The Internet of Things (IoT) is the interconnection of physical devices, vehicles (also known as "connected devices" and "smart devices"), buildings and others objects. integrated with electronics, software, sensors, actuators, and network connectivity that allow these objects to collect and exchange data.3. Security Issues and Vulnerabilities “However, as we connect more and more devices to the Internet, everything from the thermostat to the toilet to the front door itself can create a potential new opening for electronic intruders.” – MIT Technology Review, August 2013 • Usage data can reveal whether a person is in the home or not • Automated home system can be hacked, allowing intruders to enter home • Video feeds of homes allow attackers to access private information about individuals3 .1 IoT Security: Trends, Issues, and Challenges3.2 Security and Privacy Challenges for the Internet of Things3.3 Unique Challenges for IoT Security• IoT relies on microcontrollers with memory and storage power limited computation o This often makes it impractical to implement approaches designed for powerful computers o This in turn requires that captive IoT devices be hidden behind secure gateways• Threats based on physical access to IoT devices• How to initiate trust and security and ways where this can reveal• Evolving technology o More powerful Systems on Chip (SOC) incorporating hardware security support o Ecliptic Curve Cryptography with reduced computational demands • Everything exposed to the Internet must be securely software upgradeable • The user experience must be good enough to avoid becoming a weak link in the chain • The need to keep up to date with security best practices......middle of paper......tainer (software), Trusted Platform Module, hardware coprocessors, secure memory mapping, and cryptographic code execution operations. Virtualization-based security agent: Hypervisors in virtualized environments are widely used to transparently enforce security policies across enterprise and cloud applications in enterprise IT and cloud computing environments. Gateway-based security agent: When it is not possible to add security to an endpoint, as is the case with legacy systems, a security system gateway or bump-in-the-wire that implements the security agent function as a node can be implemented physically separate network to protect this type of endpoint and its communications. Because the security agent is not physically located on the same endpoint it protects, advanced security features such as secure boot attestation or application whitelisting on that endpoint cannot be easily implemented.