Home   >   CSC-OpenAccess Library   >    Manuscript Information
The Internet of Things: Architecture, Security Threats, and Risk Mitigation Techniques
Eric Brown, Mohammed Ketel
Pages - 187 - 199     |    Revised - 30-11-2020     |    Published - 31-12-2020
Volume - 14   Issue - 5    |    Publication Date - December 2020  Table of Contents
MORE INFORMATION
KEYWORDS
Internet of Things, Architecture, Security, Mitigation, Best Practices.
ABSTRACT
Devices in the consumer, commercial, healthcare and industrial sectors are becoming increasingly more connected to the Internet. These interconnected devices range from smart devices in the home and wearable health monitoring devices to sensors and actuators within critical infrastructure environments. The framework of connected devices that share data is referred as the Internet of Things (IoT). There is an increasing security concern regarding this framework and devices that are considered part of IoT. As the number of devices that are able to send sensitive information over networks increases, so does the threat of this data being compromised. To mitigate and minimize this threat, research has been performed to develop a number of potential approaches to increase security levels for these IoT devices. This paper will present a few of those security risks and mitigations, as well as best practices to implement by administrators of IoT networks.
A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash, “Internet of Things: A Survey on Enabling Technologies, Protocols and Applications,” IEEE Communications Surveys & Tutorials, pp. 2347 - 2376, 2015.
A. Banafa, “Three Major Challenges Facing IoT,” IEEE IoT Newsletter, https://iot.ieee.org/newsletter/march-2017/three-major-challenges-facing-iot [Accessed November 5, 2019].
A. Gerber, and S. Kansal “Simplify the development of your IoT solutions with IoT architectures,” https://developer.ibm.com/articles/iot-lp201-iot-architectures [Accessed March 30, 2020].
AM. Nia, and NK. Jha, “A Comprehensive Study of Security of Internet-of-Things,” IEEE Transactions on Emerging Topics in Computing 5 (4), 1-19, 2016.
C. Li and B. Palanisamy, “Privacy in Internet of Things: from Principles to Technology”, IEEE Internet of Things Journal, pp. 1-15, 2019.
E. Fernandez, N. Yoshioka, and H. Washizaki, “Abstract and IoT security patterns for network segmentation”, 2019. Procs. Asian PLoP'19, 2019.
ENISA, “Good Practices for Security of Internet of Things in the context of Smart Manufacturing” November 2018.
J H. Atlam, A. Alenezi, A. Alharthi, R. Walters, and G. Wills, “Integration of Cloud Computing with Internet of Things: Challenges and Open Issues,” 2017 IEEE International Conference on Internet of Things (iThings), pp. 670 – 675, 2017.
J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Elsevier, Future Generation Computer Systems Volume 29, Issue 7, pp. 1645-1660, 2013.
J. Ziegeldorf, O. Morchon, and K. Wehrle , “Privacy in the Internet of Things: threats and challenges,” Security and Communication Networks, John Wiley & Sons, pp. 2728–2742, 2014.
K. Boeckl, et al, “Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks” National Institute of Standards and Technology (NIST), Internal Report NISTIR 8228, June 2019.
L. Shade, “Implementing Secure Remote Firmware Updates”, Embedded Systems Conference Silicon Valley 2011, pp. 1 – 18, 2011.
M. Wu, TJ. Lu, FY. Ling, J. Sun, and HY. Du, “Research on the architecture of Internet of Things,” IEEE 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), 2010.
N. Lethaby, “Wireless connectivity for the Internet of Things: One size does not fit all,” Texas Instruments (TI), pp. 6 – 12, 2017.
NIST, Back to basics: Multi-factor authentication (MFA) https://www.nist.gov/itl/applied- cybersecurity/tig/back-basics-multi-factor-authentication. [Accessed December 18, 2019].
OTA, “IoT Security Upgradeability and Patching”, (OTA) Online Trust Alliance, U.S. Department of Commerce and National Telecommunications & Information Administration, 2016.
S. Baker, W. Xiang, and I. Atkinso, “Internet of Things for Smart Healthcare: Technologies, Challenges, and Opportunities,” IEEE Access, Volume 5, pp. 26521 – 26544, 2017.
S. Singh, PK. Sharma, SY. Moon and JH. Park, “Advanced lightweight encryption algorithms for IoT devices: survey, challenges and solutions,” Springer, Journal of Ambient Intelligence and Humanized Computing, 2017.
S. Wang, R. Shumba, and W. Kelly, “Security by Design: Defense-in-Depth IoT Architecture”, Journal of The Colloquium for Information System Security Education (CISSE), Edition 4, Issue 2, pp. 2 - 9, 2017.
T. Yousuf, R. Mahmoud, F. Aloul, and I. Zualkernan, “Internet of Things (IoT) Security: Current Status, Challenges and Countermeasures,” International Journal for Information Security Research (IJISR), Volume 5, Issue 4, pp. 608- 616, 2015.
V. Baños-Gonzalez, MS Afaqui, E. Lopez-Aguilera, and E. Garcia-Villegas, “IEEE 802.11ah: A Technology to Face the IoT Challenge,” MDPI, Sensors, pp. 1 -21, 2016.
Y. Yang, L. Wu, G. Yin, L. Li, and H. Zhao, “A Survey on Security and Privacy Issues in Internet-of-Things,” IEEE Internet of Things Journal, Volume 4, Issue 5, pp. 1250 – 1258, 2017.
Mr. Eric Brown
Applied Information Technology, University of Baltimore, Baltimore, Maryland - United States of America
Dr. Mohammed Ketel
Applied Information Technology, University of Baltimore, Baltimore, Maryland - United States of America
mketel@ubalt.edu