Balancing Innovation and Regulation in IoT: Ensuring Security, Privacy, and Sustainability

* What role should government regulations play in IoT infrastructure development to balance innovation, security, privacy, public safety, and sustainability? * How can regulators strike a balance between setting standards that ensure security and privacy without stifling innovation in the IoT sector? @IoT Cloud @PCB & Analog
13 Replies
accur4te
accur4te6mo ago
First ig they should Mandate some level of encryption , in order to deny third party access to the iot system
Joseph Ogbonna
Joseph Ogbonna6mo ago
Any idea on the encryption type and how it can be incorporated
accur4te
accur4te6mo ago
asper nsit - ascon is the leading tech in lightweight cryptography - https://ascon.iaik.tugraz.at/
Ascon – Authenticated Encryption and Hashing
Ascon - A Family of Authenticated Encryption Algorithms
Enthernet Code
Enthernet Code6mo ago
Yes based on the outline the course would help you get well grounded on atmega32 chip
accur4te
accur4te6mo ago
okay got it , thanks a lot
accur4te
accur4te6mo ago
@Joseph Ogbonna here are the benchmarks for basic dev boards like esp32 , arduino and stm
accur4te
accur4te6mo ago
Ascon – Implementations
Ascon - A Family of Authenticated Encryption Algorithms
Joseph Ogbonna
Joseph Ogbonna6mo ago
What's your thoughts on this @LMtx
Ming
Ming6mo ago
From an European perspective, I think it is good to ensure some kind of protection for the end user - it is too easy to cut costs and ignore security and supportability. Unfortunately, having created devices under that concept, the implementation is managed by pen-pushers who don’t actually understand the problem and so it turns into a box ticking exercise. I spent a load of time doing security hardening on a system only to be told it was pointless because the guidelines didn’t say the system had to actually be secure, they just needed to have had a risk assessment!
Joseph Ogbonna
Joseph Ogbonna6mo ago
🤔 hmm, can you elaborate little on the risk assessment and the system not having need to be secured. Doesn't this make the device to be vulnerable ?
Ming
Ming6mo ago
It was not that the device didn’t need security, it was more that the guidelines seemed to have written by people who didn’t actually understand security. The tick box was along the lines of “have you done a risk assessment?” It made no comment about actually finding any issues and fixing them.
My (non-procedural view) was that I could have answered, “yes, I have done a risk assessment and we found a whole load of issues - but so what, we followed the procedure. “ I will admit to be a little cynical as I have had to deal with paperwork and procedures written by non-techies for too many years.
Joseph Ogbonna
Joseph Ogbonna6mo ago
I would say that the governing body and regulators should seek expert advice before putting in policies in place, because it might hinder upcoming innovations.
Ben
Ben6mo ago
Iot firms can be deliberate. This can be done by having a joint alliance. For example in blockchain security in the web3 space, major auditing companies came together to develop standards , best practices, etc that conforms to current industry trends Government policies and regulations can outrightly affect the space, so they should be advised accordingly.
Want results from more Discord servers?
Add your server