By 2020, the Internet of Things (IoT) will consist of millions of computational devices intimately connected to real-world aspects of human life. In this insightful book, Professor Sean Smith, who worked in information security long before the web appeared, explains that if we build the IoT the way we built the current internet and other information technology initiatives, we’re headed for trouble.
With a focus on concrete solutions, The Internet of Risky Things explains how we can avoid simple flaws that have plagued several dramatic IT advances in recent decades. Developers, engineers, industrial designers, makers, and researchers will explore "design patterns of insecurities" and learn what’s required to route around or fix them in the nascent IoT.
Examine bugs that plague large-scale systems, including integer overflow, race conditions, and memory corruption
Look at successful and disastrous examples of previous quantum leaps in health IT, the smart grid, and autonomous vehicles
Explore patterns in coding, authentication, and cryptography that led to insecurity
Learn how blunders that led to spectacular IT disasters could have been avoided
Chapter 1Brave New Internet
Worst-Case Scenarios: Cyber Love Canal
Inevitable and Unfortunate Decay
The IoT’s Impact on the Physical World
The Physical World’s Impact on the IoT
Worst-Case Scenarios: Cyber Pearl Harbor
Where to Go Next
Chapter 2Examples and Building Blocks
Architectures for an IoT
The Bigger Picture
Chapter 3The Future Has Been Here Before
Smart Health IT
Not Repeating Past Mistakes
Chapter 4Overcoming Design Patterns for Insecurity
Anti-Pattern: Doing Too Much
Anti-Pattern: Coding Blunders
Anti-Pattern: Authentication Blunders
Anti-Pattern: Cryptography Blunders
A Better Future
Chapter 5Names and Identity in the IoT
Who Is That, Really?
The Standard Cryptographic Toolkit
The Newer Toolkit
Chapter 6The Internet of Tattletale Devices
When Things Betray Their Owners
Emerging Infrastructure for Spying
Getting What We Want
Chapter 7Business, Things, and Risks
How the IoT Changes Business
Profit and Safety
When the User Is the Product
Profit and Technological Choices
Businesses and Things and People
Chapter 8Laws, Society, and Things
When Technology Evades Law
When Law Stops Scrutiny of Technology
When New Things Don’t Fit Old Paradigms
Chapter 9The Digital Divide and the IoT
How Digital Divides Emerged in the IoC
How Digital Divides May Continue in the IoT
When IT Is Required to Support Basic Rights
The IoT Enforcing Preexisting Socioeconomic Divides
Professor Sean Smith has been working in information security--attacks and defenses, for industry and government--since before there was a Web. In graduate school, he worked with the US Postal Inspection Service on postal meter fraud; as a post-doc and staff member at Los Alamos National Laboratory, he performed security reviews, designs, analyses, and briefings for a wide variety of public-sector clients; at IBM T.J. Watson Research Center, he designed the security architecture for (and helped code and test) the IBM 4758 secure coprocessor, and then led the formal modeling and verification work that earned it the world's first FIPS 140-1 Level 4 security validation.
In July 2000, Sean left IBM for Dartmouth, since he was convinced that the academic education and research environment is a better venue for changing the world. His current work, as PI of the Dartmouth Trust Lab and Director of Dartmouth's Institute for Security, Technology, and Society investigates how to build trustworthy systems in the real world.
At Dartmouth, many of his courses have been named "favorite classes" by graduating seniors. His book Trusted Computing Platforms: Design and Applications (Springer, 2005) provides a deeper presentation of this research journey; his book The Craft of System Security (Addison-Wesley, 2007) resulted from the educational journey.
Sean has published over one hundred refereed papers; been granted over a dozen patents; and advised over three dozen Ph.D., M.S., and senior honors theses. He and his students have won several "Best Paper" awards.
Sean was educated at Princeton and CMU, and is a member of Phi Beta Kappa and Sigma Xi.