Page 449 - Shaping smarter and more sustainable cities - Striving for sustainable development goals
P. 449
6 SSC components and their vulnerabilities
Network infrastructure
The network infrastructure of SSC should ensure the safety and reliability of communication,
including various network forms (e.g. cellular network, Internet, satellite network, government and
enterprise intranets, among others). The vulnerabilities of these networks will be inherited by the
network infrastructure of SSC and possibly amplified, given the additional complexity of the SSC
architecture.
Vulnerabilities of the network infrastructure in SSC may be present in the following areas:
There is wide variety of devices involved in a SSC network. A peak of network accesses in a
short time might lead to network congestion, a situation favorable to potential attackers. In
these cases, authentication and key generation mechanisms can produce further network
resource consumption.
Internet or next‐generation Internet will be the core carrier of network infrastructure of SSC.
Denial of service (DoS) and distributed denial of service (DDoS) attacks across the Internet
still exist, hence the need to adopt more robust preventive measures and disaster recovery
mechanisms, also taking into account the heterogeneity of technical equipment and their
protection capabilities.
The heterogeneity of the network architectures will produce additional vulnerabilities,
particularly in network authentication.
The separation of sensor networks and communication networks will create new security
risks. Theft, tampering, counterfeiting information, can disrupt the communication between
different types of the network.
Cloud computing facilities
Due to the high concentration of users and information resources, the security consequences of
cloud delivery are much higher than traditional delivery models. The security issues faced by cloud
computing technology are as follows:
Data concentration security issues
o Cloud computing systems will affect the storage, processing and transmission of user
data. If the privacy information is lost or stolen, the user could be seriously impacted.
Cloud computing has introduced new types of security challenges, such as how to ensure
the security of cloud service management and access control mechanisms inside the
security provider, how to implement effective security audits, security monitoring for
data manipulation, as well as how to avoid the potential risk of multi‐user coexistence in
a cloud computing environment.
Data availability in the cloud
o User data and business applications are hosted in the cloud computing system.
Therefore, business processes are dependent on the service provider's general reliability,
in terms of service continuity, service level agreement (SLA) and security policies, as well
as user data protection and recovery in case of an incident.
Internet of Things
IoT describes the capability of devices, provided with embedded sensors, to be connected via an IP
address to the Internet, and exchange data with a remote system.
ITU‐T's Technical Reports and Specifications 439
