Security and Privacy Requirements for the Internet of Things

Nada Alhirabi; Omer Rana; Charith Perera

doi:10.1145/3437537

Security and Privacy Requirements for the Internet of Things

ACM Transactions on Internet of Things ◽

10.1145/3437537 ◽

2021 ◽

Vol 2 (1) ◽

pp. 1-37

Author(s):

Nada Alhirabi ◽

Omer Rana ◽

Charith Perera

Keyword(s):

Software Engineering ◽

Internet Of Things ◽

Development Process ◽

Security And Privacy ◽

Functional Requirements ◽

Application Development ◽

Privacy Requirements ◽

Iot Applications ◽

Different Types ◽

Software And Hardware

The design and development process for internet of things (IoT) applications is more complicated than that for desktop, mobile, or web applications. First, IoT applications require both software and hardware to work together across many different types of nodes with different capabilities under different conditions. Second, IoT application development involves different types of software engineers such as desktop, web, embedded, and mobile to work together. Furthermore, non-software engineering personnel such as business analysts are also involved in the design process. In addition to the complexity of having multiple software engineering specialists cooperating to merge different hardware and software components together, the development process requires different software and hardware stacks to be integrated together (e.g., different stacks from different companies such as Microsoft Azure and IBM Bluemix). Due to the above complexities, non-functional requirements (such as security and privacy, which are highly important in the context of the IoT) tend to be ignored or treated as though they are less important in the IoT application development process. This article reviews techniques, methods, and tools to support security and privacy requirements in existing non-IoT application designs, enabling their use and integration into IoT applications. This article primarily focuses on design notations, models, and languages that facilitate capturing non-functional requirements (i.e., security and privacy). Our goal is not only to analyse, compare, and consolidate the empirical research but also to appreciate their findings and discuss their applicability for the IoT.

Download Full-text

An Integrated Platform for the Internet of Things Based on an Open Source Ecosystem

Future Internet ◽

10.3390/fi10110105 ◽

2018 ◽

Vol 10 (11) ◽

pp. 105 ◽

Cited By ~ 9

Author(s):

YangQun Li

Keyword(s):

Internet Of Things ◽

Open Source ◽

Point Of View ◽

Security And Privacy ◽

The Internet ◽

Application Development ◽

Device Management ◽

Iot Applications ◽

Technical Requirements ◽

The Internet Of Things

The Internet of Things (IoT) is increasingly part of daily life. However, the development of IoT applications still faces many problems, such as heterogeneity, complex management, and other difficulties. In this paper, first, the open source technologies of IoT are surveyed. We compare these technologies from the point of view of different levels of technical requirements, such as device management, data management, communication, intelligent data processing, security and privacy protection; we also look at requirements of application development and deployment. Second, an IoT integrated development platform architecture for IoT applications based on open source ecosystem is proposed and evaluated in an industrial setting. We applied P2P technology to distributed resource management and blockchain-based smart contract mechanics for resource billing management. The results show that the IoT gateway based on an open source ecosystem had a stable and reliable system performance with a certain data size and concurrency scale. These conditions satisfy the application requirements of the IoT in most sensing environments.

Download Full-text

SEF4CPSIoT Software Engineering Framework for Cyber-Physical and IoT Systems

International Journal of Hyperconnectivity and the Internet of Things ◽

10.4018/ijhiot.2021010101 ◽

2021 ◽

Vol 5 (1) ◽

pp. 1-24

Author(s):

Muthu Ramachandran

Keyword(s):

Software Engineering ◽

Smart Home ◽

Cyber Physical Systems ◽

Classification Model ◽

Security And Privacy ◽

Physical Systems ◽

Iot Applications ◽

Communications Technologies ◽

Efficient Control ◽

Efficient Integration

Cyber-physical systems (CPS) have emerged to address the need for more efficient integration of modern advancement in cyber and wireless communications technologies such as 5G with physical objects. In addition, CPSs systems also needed to efficient control of security and privacy when we compare them with internet of things (IoT). In recent years, we experienced lack of security concerns with smart home IoT applications such as home security camera, etc. Therefore, this paper proposes a systematic software engineering framework for CPS and IoT systems. This paper also proposed a comprehensive requirements engineering framework for CPS-IoT applications which can also be specified using BPMN modelling and simulation to verify and validate CPS-IoT requirements with smart contracts. In this context, one of the key contribution of this paper is the innovative and generic requirements classification model for CPS-IoT application services, and this can also be applied to other emerging technologies such as fog, edge, cloud, and blockchain computing.

