INTERNET

OF
THINGS(IOT)
Presented By:
Biponjot Kaur
18-306
M.E. CSE 2 nd year
 INTRODUCTION
 Where everything can be connected via a
sensor and connectivity to enable that
‘Thing’ to participate in the larger ‘network
ecosystem’ where machines can virtually
talk to each other can be called as the
Internet of Things (“IoT”).
 The result being: “Seamless integration of
devices which can communicate with
each other and undertake activities useful
to human beings - Internet of Things”.
 IoT COMPONENTS
1. Sensors/Devices: Sensors or devices help in collecting very minute data from the surrounding
environment.
2. Connectivity: Collected data is sent to a cloud infrastructure. The sensors can be connected to the
cloud through cellular networks, satellite networks, Wi-Fi, Bluetooth, wide-area networks (WAN), low
power wide area network and many more.
3. Data Processing: Once the data is collected and it gets to the cloud, the software performs processing
on the acquired data.
4. User Interface: The information made available to the end-user in some way. This can achieve by
triggering alarms on their phones or notifying through texts or emails.
 APPLICATIONS
1. HOME AUTOMATION:
◦ Smart Lighting : Smart lighting for homes helps in saving energy by adapting the lighting to the
ambient conditions and switching on/off or dimming the lights when needed.
◦ Intrusion Detection : Home intrusion detection systems use security cameras and sensors (such as
PIR sensors and door sensors) to detect intrusions and raise alerts.
◦ Smoke/Gas Detectors : Smoke detectors are installed in homes and buildings to detect smoke that
is typically an early sign of fire.

2. CITIES:
◦ Smart Parking : Finding a parking space during rush hours in crowded cities can be time consuming
and frustrating.
◦ Smart Roads : Smart roads equipped with sensors can provide information on driving conditions,
travel time estimates and alerts in case of poor driving conditions, traffic congestions and
accidents.
◦ Structural Health Monitoring : Structural Health Monitoring systems use a network of sensors to
monitor the vibration levels in the structures such as bridges and buildings.
3. ENVIRONMENT :
◦ Weather Monitoring: loT-based weather monitoring systems can collect data from several sensor
attached (such as temperature, humidity, pressure, etc.) and send the data to cloud-based
applications and storage back-ends.
◦ Air Pollution Monitoring : loT based air pollution monitoring systems can monitor emission of
harmful gases (C02, CO, NO, N02, etc.) by factories and automobiles using gaseous and
meteorological sensors.
◦ River Floods Detection: loT based river flood monitoring system use a number of sensor nodes
that monitor the water level (using ultrasonic sensors) and flow rate (using the flow velocity
sensors).

4. RETAIL :
◦ Inventory Management : RFID tags attached to the products allow them to be tracked in real-
time so that the inventory levels can be determined accurately and products which are low on
stock can be replenished.
◦ Smart Payments : Smart payment-solutions such as contact-less payments powered by
technologies such as Near field communication (NFC) and Bluetooth. Customers can store the
credit card information in their NFC-enabled smart-phones and make payments by bringing the
smart-phones near the point of sale terminals.
5. AGRICULTURE:
◦ Smart Irrigation: Smart irrigation systems use loT devices with soil moisture sensors to determine the
amount of moisture in the soil and release the flow of water through the irrigation pipes only
when the moisture levels go below a predefined threshold.
◦ Green House Control : The temperature, humidity, soil moisture, light and carbon dioxide levels
are monitored using sensors and the climatological conditions are controlled automatically using
actuation devices (such as valves for releasing water and switches for controlling fans).

6. INDUSTRY:
◦ Machine Diagnosis & Prognosis: Machine prognosis refers to predicting the performance of a
machine by analyzing the data on the current operating conditions and how much deviations
exist from the normal operating conditions.
◦ Indoor Air Quality Monitoring : Monitoring indoor air quality in factories is important for health and
safety of the workers. Harmful and toxic gases such as carbon monoxide (CO), nitrogen
monoxide (NO), Nitrogen Dioxide (N02), etc., can cause serious health problems. loT based gas
monitoring systems can help in monitoring the indoor air quality using various gas sensors.
