Understanding Security Requirements and Challenges in Internet of Things (IoT): A Review

Internet of things (IoT) is realized by the idea of free flow of information amongst various low-power embedded devices that use the Internet to communicate with one another. It is predicted that the IoT will be widely deployed and will find applicability in various domains of life. Demands of IoT have lately attracted huge attention, and organizations are excited about the business value of the data that will be generated by deploying such networks. On the contrary, IoT has various security and privacy concerns for the end users that limit its proliferation. In this paper, we have identified, categorized, and discussed various security challenges and state-of-the-art efforts to resolve these challenges.

Download Full-text

Security trends in Internet of Things: a survey

SN Applied Sciences ◽

10.1007/s42452-021-04156-9 ◽

2021 ◽

Vol 3 (1) ◽

Author(s):

Rachit ◽

Shobha Bhatt ◽

Prakash Rao Ragiri

Keyword(s):

Internet Of Things ◽

Research Community ◽

Security Requirements ◽

Embedded Devices ◽

Iot Security ◽

Security Research ◽

Security Models ◽

Security Challenges ◽

The Internet Of Things ◽

Insight Into

AbstractThe Internet of Things (IoT) is a network of embedded devices that are uniquely identifiable and have embedded software required to communicate between the transient states. The purpose of this study is to explore discrete IoT security challenges pertaining to currently deployed IoT standards and protocols. We have presented a detailed review in this study that focuses on IoT's imminent security aspects, covering identification of risks pertaining to the current IoT system, novel security protocols, and security projects proffered in recent years. This work presents an updated review of the IoT architecture in the protocols and standards that are proffered for the next-gen IoT systems. A security-specific comparative analysis of protocols, standards, and proffered security models are presented as per IoT security requirements. This study elicits the need for standardization at the communication and data audit level, which exposes the hardware, software, and data to various threats and attacks. Our study reveals a need for protocols that are competent enough to be accorded for over one threat vector. This paper provides an insight into the latest security research trends, which will prove beneficial in the development of IoT security. The research outcomes can benefit the research community in IoT by integrating IoT-based devices' best security aspects.

Download Full-text

Recent Technologies, Security Countermeasure and Ongoing Challenges of Industrial Internet of Things (IIoT): A Survey

Sensors ◽

10.3390/s21196647 ◽

2021 ◽

Vol 21 (19) ◽

pp. 6647

Author(s):

Soo Fun Tan ◽

Azman Samsudin

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

Security Architecture ◽

Industrial Internet Of Things ◽

Security Issues ◽

Industrial Internet ◽

Security Challenges ◽

Comprehensive Survey ◽

Privacy Issues

The inherent complexities of Industrial Internet of Things (IIoT) architecture make its security and privacy issues becoming critically challenging. Numerous surveys have been published to review IoT security issues and challenges. The studies gave a general overview of IIoT security threats or a detailed analysis that explicitly focuses on specific technologies. However, recent studies fail to analyze the gap between security requirements of these technologies and their deployed countermeasure in the industry recently. Whether recent industry countermeasure is still adequate to address the security challenges of IIoT environment are questionable. This article presents a comprehensive survey of IIoT security and provides insight into today’s industry countermeasure, current research proposals and ongoing challenges. We classify IIoT technologies into the four-layer security architecture, examine the deployed countermeasure based on CIA+ security requirements, report the deficiencies of today’s countermeasure, and highlight the remaining open issues and challenges. As no single solution can fix the entire IIoT ecosystem, IIoT security architecture with a higher abstraction level using the bottom-up approach is needed. Moving towards a data-centric approach that assures data protection whenever and wherever it goes could potentially solve the challenges of industry deployment.

Download Full-text

Smart Homes: Security Challenges and Privacy Concerns

International Journal of Computers ◽

10.46300/9108.2020.14.5 ◽

2020 ◽

Vol 14 ◽

Keyword(s):

Internet Of Things ◽

Smart Home ◽

Smart Homes ◽

Security And Privacy ◽

Privacy Concerns ◽

Good Practices ◽

Security Challenges

Development and growth of Internet of Things (IoT) technology has exponentially increased over the course of the last 10 years since its inception, and as a result has directly influenced the popularity and size of smart homes. In this article we present the main technologies and applications that constitute a smart home, we identify the main security and privacy challenges that smart home face and we provide good practices to mitigate those threats.

