Submitted Successfully!
To reward your contribution, here is a gift for you: A free trial for our video production service.
Thank you for your contribution! You can also upload a video entry or images related to this topic.
Version Summary Created by Modification Content Size Created at Operation
1
Akram abdulghani Hezam
 -- 5572 2023-07-12 12:08:38 |
2 update references and layout
Rita Xu
 Meta information modification 5572 2023-07-12 12:14:06 | |
3 update layout
Rita Xu
 -3 word(s) 5569 2023-07-31 10:21:19 |

Video Upload Options

Do you have a full video?
Send video materials Upload full video

Confirm

Are you sure to Delete?
Yes No
Cite
If you have any further questions, please contact Encyclopedia Editorial Office.
Abdulghani, H.A.; Collen, A.; Nijdam, N.A. IoT-Enabled Systems’ Cybersecurity. Encyclopedia. Available online: https://encyclopedia.pub/entry/46691 (accessed on 08 July 2024).
Abdulghani HA, Collen A, Nijdam NA. IoT-Enabled Systems’ Cybersecurity. Encyclopedia. Available at: https://encyclopedia.pub/entry/46691. Accessed July 08, 2024.
Abdulghani, Hezam Akram, Anastasija Collen, Niels Alexander Nijdam. "IoT-Enabled Systems’ Cybersecurity" Encyclopedia, https://encyclopedia.pub/entry/46691 (accessed July 08, 2024).
Abdulghani, H.A., Collen, A., & Nijdam, N.A. (2023, July 12). IoT-Enabled Systems’ Cybersecurity. In Encyclopedia. https://encyclopedia.pub/entry/46691
Abdulghani, Hezam Akram, et al. "IoT-Enabled Systems’ Cybersecurity." Encyclopedia. Web. 12 July, 2023.
IoT-Enabled Systems’ Cybersecurity
Edit
This entry is adapted from the peer-reviewed paper 10.3390/s23084174

Internet of Things (IoT) faces security concerns different from existing challenges in conventional information systems connected through the Internet because of their limited resources and heterogeneous network setups.

internet of things (IoT) security goals security guidelines IoT assets

1. Introduction

As a result of the development of two emerging technologies, Radio Frequency Identification (RFID) and Wireless Sensor Networks (WSNs), the notion of Internet of Things (IoT) was proposed in 1999 by Kouicem et al. [1]. The fundamental goal of IoT is to smoothly integrate real-world devices into the digital realm by utilising already installed infrastructure such as switches, routers, and gateways. To this end, a number of IoT objects equipped with sensors, actuators, and connectivity protocols have been deployed in multiple domains to offer an enormous business value for customers, organisations, and governments. For instance, smart watches, smart home appliances, and smartphones are examples of IoT diverse applications, all of which were created with the goal of improving the customers’ quality of life and productivity [2]. However, the aforementioned applications and IoT in general have encountered many security and privacy problems, the common examples of which are side-channel attacks, unauthorised conversation, routing attacks, and unexpected use of IoT data [3]. Due to two key characteristics, securing IoT is a complex task in comparison with traditional cybersecurity. The first difference is the IoT objects’ variation in their size and processing power. The second difference is their connectivity capabilities. It is, therefore, possible to apply traditional security mechanisms (e.g., Advanced Encryption Standard (AES)) directly to powerful objects such as smart phones. In contrast, power constrained objects, for instance smart light bulbs, may not be able to apply such techniques directly without some modifications due to their limited resources in terms of battery life, memory storage, and computational power. To this end, a number of of solutions have been proposed in the literature and can be broadly divided into four categories: (i) gateway-based solutions [4][5][6], (ii) IoT stack-based solutions [7][8][9][10], (iii) middleware-based solutions [11][12][13], and (iv) risk-based certifications [14][15][16].
Despite the benefits of using such solutions for addressing some IoT security concerns (e.g., secure communication), they have drawbacks. For instance, using a gateway for securing IoT objects is a matter of compromise. On the one hand, it can be used to address some of security issues such as updating objects’ firmware and providing a secure key management method between IoT objects and the gateway [17]. On the other hand, it introduces a single point of failure in both security and operation. Moreover, flexibility and scalability will be reduced and hindered, as the development of a new IoT application or IoT object requires changes to be implemented into the gateway [18]. Risk-based certification solutions are trying to overcome many limitations such as the possibility of more flexible decisions to decrease time-to-market and provide all involved stakeholders with the same tools for security assessment. The approach is different in its essence as it focuses on the risk analysis and device exposure to potential threats, as well as potential consequences severity.
The absence of frameworks that generally outline accepted security and privacy policies for IoT assets (physical objects, protocols, data at rest, and software suggested in the prior work [19]), as well as their protection measures, is another contributing issue. Such guidelines and their suitable implementation techniques would pave the road for IoT stakeholders such as developers and manufacturers to build secure IoT systems by integrating such guidelines into their systems from the start. In spite of the importance of such frameworks of security and privacy guidelines for IoT to enhance its security and privacy by design, a few research studies have been proposed in this regard [20].

