requires a Public Key Infrastructure (PKI).
 Hardware Security Modules (HSMs) or Secure Elements (SEs): Dedicated hardware chips within the
device that securely store cryptographic keys and perform cryptographic operations. This makes it much
harder to extract or tamper with the device's identity.
o Pros: Very high level of security for key storage and cryptographic operations.
o Cons: Increased hardware cost, more complex integration.
 Trusted Platform Modules (TPM): A specialized chip on the device motherboard that can securely store
cryptographic keys, platform integrity measurements, and provide other security functionalities.
o Pros: Enhances device security and integrity.
o Cons: Requires TPM hardware on the device.
 Token-Based Authentication: After initial authentication (using one of the methods above), the device
may receive a temporary security token (e.g., OAuth 2.0 access token). Subsequent communication uses
this token for identification, reducing the need for repeated full authentication.
o Pros: Improves efficiency after initial authentication.
o Cons: Requires secure token management and storage.
 Physical Unclonable Functions (PUFs): Leveraging inherent, unique variations in the physical
manufacturing process of integrated circuits to create a unique "fingerprint" for each device. This can be
used for authentication without storing secret keys.
 o Pros: Highly secure as the "key" is physically embedded and difficult to replicate.
o Cons: Still an evolving technology, can be susceptible to environmental variations.

2. Authorization of Devices in IoT

Authorization is the process of determining what actions a successfully authenticated device is allowed to
perform and what resources it can access. It answers the question: "What is this authenticated device allowed to
do?"

Why is Device Authorization Important in IoT?

 Enforcing Least Privilege: Ensures that devices only have the necessary permissions to perform their
intended functions, limiting the potential damage if a device is compromised.
 Data Access Control: Restricts devices from accessing sensitive data they are not authorized to view or
modify.
 Preventing Unauthorized Actions: Prevents devices from performing actions that could disrupt the system
or harm other devices.
 Implementing Security Policies: Allows administrators to define and enforce security policies across the
IoT deployment.

Common Methods for Device Authorization in IoT:

 Role-Based Access Control (RBAC): Devices are assigned roles based on their function (e.g.,
temperature sensor, smart lock controller). Permissions are then associated with these roles.
o Pros: Simplifies management of permissions for a large number of devices with similar
functionalities.
o Cons: Might not be granular enough for devices with highly specific authorization needs.
 Attribute-Based Access Control (ABAC): Authorization decisions are based on attributes of the device,
the resource being accessed, and the context of the request (e.g., time of day, location).
o Pros: Highly flexible and granular control over access.
o Cons: Can be more complex to implement and manage.
 Access Control Lists (ACLs): Explicitly define which devices or users have access to specific resources
and what actions they can perform.
o Pros: Provides fine-grained control over individual resources.
o Cons: Can become difficult to manage for large and dynamic IoT deployments.
 Capabilities/Tokens: After authentication, a device might receive a capability token that grants it specific
permissions for a limited time or scope.
o Pros: Provides temporary and specific authorization.
o Cons: Requires secure management and revocation of tokens.
 Policy-Based Authorization: Centralized policy engines evaluate requests based on predefined policies to
determine if access should be granted.
o Pros: Enables consistent and centralized enforcement of security policies.
o Cons: Requires a robust policy management system.

Challenges in IoT Authentication and Authorization:

 Scalability: Managing authentication and authorization for a massive number of diverse devices can be
complex.
 Device Heterogeneity: The wide range of devices with varying capabilities and security features makes it
difficult to implement uniform security solutions.
 Lifespan of Devices: IoT devices can have long lifespans, requiring ongoing security management and updates.
 Dynamic Environments: Devices may move, join, and leave the network frequently, requiring dynamic
authentication and authorization mechanisms.

 Over-the-Air Updates: Securely updating device firmware and security credentials is crucial.
(same thing in board way if you don’t want read that’s also fine)
Authentication and authorization are two crucial components in the ongoing effort to keep Internet clients and
devices safe. Because, at its most basic level, the Internet of Things is just devices—from simple sensors to
intricate automobiles and mobile devices—connecting together to share data, these components axe critical to
any IoT project. These connections need to be protected, and authentication and authorization can help.
Although there are some parallels between the two notions, they each represent something very different in this
context:

Authentication
The process of recognizing the device is known as authentication. The authentication method for Message
Queuing Telemetry Transport (MQTT) is to ensure that the device's client ID is valid, that is, that the ID belongs
to the device in question.

Authorization
Authorization is a method of associating a certain device with specific permissions. Authorization is split into two
steps using Edge Connect:
• Associating devices with groups
• Creating a link between groups and issues
Authentication and authorization can be divided into two categories: device-based and userbased.
Let's take a closer look at each of them and how they’re used.

Device based authentication and authorization

Device-based authentication and authorization will most likely be utilized for devices that do not have operators
(or users), or for devices where the connection is not dependent on the operator. An automobile is an excellent
example: whether or not the car has user-specific communication—such as running user applications or offering
user-specific configurations— the device (i.e., the car) will most likely wish to be linked to share car-specific
information. Diagnostics, command and control, software updates, and advanced feature availability are all
examples of data that is exclusive to the car rather than the driver.