Download Full-text

The Internet of Things and its impact on the library

New Library World ◽

10.1108/nlw-12-2015-0093 ◽

2016 ◽

Vol 117 (3/4) ◽

pp. 289-292 ◽

Cited By ~ 10

Author(s):

Bruce Massis

Keyword(s):

Internet Of Things ◽

Literature Review ◽

Design Methodology ◽

Security And Privacy ◽

The Internet ◽

Content Type ◽

Privacy Concerns ◽

Potential Impact ◽

The Internet Of Things

Purpose – The purpose of this paper is to consider the Internet of Things (IOT) and its potential impact on libraries. Design/methodology/approach – This paper presents a literature review and a commentary on this topic that have been addressed by professionals, researchers and practitioners. Findings – In communicating the issues when comprehending the scope of the IOT, libraries need not succumb to the sometimes near-hysteria that surrounds the rhetoric regarding security and privacy. But, librarians must actively engage in the conversation and its subsequent actions to respond to patrons who use library networks and devices with calm, logical and transparent answers to those questions concerning what they are doing to ensure that security and privacy vulnerabilities are regularly addressed. Originality/value – The value in concentrating on this topic is to provide background and suggest several approaches to security and privacy concerns regarding the IOT.

Download Full-text

A systematic Study of Security Challenges and Infrastructures for Internet of Things

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.36.24226 ◽

2018 ◽

Vol 7 (4.36) ◽

pp. 700

Author(s):

N. Koteswara Rao ◽

Gandharba Swain

Keyword(s):

Internet Of Things ◽

Secure Communication ◽

Smart Cities ◽

Security Requirements ◽

The Internet ◽

Security Challenges ◽

Authentication And Authorization ◽

New Applications ◽

Privacy And Anonymity ◽

The Internet Of Things

The proliferation of smart objects with capability of sensing, processing and communication has grown in recent years. In this scenario, the Internet of Things (IoT) connects these objects to the Internet and provides communication with users and devices. IoT enables a huge amount of new applications, with which academics and industries can benefit, such as smart cities, health care and automation. In this environment, compose of constrained devices, the widespread adoption of this paradigm depends of security requirements like secure communication between devices, privacy and anonymity of its users. This paper presents the main security challenges and solutions to provide authentication and authorization on the Internet of Things.

Download Full-text

A Survey of Authentication Schemes in the Internet of Things

International Journal of Smart Security Technologies ◽

10.4018/ijsst.2019010102 ◽

2019 ◽

Vol 6 (1) ◽

pp. 15-30 ◽

Cited By ~ 1

Author(s):

Yasmine Labiod ◽

Abdelaziz Amara Korba ◽

Nacira Ghoualmi-Zine

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Privacy And Security ◽

Depth Study ◽

Authentication Schemes ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

Download Full-text

Security Requirements for the Internet of Things: A Systematic Approach

Sensors ◽

10.3390/s20205897 ◽

2020 ◽

Vol 20 (20) ◽

pp. 5897

Author(s):

Shantanu Pal ◽

Michael Hitchens ◽

Tahiry Rabehaja ◽

Subhas Mukhopadhyay

Keyword(s):

Internet Of Things ◽

Systematic Approach ◽

Security Requirements ◽

Security And Privacy ◽

Smart Devices ◽

The Internet ◽

Systematic Analysis ◽

Prime Concern ◽

Smart Cars ◽

The Internet Of Things

There has been a tremendous growth in the number of smart devices and their applications (e.g., smart sensors, wearable devices, smart phones, smart cars, etc.) in use in our everyday lives. This is accompanied by a new form of interconnection between the physical and digital worlds, commonly known as the Internet of Things (IoT). This is a paradigm shift, where anything and everything can be interconnected via a communication medium. In such systems, security is a prime concern and protecting the resources (e.g., applications and services) from unauthorized access needs appropriately designed security and privacy solutions. Building secure systems for the IoT can only be achieved through a thorough understanding of the particular needs of such systems. The state of the art is lacking a systematic analysis of the security requirements for the IoT. Motivated by this, in this paper, we present a systematic approach to understand the security requirements for the IoT, which will help designing secure IoT systems for the future. In developing these requirements, we provide different scenarios and outline potential threats and attacks within the IoT. Based on the characteristics of the IoT, we group the possible threats and attacks into five areas, namely communications, device/services, users, mobility and integration of resources. We then examine the existing security requirements for IoT presented in the literature and detail our approach for security requirements for the IoT. We argue that by adhering to the proposed requirements, an IoT system can be designed securely by achieving much of the promised benefits of scalability, usability, connectivity, and flexibility in a practical and comprehensive manner.

