Home   >   CSC-OpenAccess Library   >    Manuscript Information
Full Text Available

This is an Open Access publication published under CSC-OpenAccess Policy.
Publications from CSC-OpenAccess Library are being accessed from over 74 countries worldwide.
The Internet of Things: Architecture, Security Threats, and Risk Mitigation Techniques
Eric Brown, Mohammed Ketel
Pages - 187 - 199     |    Revised - 30-11-2020     |    Published - 31-12-2020
Volume - 14   Issue - 5    |    Publication Date - December 2020  Table of Contents
Internet of Things, Architecture, Security, Mitigation, Best Practices.
Devices in the consumer, commercial, healthcare and industrial sectors are becoming increasingly more connected to the Internet. These interconnected devices range from smart devices in the home and wearable health monitoring devices to sensors and actuators within critical infrastructure environments. The framework of connected devices that share data is referred as the Internet of Things (IoT). There is an increasing security concern regarding this framework and devices that are considered part of IoT. As the number of devices that are able to send sensitive information over networks increases, so does the threat of this data being compromised. To mitigate and minimize this threat, research has been performed to develop a number of potential approaches to increase security levels for these IoT devices. This paper will present a few of those security risks and mitigations, as well as best practices to implement by administrators of IoT networks.
1 J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Elsevier, Future Generation Computer Systems Volume 29, Issue 7, pp. 1645-1660, 2013.
2 J H. Atlam, A. Alenezi, A. Alharthi, R. Walters, and G. Wills, “Integration of Cloud Computing with Internet of Things: Challenges and Open Issues,” 2017 IEEE International Conference on Internet of Things (iThings), pp. 670 – 675, 2017.
3 S. Baker, W. Xiang, and I. Atkinso, “Internet of Things for Smart Healthcare: Technologies, Challenges, and Opportunities,” IEEE Access, Volume 5, pp. 26521 – 26544, 2017.
4 K. Boeckl, et al, “Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks” National Institute of Standards and Technology (NIST), Internal Report NISTIR 8228, June 2019.
5 A. Gerber, and S. Kansal “Simplify the development of your IoT solutions with IoT architectures,” https://developer.ibm.com/articles/iot-lp201-iot-architectures [Accessed March 30, 2020].
6 J. Ziegeldorf, O. Morchon, and K. Wehrle , “Privacy in the Internet of Things: threats and challenges,” Security and Communication Networks, John Wiley & Sons, pp. 2728–2742, 2014.
7 A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash, “Internet of Things: A Survey on Enabling Technologies, Protocols and Applications,” IEEE Communications Surveys & Tutorials, pp. 2347 - 2376, 2015.
8 M. Wu, TJ. Lu, FY. Ling, J. Sun, and HY. Du, “Research on the architecture of Internet of Things,” IEEE 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), 2010.
9 T. Yousuf, R. Mahmoud, F. Aloul, and I. Zualkernan, “Internet of Things (IoT) Security: Current Status, Challenges and Countermeasures,” International Journal for Information Security Research (IJISR), Volume 5, Issue 4, pp. 608- 616, 2015.
10 N. Lethaby, “Wireless connectivity for the Internet of Things: One size does not fit all,” Texas Instruments (TI), pp. 6 – 12, 2017.
11 V. Baños-Gonzalez, MS Afaqui, E. Lopez-Aguilera, and E. Garcia-Villegas, “IEEE 802.11ah: A Technology to Face the IoT Challenge,” MDPI, Sensors, pp. 1 -21, 2016.
12 Y. Yang, L. Wu, G. Yin, L. Li, and H. Zhao, “A Survey on Security and Privacy Issues in Internet-of-Things,” IEEE Internet of Things Journal, Volume 4, Issue 5, pp. 1250 – 1258, 2017.
13 AM. Nia, and NK. Jha, “A Comprehensive Study of Security of Internet-of-Things,” IEEE Transactions on Emerging Topics in Computing 5 (4), 1-19, 2016.
14 A. Banafa, “Three Major Challenges Facing IoT,” IEEE IoT Newsletter, https://iot.ieee.org/newsletter/march-2017/three-major-challenges-facing-iot [Accessed November 5, 2019].
15 S. Singh, PK. Sharma, SY. Moon and JH. Park, “Advanced lightweight encryption algorithms for IoT devices: survey, challenges and solutions,” Springer, Journal of Ambient Intelligence and Humanized Computing, 2017.
16 ENISA, “Good Practices for Security of Internet of Things in the context of Smart Manufacturing” November 2018.
17 S. Wang, R. Shumba, and W. Kelly, “Security by Design: Defense-in-Depth IoT Architecture”, Journal of The Colloquium for Information System Security Education (CISSE), Edition 4, Issue 2, pp. 2 - 9, 2017.
18 E. Fernandez, N. Yoshioka, and H. Washizaki, “Abstract and IoT security patterns for network segmentation”, 2019. Procs. Asian PLoP'19, 2019.
19 OTA, “IoT Security Upgradeability and Patching”, (OTA) Online Trust Alliance, U.S. Department of Commerce and National Telecommunications & Information Administration, 2016.
20 L. Shade, “Implementing Secure Remote Firmware Updates”, Embedded Systems Conference Silicon Valley 2011, pp. 1 – 18, 2011.
21 NIST, Back to basics: Multi-factor authentication (MFA) https://www.nist.gov/itl/applied- cybersecurity/tig/back-basics-multi-factor-authentication. [Accessed December 18, 2019].
22 C. Li and B. Palanisamy, “Privacy in Internet of Things: from Principles to Technology”, IEEE Internet of Things Journal, pp. 1-15, 2019.
Mr. Eric Brown
Applied Information Technology, University of Baltimore, Baltimore, Maryland - United States of America
Dr. Mohammed Ketel
Applied Information Technology, University of Baltimore, Baltimore, Maryland - United States of America