2. IoT Security Challenges

Lack of a secure development (SC1): functional requirements are the primary emphasis of both conventional software engineering procedures and IoT systems engineering techniques. With IoT systems, however, security is rarely a top priority throughout the software development process because the installation of functional features receives more attention, leaving security requirements to be addressed once the product is finished, according to El-Attar and Abdul-Ghani [21]. Hence, this type of approach is inadequate, and IoT systems must include security standards or recommendations into them from the ground up. In order to do this, the authors have already put up a thorough list of security and privacy standards for IoT assets, particularly for physical items and protocols [19].
Tight resource constraints (SC2): different hardware limitations in terms of processing speed, storage capacity, and battery life may apply to IoT gadgets. Which is why, given the hardware capabilities of some IoT objects such as mobile phones and tablets, conventional security techniques such as AES can be applied directly to those devices. For instance, according to Taleby et al. [22], the Windows 10 Mobile employs the same security features (such as the Windows Hello mechanism) as the Windows 10 and Windows 11 Operating System (OS) for personal computers to provide protection against emerging security threats. Nevertheless, ordinary IoT gadgets (e.g., presence sensors and smoke detectors) can not implement such techniques.
Features specific design (SC3): the majority of IoT items were created with specific purposes and environments in mind. Building similar defensive mechanisms for various IoT gadgets that operate in heterogeneous contexts and provide a variety of activities and services is therefore not practical. Jeongnyeo [23] established mitigation approaches for IoT devices based on three key elements: (i) functionality, (ii) attributes, and (iii) capabilities.
Changes in security requirements (SC4): depending on the state of a larger system in which an IoT device is a part, the security needs for that object may change. One might imagine that a modern car has multiple embedded smart components. The state of the car has a significant role in determining which of these components needs to be secured the most. For instance, the anti-lock braking device is the most important one when the automobile is moving. On the other hand, if the car is stationary the most crucial one is a glass break detector device [24].
Update mechanisms (SC5): the update procedures of IoT objects have a significant impact on their security. For example, an IoT object meant to receive updates locally may need less security measures than an IoT object designed to receive updates remotely. It implies that any device that needs to securely update its firmware via a network should first establish a secure channel with the server and then verify the accuracy of a new firmware image. However, when it comes to local firmware updates, just the legitimacy of the individual installing newly released firmware into the object must always be verified [25]. According to El Jaouhari and Bouvet [26], the challenges are still ranging from interoperability issues with a lack of standardisation efforts, to the actual device management and establishment of the trust chain for the secure Firmware Over-The-Air process.
Objects’ mobility (SC6): the mobility of IoT objects is one of their key characteristics, with security greatly depending on its location, whether static or dynamic. For various reasons, a dynamic object requires additional security measures in comparison to a static one. The dynamic object might be linked to unidentified assets that show up in various situations. Therefore, according to Sen [27], such object should be equipped with distinctive safeguards such as an end-to-end security to protect its communications with other objects, tamper-proofing techniques to avert physical attacks, side-channel analysis to avoid data leakage, and a secure firmware update method. Whereas the static object might constantly be connected to trusted assets, which are in charge of guaranteeing its security.
Importance of IoT objects (SC7): the importance of an IoT object affects its security. For instance, in a WSN, a sink node requires more defensive strategies than sensor nodes because it manages the entire network in addition to gathering, aggregating, and processing data from sensor nodes. The malicious WSN nodes that continuously send undesirable signals toward the sink node or a base station could, according to Yang et al. [28], halt the entire network.
Uncontrolled environment (SC8): because some IoT objects may be deployed in remote locations and left unattended, they are vulnerable to physical attacks, such as malicious manipulation of Integrated Circuits (ICs) [29]. An attacker could clone the IoT device, steal it for further research to determine their security characteristics or steal secret keys stored on it [30].

3. IoT Attacks Vector

In the state of the art, conventional security goals have been divided into three main groups: (i) Confidentiality, (ii) Integrity, and (iii) Availability, referred to as the Confidentiality, Integrity, and Availability (CIA). Confidentiality is achieved through a set of rules that limits access to only authorised objects or users. Integrity, in the context of IoT, is also of paramount importance, as it assures the accuracy and completeness of IoT data. IoT availability is an indispensable requirement as well, since it ensures the availability of IoT objects along with their data to its users. In spite of the popularity of CIA, it fails to deal with novel threats appearing in a collaborative environment [31]. Toward this end, Cherdantseva and Hilton [31] suggest a thorough set of security goals, known as the Information, Assurance, and Security (IAS) octave, by investigating a huge amount of information in the literature in terms of security. An overview of the security goals proposed by the IAS octave, along with their definitions and abbreviations in link with IoT environment is presented in Table 1.
Table 1. IoT Security goals as defined by IAS octave.
Security Requirements Definition Abbreviations
Confidentiality Only authorised objects or users can obtain access to the data CONF
Integrity Data completeness and accuracy is preserved INTG
Non-repudiation IoT system can validate the occurrence of any event NREP
Availability Ensuring accessibility of an IoT system and its services AVAL
Privacy Presence of privacy rules or policies PRIV
Auditability Monitoring of the IoT object activity AUDI
Accountability End users can take charge of their actions ACNT
Trustworthiness Reliability on IoT object identity TRST
Researchers enumerate common attacks against IoT and investigate their violated security goals. The selection of the attacks is based on the previous work [32], cross-linked with the latest surveys [20]. More specifically, researchers annotate with ‘Sensors 23 04174 i001’ symbol when a security goal in question is violated by the described attack. The summary is outlined in Table 2.
Table 2. Violated security goals per attack.
Attack ID CONF INTG NREP AVAL PRIV AUDI ACNT TRST
AT1 Sensors 23 04174 i001   Sensors 23 04174 i001   Sensors 23 04174 i001      
AT2 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001
AT3 Sensors 23 04174 i001 Sensors 23 04174 i001     Sensors 23 04174 i001      
AT4 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001
AT5 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001   Sensors 23 04174 i001   Sensors 23 04174 i001  
AT6 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001 Sensors 23 04174 i001
Eavesdropping (AT1): intentionally listening to packets over communication links is called eavesdropping, and it is a powerful attack against communication channels if packets are not encrypted during transmission. The main goal of such attack is to intercept, read, and alter the communication packets. Three security goals, namely CONF, NREP, and PRIV, are affected by this type of attacks. The CONF and PRIV security goals are violated, since the attacker is indirectly revealing some private information by listening to communication channels that are not encrypted nor well protected. The NREP is compromised, as the attacker could recognise a private key of an object or a sender in case of a weak cryptographic algorithm and thus use such key to sign some packets and send them to other objects or recipients without revealing his/her true identity.
Physical attacks (AT2): IoT objects may be deployed in various environments where supervision of the objects is not always possible, making them susceptible to physical attacks. These attacks include, but are not limited to, vandalising circuits, modifying OS, and extracting valuable cryptographic information. In this type of attack, all security goals can be violated, as the attacker potentially has full control over the IoT object. As demonstrated by Deogirikar and Vidhate [3], not only can the attacker physically harm the IoT device, but also cause damage to a bigger IT system.
Side-channel attacks (AT3): as IoT objects execute their normal functions, there is a risk that critical information may be revealed (e.g., the secret keys). This type of attacks may happen because of the lack of secure techniques of processing and storing IoT data (e.g., storing unencrypted data directly on IoT objects). It is also worth mentioning that IoT objects may be vulnerable when not equipped with secure wireless protocols to transmit data. For example, an electromagnetic wave emitted by an object may reveal sensitive data about both the object and its users, according to [33]. Three security goals (CONF, INTG, and PRIV) are directly affected by this attack. The CONF and PRIV are violated as the attacker could reveal sensitive data about the object and its users by analysing its side-exposed features, such as algorithms and power consumption. Having discovered some security parameters (e.g., encryption keys), the attacker could modify, for instance, the transmitted data.
Malicious object insertion (AT4): maliciously adding an object to the existing set of objects by duplicating another object’s identification number to either corrupt the packets or misdirect them is the main goal of this attack. Therefore, this type of attack may cause a huge drop in the network performance, directly affecting AVAL and TRST security goals. Moreover, upon arrival of messages at a replica, an attacker could not only gain access to different security parameters (e.g., encryption keys), but also revoke authorised objects, since the attacker could execute an object-revocation protocol exposing CONF, NREP, and PRIV. In summary, this attack violates all security goals, as the attacker has capability to misdirect, drop, decrypt, and corrupt the messages.
Routing attacks (AT5): in [19], the authors illustrate several attacks such as Gray hole, sybil, and worm hole designed specifically to target how IoT packets are directed. The consequences of such attacks include, but are not limited to, dropping, spoofing, and misdirecting packets. The simplest form of such attacks is known as modifying attack in which routing information is illegally manipulated by an attacker. The CONF, INTG, and PRIV security goals are violated as the attacker is indirectly capable of disturbing routing paths and spoofing packets. ACNT is also affected as the attacker could drop or misdirect some messages. Finally, NREP and ACNT are endangered as the attacker has a capability to disrupt the delivery of the packets.
Malicious firmware (AT6): several manufacturers such as Apple and Sony have been using Over-the-air (OTA) methods to update their objects which were already being deployed in power grids, smart homes, smart cars, and more. Due to the large number of IoT objects that require updates, a trusted server has been used by manufacturers to publish or push newly released updates of their objects. This method, however, is vulnerable to a single point of failure because of Denial of Service (DoS) attacks and a huge number of valid update requests sent simultaneously to the server. This attack violates all security goals as the attacker has full control over IoT objects.