Download Full-text

Secure Routing Challenges for Opportunistic Internet of Things

Security and Privacy Issues in Sensor Networks and IoT - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-0373-7.ch006 ◽

2020 ◽

pp. 145-168 ◽

Cited By ~ 1

Author(s):

Nisha Kandhoul ◽

Sanjay K. Dhurandher

Keyword(s):

Internet Of Things ◽

Network Connectivity ◽

Opportunistic Networks ◽

Secure Routing ◽

Security Requirements ◽

Security And Privacy ◽

Computing Systems ◽

Heterogeneous Technologies ◽

Iot Devices ◽

Technical Revolution

Internet of Things(IoT) is a technical revolution of the internet where users, computing systems, and daily objects having sensing abilities, collaborate to provide innovative services in several application domains. Opportunistic IoT(OppIoT)is an extension of the opportunistic networks that exploits the interactions between the human-based communities and the IoT devices to increase the network connectivity and reliability. In this context, the security and privacy requirements play a crucial role as the collected information is exposed to a wide unknown audience. An adaptable infrastructure is required to handle the intrinsic vulnerabilities of OppIoT devices, with limited resources and heterogeneous technologies. This chapter elaborates the security requirements, the possible threats, and the current work conducted in the field of security in OppIoT networks.

Download Full-text

An Efficient Pairing-Free Certificateless Searchable Public Key Encryption for Cloud-Based IIoT

Wireless Communications and Mobile Computing ◽

10.1155/2020/8850520 ◽

2020 ◽

Vol 2020 ◽

pp. 1-11

Author(s):

Mimi Ma ◽

Min Luo ◽

Shuqin Fan ◽

Dengguo Feng

Keyword(s):

Internet Of Things ◽

Data Privacy ◽

Security And Privacy ◽

Public Key ◽

Public Key Encryption ◽

Privacy Concerns ◽

Industrial Internet ◽

Encryption Schemes ◽

Searchable Public Key Encryption ◽

Industrial Resource

The Industrial Internet of Things (IIoT), as a special form of Internet of Things (IoT), has great potential in realizing intelligent transformation and industrial resource utilization. However, there are security and privacy concerns about industrial data, which is shared on an open channel via sensor devices. To address these issues, many searchable encryption schemes have been presented to provide both data privacy-protection and data searchability. However, due to the use of expensive pairing operations, most previous schemes were inefficient. Recently, a certificateless searchable public-key encryption (CLSPE) scheme was designed by Lu et al. to remove the pairing operation. Unfortunately, we find that Lu et al.’s scheme is vulnerable to user impersonation attacks. To enhance the security, a new pairing-free dual-server CLSPE (DS-CLSPE) scheme for cloud-based IIoT deployment is designed in this paper. In addition, we provide security and efficiency analysis for DS-CLSPE. The analysis results show that DS-CLSPE can resist chosen keyword attacks (CKA) and has better efficiency than other related schemes.

Download Full-text

Internet of Things Security: Challenges and Key Issues

Security and Communication Networks ◽

10.1155/2021/5533843 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Mourade Azrour ◽

Jamal Mabrouki ◽

Azidine Guezzaz ◽

Ambrina Kanwal

Keyword(s):

Water Management ◽

Internet Of Things ◽

Virtual Worlds ◽

Personal Data ◽

Embedded Devices ◽

Security Challenges ◽

Key Issues ◽

Intelligent Devices ◽

Lightweight Encryption ◽

Vast Network

Internet of Things (IoT) refers to a vast network that provides an interconnection between various objects and intelligent devices. The three important components of IoT are sensing, processing, and transmission of data. Nowadays, the new IoT technology is used in many different sectors, including the domestic, healthcare, telecommunications, environment, industry, construction, water management, and energy. IoT technology, involving the usage of embedded devices, differs from computers, laptops, and mobile devices. Due to exchanging personal data generated by sensors and the possibility of combining both real and virtual worlds, security is becoming crucial for IoT systems. Furthermore, IoT requires lightweight encryption techniques. Therefore, the goal of this paper is to identify the security challenges and key issues that are likely to arise in the IoT environment in order to guide authentication techniques to achieve a secure IoT service.

Download Full-text