1. Structure of EXBeacon platform
EXBeacon platform is comprised with the terminals deployed at the site to configure LAN, and collected data from BLE tag and the sensors are uploaded on to EXCloud through gateway (EXGateway).
In order to assure the security in the system, WHERE breaks it down to create 2 groups (Real/Cyber) and 5 technology layers in total and put the security measures against the possible threats in each area and the space between areas, including communication between areas. Needless to say, WHERE makes continuous improvement of the technology itself.
2. Possible threats
(1) Threats in real node group and the countermeasure policy
Real node group consists of 1. BLE tag and the sensors, 2. EXBeacon, 3. EXGateway. These nodes exist in the real space of user environment and collect the real data.
Data from real node includes terminal ID, sensor data and other group of information that doesn’t provide any important meanings themselves. In this way, the possible threats in this area should be falsification/destruction of data caused by the hardware itself and the policy for the security measure must be the maintenance of the node itself.
However, even falsification or destruction happens to the data from the hardware, if they are detected without delay, it should not become a big incident, and the appropriate countermeasure should be taken, considering the effect/cost balance.
(2) Threats in cyber node group and the countermeasure policty
Cyber node group on the cloud side consists of 4. EXCloud/EXServer and 5. technology layer of AppServer and the multiple servers.
These cyber nodes analyze/process the big data collected in the real space and transform them into important and meaningful information. The mission of these nodes is to feed such information back to the real space as the real site support service or to provide them as the insight information for the management. In this sense, the biggest security threat is information leakage.
Most important security measure in this situation is to prevent the leakage of information. WHERE understands it highly important to update the countermeasures constantly, utilizing the latest technologies in communication security and web security.
3. Security technology of WHERE
(1) Technology in real node group
As for 1. BLE tag and sensors, when the data is rewritten, WHERE original physical trigger is installed in the terminals to prevent the false access from outside.
Invasion detecting and electronic watermark are implemented in 2. EXBeacon and 3. EXGateway to prevent the false alteration of program, while operating “real-time self-soundness verification” by constantly watching the action within the program by themselves.
EXGateway, as it directly communicates with servers, confirms the authenticity of the access point by verifying the server certification.
(2) Technology in cyber node group
As for the security measures for cyber node group, WHERE watches the security trend regarding internet and web server and follows the latest technology to use form authentication, access control, session management, anti-cross site scripting and anti-SQL injection. Several countermeasures such as encryption and closure are implemented in the communication route at the same time.