4. Mitigation Techniques

The following section presents the summary and classification of existing mitigation techniques relevant for the selected attack vector presented previously. Table 3 outlines the analytical correlation between each mitigation technique and related attack.
Table 3. Attack vector correlation to mitigation techniques.
ID Mitigation Techniques Attack IDs
MT1 Link layer security AT1
MT8 Secure bootstrapping AT1
MT2 Transport layer security AT1, AT3, AT5
MT3 Network layer security AT1, AT5
MT4 Firmware update methods AT6
MT15 Searchable encryption AT1,
MT10 Hardware-based solutions AT2, AT4, AT6
MT6 Side channel protection AT3
MT18 Access control methods AT2, AT3, AT4
MT19 Secure IoT OSs AT6
MT20 SDN-based solutions AT1, AT4, AT5
MT21 Application layer security AT1, AT3, AT6
MT22 Cryptographic schemes AT2, AT3, AT4
MT9 Blockchain solutions AT1, AT5, AT6
MT14 Secure storage schemes AT1, AT2
MT13 Transient data storage AT5
MT7 Decommissioning methods AT2
MT11 Deduplication schemes AT1, AT2, AT4
MT12 Anonymisation schemes AT4, AT6
MT16 Monitoring and auditing AT2, AT4, AT6
MT17 Recovery strategy AT6
MT5 Intrusion detection system AT1, AT4, AT5, AT6
Link layer security (MT1): IP-based communication in IoT is mainly reliant on IPv6 networking for Low power Wireless Personal Area Networks (6LoWPAN) [34], which is dependant on the IEEE 802.15.4 link layer and provides hop-to-hop security. It implies, that each object in the communication link should be trusted without authentication, as well as key management, time-synchronised communications, and reply protection. To address the lack of reply protection as well as time-synchronised communication, the IEEE 802.15.4e extension (modification) was introduced in 2012 by the IETF [35]. It is critical to understand that link layer security cannot safeguard packets once they leave its network. Several security solutions have been offered to address this issue. Roman et al. [36] suggest a wireless sensor network key management system. This type of solution increases security at the link layer. According to ArchRock Corporation [37], PhyNET secures a link between a border router and nodes using IPsec in a tunnel paradigm. Transport layer security (MT2): end-to-end security can be provided by both Transport Layer Security (TLS) and Secure Sockets Layer (SSL). Because they enable authentication, key exchange mechanisms, confidentiality, and integrity, these systems have been widely utilised to secure communications over the traditional Internet. TLS and SSL, however, cannot be utilised directly for IoT for two reasons. First, TLS is used over TCP, which is not an appropriate approach for IoT gadgets due to their restricted resources. Second, TLS/SSL session establishment and key exchange necessitate a series of packet exchanges. SSL and TLS, on the other hand, have been recommended as IoT security solutions. Hong et al. [38] presented an SSL-based security solution for smart objects. According to their findings, a full SSL handshake, including packet exchanges, takes 2 s to complete. Datagram Transport Layer security (DTLS) is introduced to provide security means similar to TLS; however, it is built on top of UDP. Kothmayr et al. [10] present a two-way authentication mechanism for IoT, which is strongly reliant on existing Internet standards, particularly the DTLS protocol. This technique was implemented through the exchange of x.509 certificates containing RSA keys and an authenticated DTLS handshake.
Network layer security(MT3): these methods are divided into two categories: 6LoWPAN and Routing Protocol for Low-Power and Lossy Networks (RPL). The IETF has standardised 6LoWPAN as a network layer protocol. It allows Internet access for resource-constrained objects thanks to a header compression method. 6LoWPAN, on the other hand, does not offer security mechanisms or key management. Kothmayr et al. [10] present unique compressed security headers appropriate for 6LoWPAN to provide end-to-end network layer security. Such security headers make it easier to integrate 6LoWPAN with IP Security architecture. Raza et al. [39] propose an IPsec extension appropriate for 6LoWPAN to provide IPsec-based security for IoT items. In terms of energy usage, processing time, and packet size, 6LoWPAN/IPsec is a suitable solution for securing IoT items, as opposed to link layer security. RPL is a network layer protocol that is also IETF-standardised. It explains the RPL packets sent over ICMPv6 between Low-Power and Lossy Network (LLN) objects. Within the LLN, these packets constitute a routing table. The RPL specification defines three types of security: unsecured, authenticated, and preinstalled.
Firmware update methods (MT4): are either remote or direct. A server node broadcasts the availability of a new version of a firmware for remote update. The announcement of the update is forwarded, by any node with the latest update, to all nodes in its vicinity. Nodes compare their current firmware to the new version and initiates the upgrade, if needed, with the advertiser. For security, all requests, answers, and data packets should be authenticated and encrypted. Law et al. [40] point out specifically that possible disruptions from DoS attacks should be dealt with at each stage of this complex process. Lastly, an end user attempting to install manually a firmware should be authorised and authenticated.
Intrusion detection system (MT5): the primary goal is to ensure that general policies are not violated through the usage of a continual monitoring procedure. By tracking aberrant requests to objects, it gives a reliable approach to counteract both battery-draining and sleep deprivation attacks. Saiful Islam Mamun et al. [41] reflects on the continuing research for monitoring edge nodes and counteract potential attacks at this level.
Side channel protection (MT6): provides an effective approach for detecting both hardware Trojans and malicious software on IoT devices [42]. The presence of a Trojan in an IoT object or circuit affects its components, the most frequent of which being power and gates and has the potential to alter heat distribution on the IC. The survey from Sadhu et al. [20], highlights the feasibility of detecting rogue firmware through side-channel analysis.
Decommissioning methods (MT7): eventually IoT objects will reach a point when they must be decommissioned; thus, these objects must be withdrawn and cannot be reintroduced to the network. Notwithstanding the relevance of decommissioning in addressing various security and privacy issues, there has been little research and development in this area. Smart Card Alliance [43] has proposed two options for decommissioning. To begin, the objects can be reset to their factory default settings. Apart for the minimum security parameters, this option deletes all data in such objects. The second option is to prevent blocked objects from re-joining a network until their statuses on the server have been updated.
Secure bootstrapping (MT8): Heer et al. [44] state the importance of the architecture impacting the secure bootstrapping technique implementations. Using a Diffie–Hellman algorithm, two IoTs can agree on a shared secret in a distributed architecture. Numerous protocols, including TLS, DTLS, Host Identity Protocol (HIP), and IKEv2, can be used to complete a key exchange and set up security parameters without a trusted party. Nonetheless, putting such methods into practice on severely limited objects is quite challenging. Many research initiatives have been suggested as solutions to this problem, including Diet HIP [45] and human memorable passwords, which build trust relationships between IoT products and gateways [46].
Blockchain solutions (MT9): aim to build transactions or communications between objects in a distributed architecture without the requirement for centralised trust entities, and they has influenced the world of cryptocurrencies. Once a transaction is validated using such technology, it cannot be disputed. Notwithstanding the advantages of the blockchain, its integration into the IoT has a number of obstacles that must be overcome, such as bandwidth consumption, partial anonymity, tremendous processing capabilities examined by [47], and most crucially, time latency.
