Security and Privacy Functionalities in IoT

Internet of Things (IoT) offers a variety of technologies for connecting different kinds of heterogeneous devices. Security and privacy are becoming the main issue for IoT systems and their developers. Nevertheless, most works on IoT security and privacy requirements look at these requirements from a high-level view. Hence, the essential aspects of security and privacy functionalities will be disregarded, causing wrong design decisions. To combat this problem, this paper summarizes the most current documents related to security and privacy functionalities in the setting of IoT and provides a new taxonomy framework that organizes all aspects of security and privacy baselines, guidelines, and recommendations. To give an understanding of how the framework can help to improve security and privacy of IoT products, we combine it with a security classification method and demonstrate the usefulness by a case study of health products. Our framework can serve as a cornerstone towards the development of appropriate security solutions.

[1]  Zhibo Pang,et al.  Technologies and Architectures of the Internet-of-Things (IoT) for Health and Well-being , 2013 .

[2]  Ronald S. Ross,et al.  Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations [including updates as of 02-20-2018] | NIST , 2017 .

[3]  Jiafu Wan,et al.  Security in the Internet of Things: A Review , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[4]  Kyung-Sup Kwak,et al.  The Internet of Things for Health Care: A Comprehensive Survey , 2015, IEEE Access.

[5]  Ramjee Prasad,et al.  Proposed Security Model and Threat Taxonomy for the Internet of Things (IoT) , 2010, CNSA.

[6]  REGULATION (EU) 2019/518 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL , 2015 .

[7]  Hyeong-Ah Choi,et al.  Securing smart home: Technologies, security challenges, and security requirements , 2014, 2014 IEEE Conference on Communications and Network Security.

[8]  Davor Svetinovic,et al.  A taxonomy of security and privacy requirements for the Internet of Things (IoT) , 2014, 2014 IEEE International Conference on Industrial Engineering and Engineering Management.

[9]  Christian Johansen,et al.  Security Classification for Smart Grid Infra structures (long version) , 2017 .

[10]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[11]  Davar Pishva Internet of Things: Security and privacy issues and possible solution , 2017, 2017 19th International Conference on Advanced Communication Technology (ICACT).

[12]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..