A Study on Security and Privacy Guidelines, Countermeasures, Threats: IoT Data at Rest Perspective

Abdulghani, Hezam Akram; Nijdam, Niels Alexander; Collen, Anastasija; Konstantas, Dimitri

doi:10.3390/sym11060774

Cited by 36 publications

(22 citation statements)

References 97 publications

(139 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [4], the authors propose a comprehensive list of security and privacy guidelines only for IoT data at rest, such as searching on encrypted data, ensuring authorized access, encrypting data storage, and minimizing duplicated copies. Moreover, the authors investigate all possible attacks and threats against data at rest and identify a set of protection measures which can be used to implement their guidelines.…”

Section: Framework-based Solutionsmentioning

confidence: 99%

“…The other factor is the lack of frameworks that provide widely agreed upon security and privacy guidelines for IoT assets ( physical objects, protocols, data at rest, and software proposed in our earlier work [21]), along with their protection measures [3]. Such guidelines and their suitable implementation techniques would pave the road for IoT stakeholders like developers and manufacturers to build secure IoT systems by integrating such guidelines into their systems from the start [4]. In spite of the importance of such frameworks of security and privacy guidelines for IoT to enhance its security and privacy by design according to [4], a few research studies have been proposed in this regard [3,4,[22][23][24].…”

Section: Introductionmentioning

confidence: 99%

“…Such attacks and threats may jeopardize the existence of IoT, if they are left untouched. That said, securing IoT seems to be very complex and confusing compared to traditional Internet because of two primary factors [3,4]. One is IoT objects vary from tiny and lightweight objects (e.g., light bulbs) to powerful objects (e.g., smart phones), the majority of which is being connected to the Internet or each other to achieve specific tasks.…”

Section: Introductionmentioning

confidence: 99%

“…Such guidelines and their suitable implementation techniques would pave the road for IoT stakeholders like developers and manufacturers to build secure IoT systems by integrating such guidelines into their systems from the start [4]. In spite of the importance of such frameworks of security and privacy guidelines for IoT to enhance its security and privacy by design according to [4], a few research studies have been proposed in this regard [3,4,[22][23][24].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Novel Methodology for Securing IoT Objects Based on their Security Level Certificates

Abdulghani¹,

Konstantas²,

Nijdam³

2020

Preprint

Self Cite

View full text Add to dashboard Cite

Internet of Things (IoT) provides a huge business value for customers, organizations, and governments due to the developments of so many applications in different sectors like energy and healthcare. Nevertheless, as a new emerging technology, IoT faces several security concerns that are more challenging than conventional Internet because of its limited resources as well as its complex ecosystem. Toward this end, we first highlight IoT security challenges and briefly discuss its security goals like confidentiality and integrity. Second, we discuss the most common attacks against IoT, along with their violated security goals. We also review the existing frameworks of security and privacy guidelines for IoT and illustrate their shortcomings. Third, we propose a novel framework for securing IoT objects, the key objective of which is to assign different Security Level Certificates (SLCs) for IoT objects based on their hardware capabilities and protection measures. Objects with SLCs, therefore, will be able to communicate with each other or with the Internet in a secure manner. The proposed framework is composed of five main phases. In phase 1, we classify IoT assets into four components: (i) physical objects, (ii) protocols, (iii) data at rest, and (iv) software, which includes operating systems, middlewares, and applications. We also classify IoT objects into five categories based on their hardware capabilities. In phase 2, we propose security and privacy guidelines for previously mentioned IoT assets, along with their protection measures. In phase 3, we classify protection measures into five SLCs, and then we assign different SLCs for IoT objects. In phase 4: we develop a communication plan between objects based on their SLCs. In phase 5, we propose a four-step method to seamlessly integrate our objects with legacy objects ( objects are not developed according to our framework). Fourth, the feasibility and application of this framework are illustrated using smart homes as a case study. Finally, we investigate how our framework would lessen several attacks and threats against IoT like routing attacks and physical damage. We also provide qualitative arguments to show that this framework could be utilized to solve some of IoT security challenges such as tight resource constrains. Moreover, we discuss the shortcomings of our suggested framework.

show abstract

Section: Framework-based Solutionsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Novel Methodology for Securing IoT Objects Based on their Security Level Certificates

Abdulghani¹,

Konstantas²,

Nijdam³

2020

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…Along with this, technologies are constantly evolving. New types of threats appear [2], and the security of computer networks is evolving into the security of the Internet of Things [3][4][5][6].…”

Section: Introductionmentioning

confidence: 99%

Model of Threats to Computer Network Software

2019

View full text Add to dashboard Cite

This article highlights the issue of identifying information security threats to computer networks. The aim of the study is to increase the number of identified threats. Firstly, it was carried out the analysis of computer network models used to identify threats, as well as in approaches to building computer network threat models. The shortcomings that need to be corrected are highlighted. On the basis of the mathematical apparatus of attributive metagraphs, a computer network model is developed that allows to describe the software components of computer networks and all possible connections between them. On the basis of elementary operations on metagraphs, a model of threats to the security of computer network software is developed, which allows compiling lists of threats to the integrity and confidentiality of computer network software. These lists include more threats in comparison with the considered analogues.

show abstract

Review of IoT‐Based Smart City and Smart Homes Security Standards in Smart Cities and Home Automation

Kudande¹,

Singh²,

Chauhan³

2022

Autonomous Vehicles Volume 1

View full text Add to dashboard Cite

A Study on Security and Privacy Guidelines, Countermeasures, Threats: IoT Data at Rest Perspective

Cited by 36 publications

References 97 publications

A Novel Methodology for Securing IoT Objects Based on their Security Level Certificates

A Novel Methodology for Securing IoT Objects Based on their Security Level Certificates

Model of Threats to Computer Network Software

Review of IoT‐Based Smart City and Smart Homes Security Standards in Smart Cities and Home Automation

Contact Info

Product

Resources

About