Hardware-based solutions (MT10): according to Mosenia and Jha [48] altering the circuit is one of the best defences against physical, side channel, and Trojan attacks. Employed countermeasures against side-channel assaults are shielding, adding randomised delay and noise. Tamper-proofing mechanisms may be added to IoT products to increase protection against physical attacks. Lastly, Hristozov et al. [49] describes a promising hardware-based run-time attestation approach, whereby an item attests its firmware by a remote entity.
Deduplication schemes (MT11): enforce redundant IoT data is be kept once, and links to the duplicates—not the copies themselves—are provided. Because of this, such an approach can be employed as a fallback plan [50]. Hence, it is both necessary and difficult to build safe deduplication techniques that can identify identical data copies and store them just once. In order to do this, a number of data deduplication strategies have been put forth in the literature. Based on the location at which data deduplication is completed, these techniques can be broadly divided into two categories (server-side and client-side) [51].
Anonymisation schemes (MT12): k-anonymity, l-diversity, and t-closeness are the three major categories. K-anonymity is a strategy that protects data holders’ privacy when they release their data. It ensures that each person’s information cannot be recognised from a group of at least k(-1) persons. L-diversity is proposed to reduce K-anonymity inability to avoid both homogeneity and background attacks. Machanavajjhala et al. [52] presented a l-diversity privacy strategy that may be used to prevent a variety of assaults (e.g., homogeneity attack). Furthermore, they conduct an experimental assessment to demonstrate that the suggested approach is realistic and can be effectively applied. Li et al. [53] proposed the term t-closeness to address the inadequacies of k-anonymity and l-diversity related with attribute inspiration. The authors recommended that the distribution of sensitive information in each set must be close to or connected to the dispersion of sensitive information in the whole database.
Transient data storage (MT13): few studies have focused on handling transitory IoT data created during system executions. The significance of transitory data originates from the processing of data during system execution to form new data views, which may be maintained in storage for user requirements or discarded, and therefore it may lessen hazards connected with such data. Narendra et al. [54] suggested a method for handling transitory IoT data that allows such data to be processed, stored, and maintained.
Secure storage schemes (MT14): may be used to prevent IoT data breaches and are divided into two types: cryptographic and non-cryptographic techniques. Jiang et al. [55] provides an example of a cryptographic-based system based on Shamir’s secret sharing mechanism for storing data. Storer et al. [56] presented a non-cryptographic approach, introducing POST-SHAREDS, a storage format that provides long-term security for IoT data without the need of encryption methods. The security of such a strategy stems from separating data into so many segments and dispersing it over several storage locations.
Searchable encryption (MT15): from the domain homomorphic encryption, another method for protecting data in IoT storage is to conduct information retrieval on encrypted data, known as Searchable Encryption (SE). The basic principle is that an object should index and encrypt its data before sending it, along with an index, to a server. To search for data, the object must produce a trapdoor via which the server may directly run search operations on encrypted data, and encrypt its output as well.
Monitoring and auditing (MT16): is crucial, especially when it comes to preventing data breaches. In order to monitor servers, agents, files, and their configurations, Anand [57] have presented a centralised monitoring strategy for cloud applications. This technique offers multi-level notifications, redundancy, and automated recovery to overcome the drawbacks of a centralised monitoring approach, which include scalability and, most critically, a single point of failure. A scalable monitoring system for clouds has been put forth by Brinkmann et al. [58], proposing a sparse management tree that includes a number of parameters and their data gathering protocols. The authors also examine the drawbacks of current intrusion detection technologies and look at the potential of virtual machine level intrusion detection.
Recovery strategy (MT17): despite the significance of providing high availability and disaster recovery for IoT storage, the state of the art only has a few research suggestions. The issue of uploading IoT data from a collection of various sensors and the production of various replicas of this data on distributed storage in the cloud has been examined by Kumar et al. [59]. The availability of numerous distributed data centres, sometimes known as mini-clouds, is a prerequisite for data recovery strategies.
Access control methods (MT18): can be categorised into four groups: (i) Attribute-Based Encryption (ABE), (ii) Discretionary Access Control (DAC), (iii) Mandatory Access Control (MAC), and (iv) Role-Based Access Control (RBAC). The system administrator will have the ability to control the responsibilities and rights of the customers after integrating MAC into an IoT system. Further allowing the system administrator to alter access policies and denying users access to the network. Sensitive systems, such as those used by the military and research institutions, can include this kind of access technique [60]. Customers will be able to change the access rules for any items if DAC is integrated into an IoT system. If an attacker is able to access a client account, this strategy is quite risky. As a result, giving a consumer complete access to the IoT system is not a good idea. Customers can acquire access to resources based on their roles and responsibilities in the system if RBAC is implemented into an IoT system. ABE enables flexible one-to-many encryption without knowing who would access the information. It also highlights the fine-grained access approach for outsourced data. In ABE, a customer is identified by a collection of attributes that may be used to determine the client’s access policy.
Secure IoT OSs (MT19): designing and building a specific IoT environment OS is critical for providing object security at all levels. Javed et al. [61] conducted an in-depth analysis of existing techniques and validated security as a missing component that must be addressed immediately. Their assessment verified open problems, such as the provision of data integrity, authentication, and access procedures.
SDN-based solutions (MT20): primary goal of such technology is to separate the network control plan from the data plan. This type of separation would allow for dynamic network administration, centralised setup, and network control [1]. Objects (e.g., routers, gateways, and switches) in the SDN paradigm cannot make control choices (e.g., forwarding tables), but they may learn such decisions from a centralised entity known as an SDN controller. SDN is a viable approach for addressing various IoT security concerns due to its centralised design.
Application layer security (MT21): depends heavily on the needs of the individual IoT system and application protocol. MQ Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP) are the most relevant in terms of data collection in this context, whereas Advanced Message Queuing Protocol (AMQP), Data Distribution Service (DDS) and Extensible Messaging and Presence Protocol (XMPP) are appropriate for specific service requirements, namely business messaging, instant messaging, online presence detection, and real-time exchanges [61]. Aside from issues related to improving application layer security with CoAP, several research works have addressed some common issues such as the lack of mapping techniques between TLS and DTLS, the absence of digital certificates and public-keys, and, most importantly, the enforcement of object security with CoAP [62].