7. HEALTH & LIFESTYLE :
◦ Health & Fitness Monitoring: Wearable loT devices that allow continuous monitoring of
physiological parameters can help in continuous health and fitness monitoring.
Commonly uses body sensors include body temperature, heart rate, pulse oximeter
oxygen saturation (SP02), blood pressure, electrocardiogram (ECG), movement (with
accelerometers), and electroencephalogram (EEG).
◦ Wearable Electronics : Wearable electronics such as wearable gadgets (smart
watches, smart glasses, wristbands, etc.) and fashion electronics (with electronics
integrated in clothing and accessories, (e.g., Google Glass or Moto 360 smart watch)
provide various functions and features to assist us in our daily activities and making us
lead healthy lifestyles.
 ATTACKS
◦ Attacks are actions taken to harm a system or disrupt normal operations by exploiting
vulnerabilities using various techniques and tools.
◦ Active network attacks to monitor unencrypted traffic in search of sensitive information;
◦ Passive attacks such as monitoring unprotected network communications to decrypt
weakly encrypted traffic and getting authentication information; close-in attacks;
exploitation by insiders, and so on.
 CYBER ATTACKS IN IoT
1. PHYSICAL ATTACKS: This sort of attack tampers with hardware components. Due to the
unattended and distributed nature of the IoT, most devices typically operate in outdoor
environments, which are highly susceptible to physical attacks.
2. DENIAL-OF-SERVICE (DOS): This kind of attack is an attempt to make a machine or network
resource unavailable to its intended users. Due to low memory capabilities and limited
computation resources, most devices in IoT are vulnerable to resource enervation attacks.
3. ACCESS ATTACKS – unauthorized persons gain access to networks or devices to which they have
no right to access. There are two different types of
◦ access attack: the first is physical access, whereby the intruder can gain access to a physical
device.
◦ The second is remote access, which is done to IP-connected devices.
4. ATTACKS ON PRIVACY: Privacy protection in IoT has become increasingly challenging due
to large volumes of information easily available through remote access mechanisms. The
most common attacks on user privacy are:
 Data mining: enables attackers to discover information that is not anticipated in certain
databases.
 Cyber espionage: using cracking techniques and malicious software to spy or obtain
secret information of individuals, organizations or the government.
 Eavesdropping: listening to a conversation between two parties.
 Tracking: a user's movements can be tracked by the devices unique identification
number (UID). Tracking a user's location facilitates identifying them in situations in which
they wish to remain anonymous.
 Password-based attacks: attempts are made by intruders to duplicate a valid user
password. This attempt can be made in two different ways:
a) dictionary attack – trying possible combinations of letters and numbers to guess user
passwords;
b) brute force attacks – using cracking tools to try all possible combinations of passwords
to uncover valid passwords.
 LEGAL ISSUES & CONCERNS
1. PRIVACY AND DATA PROTECTION
◦ The moment multiple devices are able to communicate with each other there is an enormous
amount of data that will be transferred and communicated between the devices and its users.
◦ This would also result in the sharing of personal information thereby raising concerns in relation to
privacy and data protection.
◦ Data protection of individual personal information are covered under the Information
Technology Act, 2000 (“ITA”) and the “Reasonable practices and procedures and sensitive
personal data or information Rules, 2011” (“Rules”) issued under Section 43A of the ITA (as
amended).
◦ Section 43A of the ITA, deals with protection of data in electronic medium by providing that
when a body corporate is negligent in implementing and maintaining ‘reasonable security
practices and procedures’ in relation to any ‘sensitive personal data or information’ and such
negligence causes wrongful loss or wrongful gain to any person, such entity shall be liable to
pay damages by way of compensation to the person so affected.
2. PATENTS
◦ For IoT and its convergence to exist and function properly, devices need to communicate
with each other for which devices need to use standardized technology.
◦ However, if standardized technologies are patented then it will create obstacles for the
development of IoT as any party adopting standardized technology will end up infringing
patents of third-party patent owners.
