scholarly journals Apparatus: Reasoning About Security Requirements in the Internet of Things

2016 ◽  
pp. 219-230 ◽  
Author(s):  
Orestis Mavropoulos ◽  
Haralambos Mouratidis ◽  
Andrew Fish ◽  
Emmanouil Panaousis ◽  
Christos Kalloniatis
Keyword(s):  
Internet Of Things ◽  
Security Requirements ◽  
The Internet ◽  
The Internet Of Things

scholarly journals A systematic Study of Security Challenges and Infrastructures for Internet of Things

2018 ◽  
Vol 7 (4.36) ◽  
pp. 700
Author(s):  
N. Koteswara Rao ◽  
Gandharba Swain
Keyword(s):  
Internet Of Things ◽  
Secure Communication ◽  
Smart Cities ◽  
Security Requirements ◽  
The Internet ◽  
Security Challenges ◽  
Authentication And Authorization ◽  
New Applications ◽  
Privacy And Anonymity ◽  
The Internet Of Things

The proliferation of smart objects with capability of sensing, processing and communication has grown in recent years. In this scenario, the Internet of Things (IoT) connects these objects to the Internet and provides communication with users and devices. IoT enables a huge amount of new applications, with which academics and industries can benefit, such as smart cities, health care and automation. In this environment, compose of constrained devices, the widespread adoption of this paradigm depends of security requirements like secure communication between devices, privacy and anonymity of its users. This paper presents the main security challenges and solutions to provide authentication and authorization on the Internet of Things. 

A Survey of Authentication Schemes in the Internet of Things

2019 ◽  
Vol 6 (1) ◽  
pp. 15-30 ◽  
Author(s):  
Yasmine Labiod ◽  
Abdelaziz Amara Korba ◽  
Nacira Ghoualmi-Zine
Keyword(s):  
Internet Of Things ◽  
Security Requirements ◽  
Security And Privacy ◽  
The Internet ◽  
Privacy And Security ◽  
Depth Study ◽  
Authentication Schemes ◽  
Iot Devices ◽  
Privacy Issues ◽  
The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

scholarly journals Security Requirements for the Internet of Things: A Systematic Approach

Sensors ◽  
2020 ◽  
Vol 20 (20) ◽  
pp. 5897
Author(s):  
Shantanu Pal ◽  
Michael Hitchens ◽  
Tahiry Rabehaja ◽  
Subhas Mukhopadhyay
Keyword(s):  
Internet Of Things ◽  
Systematic Approach ◽  
Security Requirements ◽  
Security And Privacy ◽  
Smart Devices ◽  
The Internet ◽  
Systematic Analysis ◽  
Prime Concern ◽  
Smart Cars ◽  
The Internet Of Things

There has been a tremendous growth in the number of smart devices and their applications (e.g., smart sensors, wearable devices, smart phones, smart cars, etc.) in use in our everyday lives. This is accompanied by a new form of interconnection between the physical and digital worlds, commonly known as the Internet of Things (IoT). This is a paradigm shift, where anything and everything can be interconnected via a communication medium. In such systems, security is a prime concern and protecting the resources (e.g., applications and services) from unauthorized access needs appropriately designed security and privacy solutions. Building secure systems for the IoT can only be achieved through a thorough understanding of the particular needs of such systems. The state of the art is lacking a systematic analysis of the security requirements for the IoT. Motivated by this, in this paper, we present a systematic approach to understand the security requirements for the IoT, which will help designing secure IoT systems for the future. In developing these requirements, we provide different scenarios and outline potential threats and attacks within the IoT. Based on the characteristics of the IoT, we group the possible threats and attacks into five areas, namely communications, device/services, users, mobility and integration of resources. We then examine the existing security requirements for IoT presented in the literature and detail our approach for security requirements for the IoT. We argue that by adhering to the proposed requirements, an IoT system can be designed securely by achieving much of the promised benefits of scalability, usability, connectivity, and flexibility in a practical and comprehensive manner.

scholarly journals An Autonomous Log Storage Management Protocol with Blockchain Mechanism and Access Control for the Internet of Things

Sensors ◽  
2020 ◽  
Vol 20 (22) ◽  
pp. 6471
Author(s):  
Chien-Lung Hsu ◽  
Wei-Xin Chen ◽  
Tuan-Vinh Le
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Private Information ◽  
Cyber Security ◽  
Storage Management ◽  
Communication Process ◽  
Security Requirements ◽  
The Internet ◽  
Management Protocol ◽  
The Internet Of Things

As the Internet of Things (IoT) has become prevalent, a massive number of logs produced by IoT devices are transmitted and processed every day. The logs should contain important contents and private information. Moreover, these logs may be used as evidences for forensic investigations when cyber security incidents occur. However, evidence legality and internal security issues in existing works were not properly addressed. This paper proposes an autonomous log storage management protocol with blockchain mechanism and access control for the IoT. Autonomous model allows sensors to encrypt their logs before sending it to gateway and server, so that the logs are not revealed to the public during communication process. Along with blockchain, we introduce the concept “signature chain”. The integration of blockchain and signature chain provides efficient management functions with valuable security properties for the logs, including robust identity verification, data integrity, non-repudiation, data tamper resistance, and the legality. Our work also employs attribute-based encryption to achieve fine-grained access control and data confidentiality. The results of security analysis using AVSIPA toolset, GNY logic and semantic proof indicate that the proposed protocol meets various security requirements. Providing good performance with elliptic curve small key size, short BLS signature, efficient signcryption method, and single sign-on solution, our work is suitable for the IoT.