5. Framework-Based Solutions

Researchers review the existing frameworks of security and privacy guidelines along with their shortcomings. Although the development of a comprehensive set of security and privacy guidelines, covering all IoT assets, is currently an indispensable requirement for building secure IoT systems, a few frameworks equipped with such guidelines have been proposed, which researchers briefly present in the following paragraphs.
Perera et al. [63] suggest a list of privacy guidelines for IoT middleware and applications and their data at rest. Such guidelines include, but are not limited to, reducing data granularity, blocking repeated queries, and distributing data storage. However, they do not propose guidelines for different IoT assets such as physical objects (computing nodes and RFID), protocols, and OSs. Moreover, they do not address attacks and threats against IoT, nor do they identify suitable protection measures to implement their guidelines.
In [64], the Broadband Internet Technical Advisory Group (BITAG), suggests an abstract list of security and privacy guidelines (e.g., encrypting communications) for some of IoT assets (computing nodes, applications, and protocols). That said, BITAG neither provides a thorough set of guidelines, nor do they recognise proper security mechanisms to carry out the guidelines. Moreover, attacks and threats against IoT are left untouched.
Open Web Application Security Project (OWASP) proposes a list of security and privacy guidelines for some IoT assets (computing nodes, applications) [65]. Nevertheless, the OWASP does not identify attacks and threats against IoT, nor does it discuss the required security techniques to apply its guidelines.
Abdulghani et al. [32] propose a comprehensive list of security and privacy guidelines only for IoT data at rest, such as searching on encrypted data, ensuring authorised access, encrypting data storage, and minimising duplicated copies. Moreover, the authors investigate all possible attacks and threats against data at rest and identify a set of protection measures which can be used to implement their guidelines. Moreover, they show the link between their guidelines, attacks, and mitigation techniques.
In [66], the IoT Security Foundation (IoTSF) proposes a complete list of security and privacy guidelines for all IoT assets, except RFID tags. Nevertheless, IoTSF does not address attacks and threats against IoT, nor does it distinguish suitable implementation techniques to accomplish its guidelines.
A comprehensive list of security and privacy guidelines for some IoT assets (computing nodes, RFID, and protocols) is proposed in [19]. The authors also investigate all possible attacks and threats against them. Furthermore, they identify proper protection measures to implement their guidelines. Not only that, they also show the link between their proposed guidelines, attacks, and protection measures.
In [23], the authors first state the importance of defining security requirements for IoT objects based on three factors: (i) functionality, (ii) capabilities, and (iii) characteristics. Then, they investigate security threats as well as vulnerabilities of IoT objects, and more importantly they utilise the classification of IoT objects capabilities into different classes to suggest a list of security requirements suitable for each class.
Risk-based security certification is conceptually distinct from existing methods used to address security and privacy issues in the IoT ecosystem because it changes the emphasis from verifying the precise security level to the possible exposure to security vulnerabilities. Baldini et al. [14] have provided a certification framework aiming to address the shortcomings of existing Common Criteria certification scheme based on ISO/IEC 15408 standard. The proposed certification process is composed of several steps, ranging from risk analysis and labelling, vulnerability patterns identification to the execution of the test suites. However, in comparison with previously presented frameworks, this approach is prone to be domain specific and heavily depends on the operational context to generate the necessary models and tests.
In a similar direction of the risk-based IoT labelling, Matheu-García et al. [15] have proposed a security certification methodology targeting all stakeholders to be able to access the security solutions based on ISO 31000 and ISO 29119. The developed framework demonstrated its applicability in a scenario on automation of security testing with corresponding benchmarking analysis. The focus of such methodology, similarly, is also given to the vulnerability analysis and correlation with a profile or security label. The scope of the common attacks shielding is not explicitly referenced, nor are the targeted guidelines for security and privacy issues provided.

