On the Security and Privacy of Internet of Things Architectures and Systems
read more
Citations
Some Preliminary Comments on the DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
Applications of Wireless Sensor Networks and Internet of Things Frameworks in the Industry Revolution 4.0: A Systematic Literature Review
Securing IoTs in distributed blockchain: Analysis, requirements and open issues
Technical Issues on Cognitive Radio-Based Internet of Things Systems: A Survey
Identity Management Systems for the Internet of Things: A Survey Towards Blockchain Solutions.
References
The Internet of Things: A survey
Internet of Things (IoT): A vision, architectural elements, and future directions
k -anonymity: a model for protecting privacy
Internet of Things for Smart Cities
Tor: the second-generation onion router
Related Papers (5)
On the features and challenges of security and privacy in distributed internet of things
Frequently Asked Questions (16)
Q2. What have the authors stated for future works in "On the security and privacy of internet of things architectures and systems" ?
With regards to future work, the authors recommend to address the major gaps that were identified in specific areas of the identity management, privacy, and trust. With respect to privacy, the authors plan to propose a framework for its protection at the device, communication, and cloud level rather than only at one of these levels.
Q3. What is the purpose of the BeTaaS architecture?
Since BeTaaS instances consist of multiple gateways, BeTaaS uses a PKI with a Certificate Authority (CA) to manage keys and ensure confidentiality, authenticity and integrity via secure communication channels.
Q4. What is the key management component for BeTaaS?
With regard to Network Security the Key Management component associates entities, performs authentication, manages user sessions, and provides encrypted communication.
Q5. What are the main security requirements for the IoT?
1) Network Security: Network security requirements [46] can be split into confidentiality, authenticity, integrity, and availability.
Q6. What is the third layer of BeTaaS?
The third layer, namely the TaaS Layer, relies on the abstraction layer and provides networkwide access to the devices in the M2M layer.
Q7. What are the key enabling technologies for the IoT?
Security and privacy are crucial enabling technologies and thus among the biggest challenges [1], [35], [43], [44], [47], [57] for the IoT.
Q8. What is the main idea of IoT at work?
For that, IoT@Work introduces for instance the concept of network slices, a combination of virtualization, resource management, and security.
Q9. What are the requirements for establishing device trust?
approaches such as trusted computing [26] (for standardized devices) as well as computational trust [29] are required to establish device trust.
Q10. What is the role of integrity in the IoT?
2) Identity Management: Identity management poses a specific challenge in the IoT due to the number of devices, but also due to the complex relationship between devices, services, owners and users [36], [50].
Q11. What are the main requirements for IoT architectures?
For network security, all four architectures address (at least partially) confidentiality as well as integrity in combination with authenticity as dominant requirements.
Q12. What is the role of the identity management component?
The identity management component is responsible for managing the way identities of sensors or gateways are presented in their interaction with BeTaaS instances.
Q13. What architectures address the two main requirements of IoT?
All four architectures address robustness as well as resilience, with a slight focus shift towards resilience in the case of IoT@Work.
Q14. What is the role of the TRA component in IoT?
In more details, the TRA component is responsible for establishing the trust to the things and compute reputation values based on the recommendations and the feedback received from other things and services.
Q15. What is the role of federated authorization in the IoT?
solutions for federated authorization that work with untrusted devices, allow delegation of access across domains, and provide quick revocation, e.g., for broken or rogue devices, are required.
Q16. What are the views and perspectives for IoT-A?
Such views and perspectives include the information view for static structures as well as dynamic information flows, the performance and scalability perspective, and the trust and security perspective [5].