Client-side certificates saved in the automobile are used for device-based authentication and authorization.
During the TLS handshake, authentication takes place. The automobile will send up its certificate, which will be
signed by a preset signing authority, as well as information signed by its private key, as part of the handshake.
The device is authenticated after the handshake is completed, and the client ID is taken from the certificate. The
client ID for an automobile might be the vehicle identification number (VIN).

After the car has been validated and the client ID has been determined, the proper authorization groups must be
determined. A device can join an authorization group simply by connecting. Because the device in this case is a
car, all automobiles that connect will be assigned to the authorization group "car." Additional groups, just like the
client ID, can be derived from the certificate. The VIN of our car, for example, can be used to extract a range of
groups.

We already know the manufacturer in this scenario because the client has already been validated by the
manufacturer. However, the certificate/VIN can also be used to derive the brand and year. The authorization
group "B-BH” (which stands for “Brand=BH”) and the group “Y-M” (which stands for “Year=M”) would be
allocated to the car in this situation. Other fields that may include features can be retrieved and turned into groups
as well. The car's devicebased authorization groups would be something like: car, B-BH,Y-M, NAV assuming we
pulled information from another field and established that the car was a premium package with a navigation
system.

User - based authentication and authorization

The person is the focus of user-based authentication and authorization rather than the device. While a device must
still offer a unique device ID, the authorization groups in this case are determined by the user's identification.
Edge Connect supports JSON Web Tokens for this type of connection (JWT). The user will log in with
credentials on the device by sending a request to a JWT server (not included with Edge Connect); once verified
and authorized, a JWT token will be returned, as shown in Figure A below. Claims in this token include the client
ID, user, authorization groups, and an expiry date. The token is also signed to confirm that it is legitimate.

----------------------------------------------------------------------------------------
Fig3:JWT
The next step

The next step is to link these authorizations to subjects after a device or user has been authenticated and allocated
authorization groups (topics are basically named channels, or queues, that messages are published against). The
first step in the binding process is to create subject access control lists, or "topic ACLs." Topic ACLs are made up
of a topic or a topic filter (i.e., a wildcard topic) and a list (or lists) of publishers and/or subscribers. ACLs with
topic filters, publishers, and subscribers are shown in the graph below. The first ACL illustrates a typical wildcard
subject filter with PUB1 as the sole publisher and SUB1 as the single subscriber, as well as a typical wildcard
topic filter.

Any connection to the PUB1 permission group would be able to publish to any subject that met the filter's
requirements. Thus, a connection to the PUB1 permission group could publish to topic/foo, topic/bar, and
topic/foo/bar in this situation. The # wildcard means that “topic/” can be followed by any number of paths; if the
topic filter had been topic/+, topic/foo and topic/bar would have matched, but topic/foo/bar would not.

Topic Filters Publishers Subscribers

topic# PUB1 SUB1
device/%c/up SUB2
device/%c/down PUB2
user/%u/up SUB3
user/%u/down PUB3

It's worth noting that the percent c path and the percent u path are defined in two different sets of ACLs.
Permissions to the topic are granted to devices whose client ID matches percent c in the percent c ACLs. Only a
device with the client ID devOOOl would be able to publish to device/devOOOl/up for the device/percent c/up
topic. Anyone in the SUB2 authorization group might, of course, subscribe to (or read from) the topic. A
device-specific topic is what it’s termed. Only the device having an authorized client ID that matches the subject
can publish to (or subscribe to, in the second ACL) that topic.
The percent u works in the same way as the percent c, except it uses the username instead of the client ID.
User-specific themes are what they're called. The connection must send a JWT token with a username in a
claim—often the subject) claim—to obtain access to these subjects as a user. For user-based services, this form of
topic ACL is ideal. Chat is a good example of such a service because it allows users to join from their mobile
device, desktop device, and web-based device all at once. They must all have unique client IDs, but they're all
serving the same person. As a result, it’s a user-specific subject.

All ACLs are examined while determining permissions, therefore one or more ACLs may apply to a certain topic.
There are five ACLs in all, as shown in the chart below, with the subject my/topic/foo/bar matching three of them.
Publ, pub2, and subl, sub2, sub3 are the publishers and subscribers in this scenario, accordingly. The
authorization groups are cumulative when more than one ACL is matched, as seen below.

Topic Filters Publishers Subscribers

topic# publ subl
my/topic/# publ, pub2 subl
my/topic/+/bar sub2
my/topic/foo/+ Sub3
my/topic 1/foo/bar pub4 sub4

Key takeaway
Authentication and authorization are two crucial components in the ongoing effort to keep Internet clients and
devices safe. Because, at its most basic level, the Internet of Things is just devices—from simple sensors to
intricate automobiles and mobile devices—connecting together to share data, these components are critical to any
IoT project.

The process of recognizing the device is known as authentication.

Authorization is a method of associating a certain device with specific permissions.