References

  1. Kouicem, D.E.; Bouabdallah, A.; Lakhlef, H. Internet of things security: A top-down survey. Comput. Netw. 2018, 141, 199–221.
  2. Riahi Sfar, A.; Natalizio, E.; Challal, Y.; Chtourou, Z. A roadmap for security challenges in the Internet of Things. Digit. Commun. Netw. 2018, 4, 118–137.
  3. Deogirikar, J.; Vidhate, A. Security attacks in IoT: A survey. In Proceedings of the International Conference on IoT in Social, Mobile, Analytics and Cloud, I-SMAC 2017, Palladam, Tamil Nadu, India, 10–11 February 2017; pp. 32–37.
  4. Chang, C.T.; Chang, C.Y.; Shih, K.P.; Martinez, R.D.B.; Chen, P.T.; Chen, Y.D. An IoT multi-interface gateway for building a smart space. Open J. Soc. Sci. 2015, 3, 56–60.
  5. Rodriguez, J.D.; Schreckling, D.; Posegga, J. Addressing data-centric security requirements for IOT-based systems. In Proceedings of the 2016 International Workshop on Secure Internet of Things, SIoT 2016, Heraklion, Greece, 26–30 September 2018; pp. 1–10.
  6. Treadway, J. Using an IoT Gateway to Connect the ’Things’ to the Cloud. 2016. Available online: https://www.techtarget.com/iotagenda/feature/Using-an-IoT-gateway-to-connect-the-Things-to-the-cloud (accessed on 13 March 2023).
  7. Raza, S.; Trabalza, D.; Voigt, T. 6LoWPAN compressed DTLS for CoAP. In Proceedings of the IEEE International Conference on Distributed Computing in Sensor Systems, DCOSS 2012, Hangzhou, China, 16–18 May 2012; pp. 287–289.
  8. Hartke, K. Practical Issues with Datagram Transport Layer Security in Constrained Environments; DICE Working Group: Beaverton, OR, USA, 2014; pp. 1–23.
  9. Sethi, M.; Arkko, J.; Keranen, A. End-to-end security for sleepy smart object networks. In Proceedings of the Conference on Local Computer Networks, LCN, Clearwater Beach, FL, USA, 22–25 October 2012; pp. 964–972.
  10. Kothmayr, T.; Schmitt, C.; Hu, W.; Brunig, M.; Carle, G. A DTLS based end-to-end security architecture for the Internet of Things with two-way authentication. In Proceedings of the Conference on Local Computer Networks, LCN, Clearwater Beach, FL, USA, 22–25 October 2012; pp. 956–963.
  11. Medvedev, A.; Zaslavsky, A.; Khoruzhnikov, S.; Grudinin, V. Interoperability and open-source solutions for the internet of things. Lect. Notes Comput. Sci. 2015, 9001, 169–182.
  12. Fremantle, P.; Scott, P. A survey of secure middleware for the internet of things. Peerj Comput. Sci. 2017, 3, e114.
  13. Renner, T.; Kliem, A.; Kao, O. The device cloud—Applying cloud computing concepts to the internet of things. In Proceedings of the 2014 IEEE International Conference on Ubiquitous Intelligence and Computing, 2014 IEEE International Conference on Autonomic and Trusted Computing, 2014 IEEE International Conference on Scalable Computing and Communications and Associated Workshops, Bali, Indonesia, 9–12 December 2014; pp. 396–401.
  14. Baldini, G.; Skarmeta, A.; Fourneret, E.; Neisse, R.; Legeard, B.; Le Gall, F. Security certification and labelling in Internet of Things. In Proceedings of the 2016 IEEE 3rd World Forum on Internet of Things, WF-IoT 2016, Reston, VA, USA, 12–14 December 2016; pp. 627–632.
  15. Matheu-García, S.N.; Hernández-Ramos, J.L.; Skarmeta, A.F.; Baldini, G. Risk-based automated assessment and testing for the cybersecurity certification and labelling of IoT devices. Comput. Stand. Interfaces 2019, 62, 64–83.
  16. Matheu, S.N.; Hernández-Ramos, J.L.; Skarmeta, A.F.; Baldini, G. A survey of cybersecurity certification for the internet of things. ACM Comput. Surv. 2021, 53, 1–36.
  17. Moosavi, S.R.; Gia, T.N.; Rahmani, A.M.; Nigussie, E.; Virtanen, S.; Isoaho, J.; Tenhunen, H. SEA: A secure and efficient authentication and authorization architecture for IoT-based healthcare using smart gateways. In Proceedings of the 6th International Conference on Ambient Systems, Networks and Technologies (ANT-2015), the 5th International Conference on Sustainable Energy Information Technology (SEIT-2015), London, UK, 2–5 June 2015; Volume 52, pp. 452–459.
  18. Turab, N.M. Internet of Things: A Survey of Existing architectural models and their security Protocols. Int. J. Comput. Sci. Netw. Secur. 2017, 17, 197–205.
  19. Abdul-Ghani, H.A.; Konstantas, D. A comprehensive study of security and privacy guidelines, threats, and countermeasures: An IoT perspective. J. Sens. Actuator Netw. 2019, 8, 22.
  20. Sadhu, P.K.; Yanambaka, V.P.; Abdelgawad, A. Internet of things: Security and solutions survey. Sensors 2022, 22, 7433.
  21. El-Attar, M.; Abdul-Ghani, H.A. Using security robustness analysis for early-stage validation of functional security requirements. Requir. Eng. 2016, 21, 1–27.
  22. Taleby, M.; Li, Q.; Rabbani, M.; Raza, A. A survey on smartphones security: Software vulnerabilities, malware, and attacks. Int. J. Adv. Comput. Sci. Appl. 2017, 8.
  23. Yoon, S.; Kim, J.; Jeon, Y. Security considerations based on classification of IoT device capabilities. In Proceedings of the SERVICE COMPUTATION 2017: The Ninth International Conferences on Advanced Service Computing, Athens, Greece, 19–23 February 2017; pp. 1–63, ISBN 978-1-61208-528-9.