Security in the Internet of Things

2018 ◽  
pp. 105-121
Author(s):  
Ahmed Maarof ◽  
Mohamed Senhadji ◽  
Zouheir Labbi ◽  
Mostafa Belkasmi
Keyword(s):  
Internet Of Things ◽  
Security Requirements ◽  
The Internet ◽  
Security Threats ◽  
Iot Security ◽  
Implementation Challenges ◽  
Security Issues ◽  
The Internet Of Things

In this chapter, the authors present a review of security requirements for IoT and provide an analysis of the possible attacks, security issues, and major security threats from the perspective of layers that comprise IoT. To overcome these limitations, the authors describe a security implementation challenges in IoT security. This chapter serves as a manual of security threats and issues of the IoT and proposes possible solutions and recommendations for improving security in the IoT environment.

A Survey of Authentication Schemes in the Internet of Things

2021 ◽  
pp. 1715-1732
Author(s):  
Yasmine Labiod ◽  
Abdelaziz Amara Korba ◽  
Nacira Ghoualmi-Zine
Keyword(s):  
Internet Of Things ◽  
Security Requirements ◽  
Security And Privacy ◽  
The Internet ◽  
Privacy And Security ◽  
Depth Study ◽  
Authentication Schemes ◽  
Iot Devices ◽  
Privacy Issues ◽  
The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

scholarly journals Predicting Internet of Things (IOT) Security and Privacy Risks – A Proposal Model: توقع مخاطر أمن وخصوصية إنترنت الأشياء (IOT) – نموذج مقترح بحثي

2021 ◽  
Vol 5 (3) ◽  
pp. 133-112
Author(s):  
Awad Saad Al-Qahtani, Mohammad Ayoub Khan Awad Saad Al-Qahtani, Mohammad Ayoub Khan
Keyword(s):  
Internet Of Things ◽  
Security Management ◽  
Cyber Attacks ◽  
Security Requirements ◽  
Security And Privacy ◽  
The Internet ◽  
Security Risks ◽  
Iot Security ◽  
Iot Devices ◽  
The Internet Of Things

The Internet of things (IOT) users lack awareness of IOT security infrastructure to handle the risks including Threats, attack and penetration associated with its use. IOT devices are main targets for cyber-attacks due to variable personally identifiable information (PII) stored and transmit in the cyber centers. The security risks of the Internet of Things aimed to damage user's security and privacy. All information about users can be collected from their related objects which are stored in the system or transferred through mediums among diverse smart objects and may exposed to exposed dangerous of attacks and threats if it lack authentication so there are essential need to make IOT security requirements as important part of its efficient implementation. These requirements include; availability, accountability, authentication, authorization, privacy and confidentiality, Integrity and Non-repudiation. The study design is a survey research to investigate the visibility of the proposed model of security management for IOT uses, the security risks of IOT devices, and the changes IOT technology on the IT infrastructure of IOT users through answering of the research questionnaires. This work proposes a model of security management for IOT to predict IOT security and privacy threats, protect IOT users from any unforeseen dangers, and determine the right security mechanisms and protocols for IOT security layers, as well as give the most convenient security mechanisms. Moreover, for enhancing the performance of IOT networks by selecting suitable security mechanisms for IOT layers to increase IOT user's security satisfaction.

scholarly journals A Lightweight Privacy Protection User Authentication and Key Agreement Scheme Tailored for the Internet of Things Environment: LightPriAuth

2018 ◽  
Vol 2018 ◽  
pp. 1-16 ◽  
Author(s):  
Yuwen Chen ◽  
Lourdes López ◽  
José-Fernán Martínez ◽  
Pedro Castillejo
Keyword(s):  
Internet Of Things ◽  
User Authentication ◽  
Environmental Data ◽  
Security Requirements ◽  
The Internet ◽  
Minimal Amount ◽  
Forward Secrecy ◽  
Synchronization Problem ◽  
Internet Of Things Environment ◽  
The Internet Of Things

Different data are collected by diverse sensors under an Internet of things scenario, such as health data, environmental data, and traffic flow data. People can access data remotely via the Internet easily. Considering the importance and confidentiality of these data, it is necessary to ensure the data security. In this study, we propose an authentication and key establishment scheme for an Internet of things scenario based on low-capability devices. This scheme achieves many security features: user anonymity, sensor anonymity, forward secrecy, resistance to the loss of synchronization problem, and so on We verified these security features using AVISPA and ProVerif; both results show that the scheme is safe enough to achieve the security requirements. Besides, the experiment results elucidate that this scheme gains an advantage in computation and communication costs. It is because of the sole usage of XOR operations and hash functions as well as a minimal amount of asymmetric encryptions to fulfil forward secrecy.

Sign in / Sign up

Export Citation Format

Share Document