DOI QR코드

DOI QR Code

Why Dynamic Security for the Internet of Things?

  • Received : 2017.07.23
  • Accepted : 2018.01.28
  • Published : 2018.03.30

Abstract

The Internet of Things (IoT) ecosystem potentially includes heterogeneous devices with different processing mechanisms as well as very complicated network and communication models. Thus, analysis of data associated with adverse conditions is much more complicated. Moreover, mobile things in the IoT lead to dynamic alteration of environments and developments of a dynamic and ultra-large-scale (ULS) environment. Also, IoT and the services provided by that are mostly based on devices with limited resources or things that may not be capable of hosting conventional controls. Finally, the dynamic and heterogeneous and ULS environment of the IoT will lead to the emergence of new security requirements. The conventional preventive and diagnostic security controls cannot sufficiently protect it against increasing complication of threats. The counteractions provided by these methods are mostly dependent on insufficient static data that cannot sufficiently protect systems against sophisticated and dynamically evolved attacks. Accordingly, this paper investigates the current security approaches employed in the IoT architectures. Moreover, we define the dynamic security based on dynamic event analysis, dynamic engineering of new security requirements, context awareness and adaptability, clarify the need for employment of new security mechanism, and delineate further works that need to be conducted to achieve a secure IoT.

Keywords

References

  1. M. Hafner and R. Breu, Security Engineering for Service- Oriented Architectures. Heidelberg: Springer, 2009.
  2. J. Ramachandran, Designing Security Architecture Solutions. Hoboken, NJ: John Wiley & Sons, 2002.
  3. R. Kanneganti and P. Chodavarapu, SOA Security. Greenwich, CT: Manning Publications, 2008.
  4. N. C. Damianou, "A policy framework for management of distributed systems," PhD dissertation, University of London, UK, 2002.
  5. A. K. Bandara, E. C. Lupu, J. Moffett, and A. Russo, "A goal-based approach to policy refinement," in Proceedings of the 5th IEEE International Workshop on Policies for Distributed Systems and Networks, Yorktown Heights, NY, 2004, pp. 229-239.
  6. D. Miorandi, S. Sicari, F. De Pellegrini, and I. Chlamtac, "Internet of Things: vision, applications and research challenges," Ad Hoc Networks, vol. 10, no. 7, pp. 1497-1516, 2012. https://doi.org/10.1016/j.adhoc.2012.02.016
  7. F. Carrez, M. Bauer, M. Boussard, and N. Bui, "Final architectural reference model for the IoT v3.0," 2013, http:// www.meet-iot.eu/deliverables-IOTA/D1_5.pdf.
  8. Secure Internet of Things Project, http://iot.stanford.edu/.
  9. Seven Framework Programme, "BETaaS Architecture: building the environment for the things as a service," 2014, http://www.betaas.eu/docs/deliverables/BETaaS%20-%20D3.1.2% 20BETaaS%20Architecture%20v1.0.pdf.
  10. P. Fremantle, "A reference architecture for The Internet of Things," WSO2, 2015, https://wso2.com/wso2_resources/wso2_whitepaper_a-reference-architecture-for-the-internet-ofthings.pdf.
  11. National University of Ireland Galway, "OpenIoT Project: Open source blueprint for large scale self-organizing cloud environments for IoT applications," 2015, http://cordis. europa.eu/project/rcn/101534_en.html.
  12. B. Copigneaux, F. Clari, J. Galinowski, A. Ramakrishnan, D. Preuveneers, C. Gotze, S. Poilinca, F. Sottile, F. Rizzo, A. Andrushevich, et al., "D5.2 BUTLER final platforms and quality assessment," 2011, https://cordis.europa.eu/docs/projects/cnect/1/287901/080/deliverables/001-287901BUTLERD521.pdf.
  13. Siemens Aktiengesellschaft, "IoT@Work: Internet of Things at Works," 2013, http://cordis.europa.eu/project/rcn/95348_en.html.
  14. Microsoft, "Microsoft Azure IoT Reference Architecture," 2016, http://download.microsoft.com/download/A/4/D/A4DAD253-BC21-41D3-B9D9-87D2AE6F0719/Microsoft_Azure_IoT_Reference_Architecture.pdf.