  24. Shon, T. In-vehicle Networking/Autonomous vehicle security for internet of Things/Vehicles. Electronicsweek 2021, 10, 637.
  25. Bettayeb, M.; Nasir, Q.; Talib, M.A. Firmware update attacks and security for IoT devices. In Proceedings of the ArabWIC 6th Annual International Conference Research Track, Rabat, Morocco, 7–9 March 2019; ACM: New York, NY, USA, 2019; pp. 1–6.
  26. El Jaouhari, S.; Bouvet, E. Secure firmware over-the-air updates for IoT: Survey, challenges, and discussions. Internet Things 2022, 18, 100508.
  27. Sen, J. Security in wireless sensor networks. In Wireless Sensor Networks: Current Status and Future Trends; CPC Press: Boca Raton, FL, USA, 2016; pp. 407–460. ISBN 9781466506084.
  28. Yang, G.; Dai, L.; Wei, Z. Challenges, threats, security issues and new trends of underwater wireless sensor networks. Sensors 2018, 18, 3907.
  29. Ender, M.; Swierczynski, P.; Wallat, S.; Wilhelm, M.; Knopp, P.M.; Paar, C. Insights into the mind of a trojan designer: The challenge to integrate a trojan into the bitstream. In Proceedings of the 24th Asia and South Pacific Design Automation Conference, Tokyo, Japan, 21–24 January 2019; ACM: Tokyo, Japan, 2019; pp. 112–119.
  30. Sathyadevan, S.; Achuthan, K.; Doss, R.; Pan, L. Protean Authentication Scheme—A Time-Bound Dynamic KeyGen Authentication Technique for IoT Edge Nodes in Outdoor Deployments. IEEE Access 2019, 7, 92419–92435.
  31. Cherdantseva, Y.; Hilton, J. A reference model of information assurance & security. In Proceedings of the 2013 International Conference on Availability, Reliability and Security, ARES 2013, Regensburg, Germany, 2–6 September 2013; pp. 546–555.
  32. Abdulghani, H.A.; Nijdam, N.A.; Collen, A.; Konstantas, D. A study on security and privacy guidelines, countermeasures, threats: IoT data at rest perspective. Symmetry 2019, 11, 774.
  33. Mohsen Nia, A.; Sur-Kolay, S.; Raghunathan, A.; Jha, N.K. Physiological information leakage: A new frontier in health information security. IEEE Trans. Emerg. Top. Comput. 2015, 4, 321–334.
  34. Montenegro, G.; Kushalnagar, N.; Hui, J.; Culler, D. Transmission of IPv6 Packets over IEEE 802.15.4 Networks, RFC 4944; RFC Editor: Fremont, CA, USA, 2007; pp. 1–30.
  35. Watteyne, T.; Palattella, M.; Grieco, L. Using IEEE 802.15. 4e Time-Slotted Channel Hopping (TSCH) in the Internet of Things (IoT): Problem Statement; RFC 7554; RFC Editor: Fremont, CA, USA, 2015; pp. 1–23.
  36. Roman, R.; Alcaraz, C.; Lopez, J.; Sklavos, N. Key management systems for sensor networks in the context of the Internet of Things. Comput. Electr. Eng. 2011, 37, 147–159.
  37. ArchRock Corporation. Phynet n4x Series. 2008. Available online: https://urgentcomm.com/2008/11/01/sensor-nodes-handle-harsh-environments/ (accessed on 13 March 2023).
  38. Hong, S.; Kim, D.; Ha, M.; Bae, S.; Park, S.; Jung, W.; Kim, J.E. SNAIL: An IP-based wireless sensor network approach to the Internet of things. IEEE Wirel. Commun. 2010, 17, 34–42.
  39. Raza, S.; Duquennoy, S.; Höglund, J.; Roedig, U.; Voigt, T. Secure communication for the Internet of Things-a comparison of link-layer security and IPsec for 6LoWPAN. Secur. Commun. Netw. 2014, 7, 2654–2668.
  40. Law, Y.W.; Zhang, Y.; Jin, J.; Palaniswami, M.; Havinga, P. Secure rateless deluge: Pollution-resistant reprogramming and data dissemination for wireless sensor networks. Eurasip J. Wirel. Commun. Netw. 2011, 1–22.
  41. Saiful Islam Mamun, M.; Sultanul Kabir, A.; Sakhawat Hossen, M.; Hayat Khan, M. Policy based intrusion detection and response system in hierarchical WSN architecture. arXiv 2012, arXiv:1209.1678.
  42. Hu, K.; Nowroz, A.N.; Reda, S.; Koushanfar, F. High-sensitivity hardware trojan detection using multimodal characterization. In Proceedings of the Design, Automation and Test in Europe, DATE, Grenoble, France, 18–22 March 2013; pp. 1271–1276, ISSN 15301591.
  43. Alliance, A.S.C. Embedded hardware security for IoT applications. In A Smart card Alliance Internet of Things Security Council White Paper; Technical Report December 2016; Smart Card Alliance, CA, USA; Available online: https://www.securetechalliance.org/wp-content/uploads/Embedded-HW-Security-for-IoT-WP-FINAL-December-2016.pdf (accessed on 13 March 2023).
  44. Heer, T.; Garcia-Morchon, O.; Hummen, R.; Keoh, S.L.; Kumar, S.S.; Wehrle, K. Security challenges in the IP-based Internet of Things. Wirel. Pers. Commun. 2011, 61, 527–542.
  45. Moskowitz, H.; Komu, M. HIP Diet EXchange (DEX) draft-ietf-hip-dex-18. Hip 2020, 5, 1.
  46. Jung, S.W.; Jung, S. Secure bootstrapping and rebootstrapping for resource-constrained thing in internet of things. Int. J. Distrib. Sens. Netw. 2015, 11, 174383.
  47. Conoscenti, M.; Vetro, A.; De Martin, J.C. Blockchain for the Internet of Things: A systematic literature review. In Proceedings of the IEEE/ACS International Conference on Computer Systems and Applications, AICCSA, Agadir, Morocco, 29 November–2 December 2016; pp. 1–6.
