The proposed research aims to study the wider field of Cybersecurity and Applied Cryptography on the Internet of Things (IoT). As is well known, the use of technologies to cover all kinds of daily human activity with digital media and tools, as well as the available technological advances in the field of telecommunications, software and sensors made possible the creation and operation of the Internet of Things. Up to now more than 13.8 billion interconnected devices (entities), describes a world where all devices worldwide will be connected to the Internet for data collection (and potential processing) and the ability to take action if required. IoT technology is directly related to both cybersecurity technology and technologies related to Big Data management and Machine Learning. The IoT connections concerning the physical layer are mostly wireless. In order to be able to communicate with an ecosystem, wired or even hybrid solutions are used in some cases. As the use of IoT devices is not limited to sensor telemetry applications, but often includes critical real-time systems, with applications in vehicles, ships, aircraft and even industry, medical equipment, etc., the device protection and the protection of the data they exchange with the systems interconnected with them is imperative.
In contrast, traditional cybersecurity methods of computer systems have limited application in IoT devices, due to the limitations imposed by their following constrains:
· Limited processing power:
The majority of these devices use low-power devices, with low computing capabilities as their low consumption and low manufacturing costs are paramount.
· Limited capabilities of Built-in OS:
Most of the devices use integrated operating systems, with limited capabilities, with little support / upgrade in relation to their life time.
· Heterogeneity of devices in terms of hardware and software:
In today's global market there is a great heterogeneity of devices both in terms of hardware and in terms of software and protocols. This is due to the enormous
number of manufacturers and the wide range of applications of these devices, which range from very simple data collection tasks to complex critical real-time systems.
Summarizing the above, it is realized that the vulnerabilities that exist in many IoT devices, combined with the high frequency of attacks and the ever-increasing attack area, result in increased risk and consequently the huge economic or social impact of an attack.
The purpose of this thesis is to analyze, design and implement a secure IoT operating mechanism, using high security procedures, policies and technologies, to enhance the
confidentiality, integrity, availability and protection of the Internet and interconnected devices. From the outset, emphasis will be placed on information confidentiality, as most security incidents involve unauthorized access to systems and data. Finally, in addition to the scientific parameters and characteristics of the chosen solution, significant weight will be given to the degree of efficiency both at the level of initial cost CapEx and operating cost OpEx