7026CEM Assignment Help
Security of Emerging Connected Systems Assignment help
Task and Mark Distribution
In this report you are required to review and critically analyse a
recent
security issue in an IoT Device. You will discus the issue itself, thesecurity policy decisions that lead to the breach, and the legal factors involved.
Task
For this coursework you are required to research a
recent
IoT based security issue, and report on it. You are free to pick a securityincident of your choice, as long as it is related to connected systems. Some examples include:
Ring Doorbell, leaking information to third parties. https://www.eff.org/deeplinks/2020/01/ring-doorbell-app-packed-third-party-trackers
Mirai Botnet targeting IoT Devices. https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/antonakakis
TRENDnet webcam issues https://insuretrust.com/2017/12/18/security-vulnerabilities-discovered-security-cameras-routers/
The report should contain the following section.
Discussion of Issue (40%)
In this section you are expected to discuss, and the issue that you have chosen. You should research the topic, and make use of theliterature to support the claims and statement you make.
Provide an overview of the problem, and its impact.
You are also expected to discuss the causes of the problem. What was it that caused the security flaw? How were attackers able to exploitit. You should analyse the flaw in the wider security context, for example how it would fit into the OWASP top 10.
You should discuss the impact of the security flaw on the organisation and customers. For example, what information was made availableby the hack? What was the extent of the data breach or exploit.
Discussion of Laws and Legal Factors (50%)
Attacks on IoT Devices often leak PII, discuss the legal background attack you have chosen.
What laws, regulations, in UK and US that are concerned with such leakage. Consider legal aspects, penalties, legal implications, and thelegal consequences on the related parties; the attacker, the system developer or vendor, the distributor (e.g. re- seller) and the end user.
UK Law understanding and coverage: coverage of all applicable legal aspects and a demonstration of a good understanding of therelevant legislation and the applicable legal consequences or penalties resulting from the legislation.
International Law understanding and coverage for both pieces: coverage of key aspects to be considered and the applicable legalconsequences or penalties.
Style (10%)
Your Report should be suitable for
non-technical management
, and make use of appropriate structure and language.
You
are expected
to use references to support the arguments and analysis you make.
Leave A Comment