  48. Mosenia, A.; Jha, N.K. A comprehensive study of security of internet-of-things. IEEE Trans. Emerg. Top. Comput. 2017, 5, 586–602.
  49. Hristozov, S.; Heyszl, J.; Wagner, S.; Sigl, G. Practical runtime attestation for tiny IoT devices. In Proceedings of the Proceedings 2018 Workshop on DECENTRALIZED IoT Security and Standards, San Diego, CA, USA, 18 February 2018.
  50. Rashid, F.; Miri, A.; Woungang, I. A secure data deduplication framework for cloud environments. In Proceedings of the 2012 10th Annual International Conference on Privacy, Security and Trust, PST 2012, Paris, France, 16–18 July 2012; pp. 81–87.
  51. Yu, S.; Guo, S. Big data concepts, theories, and applications. In Big Data Concepts, Theories, and Applications; Springer International Publishing: Cham, Switzerland, 2016; pp. 1–437.
  52. Machanavajjhala, A.; Kifer, D.; Gehrke, J.; Venkitasubramaniam, M. L-diversity: Privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data 2007, 1, 3.
  53. Li, N.; Li, T.; Venkatasubramanian, S. t-closeness: Privacy beyond k-anonymity and l-diversity. In Proceedings of the 2007 IEEE 23rd International Conference on data Engineering, Istanbul, Turkey, 14–20 April 2006; pp. 106–115.
  54. Narendra, N.C.; Nayak, S.; Shukla, A. Managing large-scale transient data in IoT systems. In Proceedings of the 2018 10th International Conference on Communication Systems and Networks, COMSNETS 2018, Bengaluru, India, 3–7 January 2018; Volume 2018, pp. 565–568.
  55. Jiang, H.; Shen, F.; Chen, S.; Li, K.C.; Jeong, Y.S. A secure and scalable storage system for aggregate data in IoT. Future Gener. Comput. Syst. 2015, 49, 133–141.
  56. Storer, M.W.; Greenan, K.M.; Miller, E.L.; Voruganti, K. POTSHARDS: Secure long-term storage without encryption. In Proceedings of the 2007 USENIX Annual Technical Conference, Santa Clara, CA, USA, 17–22 June 2007; pp. 143–156, ISBN 9998888776.
  57. Anand, M. Cloud monitor: Monitoring applications in cloud. In Proceedings of the IEEE Cloud Computing for Emerging Markets, CCEM 2012, Bangalore, India, 11–12 October 2012; pp. 58–61.
  58. Brinkmann, A.; Fiehe, C.; Litvina, A.; Lück, I.; Nagel, L.; Narayanan, K.; Ostermair, F.; Thronicke, W. Scalable monitoring system for clouds. In Proceedings of the 2013 IEEE/ACM 6th International Conference on Utility and Cloud Computing, UCC 2013, Dresden, Germany, 9–12 December 2013; pp. 351–356.
  59. Kumar, A.; Narendra, N.C.; Bellur, U. Uploading and replicating internet of things (IoT) data on distributed cloud storage. In Proceedings of the 2016 IEEE 9th International Conference on Cloud Computing (CLOUD), San Francisco, CA, USA, 27 June–2 July 2016; pp. 670–677.
  60. Jayant, D.B.; Swapnaja, A.U.; Sulabha, S.A.; Dattatray, G.M. Analysis of DAC MAC RBAC access control based models for security. Int. J. Comput. Appl. 2014, 104, 6–13.
  61. Javed, F.; Afzal, M.K.; Sharif, M.; Kim, B.S. Internet of things (IoT) operating systems support, networking technologies, applications, and challenges: A comparative review. IEEE Commun. Surv. Tutor. 2018, 20, 2062–2100.
  62. Granjal, J.; Monteiro, E.; Silva, J.S. Application-layer security for the WoT: Extending CoAP to support end-to-end message security for internet-integrated sensing applications. In Proceedings of the Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), St. Petersburg, Russia, 5–7 June 2013; Volume 7889, pp. 140–153.
  63. Perera, C.; McCormick, C.; Bandara, A.K.; Price, B.A.; Nuseibeh, B. Privacy-by-design framework for assessing internet of things applications and platforms. In Proceedings of the ACM International Conference Proceeding Series, Stuttgart, Germany, 7–9 November 2016; pp. 83–92.
  64. Broadband Internet Technical Advisory Group. Internet of things (IoT) security and privacy recommendations: A uniform agreement report. In Broadband Internet Technical Advisory Group Technical Working Group Report; Technical Report November 2016; Broadband Internet Technical Advisory Group: Denver, CO, USA; Available online: https://www.bitag.org/report-internet-of-things-security-privacy-recommendations.php (accessed on 13 March 2023).
  65. OWASP Internet of Things. Available online: https://owasp.org/www-project-internet-of-things/ (accessed on 13 March 2023).
  66. IoT Security Foundation (IoTSF). IoT Security Compliance Framework Release 2.1; Technical report; IoT Security Foundation: Livingston, UK, 2020.
More
© Text is available under the terms and conditions of the Creative Commons Attribution (CC BY) license; additional terms may apply. By using this site, you agree to the Terms and Conditions and Privacy Policy.
Upload a video for this entry
Information
Subjects: Computer Science, Cybernetics
Contributors MDPI registered users' name will be linked to their SciProfiles pages. To register with us, please refer to https://encyclopedia.pub/register :
Hezam Akram Abdulghani
,
Anastasija Collen
,
Niels Alexander Nijdam
View Times: 279
Revisions: 3 times (View History)
Update Date: 31 Jul 2023
Table of Contents
    1000/1000
    Hot Most Recent
    Video Production Service
    Feedback