◦ The standard setting organization need to impose a condition on the SEP(standard
essential patents) owner to license their patents to third parties on fair, reasonable and
non-discriminatory (“FRAND”) terms.
◦ software by itself is not patentable in India. However, certain computer related inventions,
which involve software could be patentable in India but would need to be examined
considering the “Guidelines for Examination of Computer Related Inventions” issued by the
Indian Patent Office.
3. NET NEUTRALITY
◦ Network neutrality is the principle that all internet traffic is treated the same, regardless of
its nature or destination.
◦ Under this principle no data can be prioritized over another. It means Internet Service
Provider’s (“ISP”) can’t discriminate between different kinds of content.
◦ One of the most critical aspects for the success of IoT is the convergence of different
services, networks and applications which are integrated seamlessly.
◦ Without Net neutrality, this will be a big challenge, as service providers will have control
over what services, applications and devices can use their networks to communicate
with others.
◦ When the regulator passed its recommendations last year, it carved out two broad
categories of services that would be exempt from the net neutrality rules.
◦ The first are “critical IoT services” such as autonomous vehicles and remote surgery
operations and the second are what TRAI boss R S Sharma calls “specialized services”.
4. DATA OWNERSHIP
◦ The architectural landscape of IoT brings its own set of data ownership issues.
◦ As devices will be seamlessly connected and communicating with each other, a large
amount of data will be generated.
◦ Under traditional copyright law principles, a joint ownership in a copyright work is created
when a work is prepared by two or more authors with an intention that their contributions
should be merged.
◦ One argument that can be made is that the mere fact that two entities let their devices
interact with each other and create data could reflect the intention of the parties to
create joint ownership.
◦ However, there is no settled jurisprudence on this subject in relation to IoT and its
convergence under Indian laws.
◦ Further, issues may get more complicated and murkier when there are multiple devices
interacting with each other which results in the creation of data.
5. SECURITY
◦ IoT and its convergence provides hackers with more vulnerabilities to exploit and create
significant security risks.
◦ Such risks could take a variety of forms, depending on the nature of the data and devices
in question
◦ The best way to address security issues in devices is at the designing stage itself and to
constantly update the devices from potential new threats.
◦ In addition, legal and legislative developments also need to take place in order to address
the above-mentioned security issues.
6. JURISDICTION
◦ One of the primary issues that would arise in a dispute between the device manufacturers or
between the device manufacturer and the user is jurisdiction.
◦ The reason being when multiple devices are involved there is a possibility that such devices
could be located at different locations and in some cases outside the territorial limits of a
country.
◦ Below are certain provisions of Indian laws which provide for extra territorial jurisdiction.
◦ Information Technology Act Section 1(2) of such Act read along with Section 75 provides
that:
• the Act shall extend to the whole of India and, save as otherwise provided under the Act,
it shall apply also to any or contravention thereunder committed outside India by any
person and
• the Act shall apply to any offence or contravention committed outside India by any
person if the act or conduct constituting the offence or contravention involves a
computer, computer system or computer network located in India.
◦ Indian Penal Code, 1869 (“IPC”): Section 3 of the IPC provides that any person who is liable,
by any Indian law, to be tried for an offence committed beyond India shall be dealt with
according to the provisions of the IPC for any act committed beyond India in the same
manner as if such act had been committed within India.
7. PRODUCT LIABILITY AND CONSUMER PROTECTION
◦ Product liability is the area of law in which manufacturers, distributors, suppliers, retailers,
and others who make products available to the public are held responsible for the injuries
those products cause to property and bodily harm.
◦ If an IOT device malfunctions, or if data or software is compromised or lost, individuals
and businesses may suffer devastating losses.
◦ To strict liability and related torts, India has a number of legislations including the Consumer
Protection Act, 1986, the Legal Metrology Act, 2009, that protect consumers against
defective products, deficient services, anti-competitive practices and prices, deceptive
marketing (in the case of hazardous goods), among other things.
◦ These consumer-oriented laws also provide for special courts / forums that work on a fast
track basis and protect and allow consumers to sue and obtain remedies easily when sold
defective products.