Download Full-text

Research of long radius technology for implementation of solutions of the Іnternet of things

Connectivity ◽

10.31673/2412-9070.2020.063941 ◽

2020 ◽

Vol 148 (6) ◽

Author(s):

S. A. Zhezhkun ◽

◽

L. B. Veksler ◽

S. M. Brezitsʹkyy ◽

B. O. Tarasyuk

Keyword(s):

Internet Of Things ◽

Third Party ◽

Security And Privacy ◽

The Internet ◽

Daily Lives ◽

Advantages And Disadvantages ◽

Iot Applications ◽

Security Properties ◽

Technical Features ◽

The Internet Of Things

This article focuses on the analysis of promising technologies for long-range traffic transmission for the implementation of the Internet of Things. The result of the review of technical features of technologies, their advantages and disadvantages is given. A comparative analysis was performed. An analysis is made that in the future heterogeneous structures based on the integration of many used radio technologies will play a crucial role in the implementation of fifth generation networks and systems. The Internet of Things (IoT) is heavily affecting our daily lives in many domains, ranging from tiny wearable devices to large industrial systems. Consequently, a wide variety of IoT applications have been developed and deployed using different IoT frameworks. An IoT framework is a set of guiding rules, protocols, and standards which simplify the implementation of IoT applications. The success of these applications mainly depends on the ecosystem characteristics of the IoT framework, with the emphasis on the security mechanisms employed in it, where issues related to security and privacy are pivotal. In this paper, we survey the security of the main IoT frameworks, a total of 8 frameworks are considered. For each framework, we clarify the proposed architecture, the essentials of developing third-party smart apps, the compatible hardware, and the security features. Comparing security architectures shows that the same standards used for securing communications, whereas different methodologies followed for providing other security properties.

Download Full-text

Securing Software Systems - A Survey

10.36227/techrxiv.12319598 ◽

2020 ◽

Author(s):

Yong Weixiong ◽

Kohei Dozono ◽

Robin Lee ◽

Alvin Kon Soon Seng ◽

Fatima tuz Zahra

Keyword(s):

Development Process ◽

User Behavior ◽

Development Stage ◽

Security And Privacy ◽

Software Systems ◽

Privacy Concerns ◽

Policy Awareness ◽

Secure Software ◽

Different Types ◽

Development Processes

This paper aims to discuss the standard guidelines of the development process of secure software and will give justification on different types and ways of the software development processes. Additionally, a survey is conducted, the aim of which is to observe user behavior towards software system usage, user attitude in terms of privacy and policy awareness, security and privacy concerns. This is followed by discussion on how to secure software systems in development stage.

Download Full-text

Towards the Protection and Security in Fog Computing for Industrial Internet of Things

Advances in Computer and Electrical Engineering - Innovations in the Industrial Internet of Things (IIoT) and Smart Factory ◽

10.4018/978-1-7998-3375-8.ch002 ◽

2021 ◽

pp. 17-32

Author(s):

G. Rama Subba Reddy ◽

K. Rangaswamy ◽

Malla Sudhakara ◽

Pole Anjaiah ◽

K. Reddy Madhavi

Keyword(s):

Internet Of Things ◽

Distributed Computing ◽

Fog Computing ◽

Security And Privacy ◽

Safety Measures ◽

Iot Applications ◽

Industrial Internet ◽

Sensor Devices ◽

Key Enabling Technologies ◽

Privacy Issues

Internet of things (IoT) has given a promising chance to construct amazing industrial frameworks and applications by utilizing wireless and sensor devices. To support IIoT benefits efficiently, fog computing is typically considered as one of the potential solutions. Be that as it may, IIoT services still experience issues such as high-latency and unreliable connections between cloud and terminals of IIoT. In addition to this, numerous security and privacy issues are raised and affect the users of the distributed computing environment. With an end goal to understand the improvement of IoT in industries, this chapter presents the current research of IoT along with the key enabling technologies. Further, the architecture and features of fog computing towards the fog-assisted IoT applications are presented. In addition to this, security and protection threats along with safety measures towards the IIoT applications are discussed.

Download Full-text

IoTEF: A Federated Edge-Cloud Architecture for Fault-Tolerant IoT Applications

Journal of Grid Computing ◽

10.1007/s10723-019-09498-8 ◽

2020 ◽

Vol 18 (1) ◽

pp. 57-80 ◽

Cited By ~ 5

Author(s):

Asad Javed ◽

Jérémy Robert ◽

Keijo Heljanko ◽

Kary Främling

Keyword(s):

Internet Of Things ◽

Data Processing ◽

Fault Tolerant ◽

Network Connectivity ◽

Functional Requirements ◽

Long Distance ◽

Network Bandwidth ◽

Iot Applications ◽

Layered Design ◽

Hostile Environments

AbstractThe evolution of Internet of Things (IoT) technology has led to an increased emphasis on edge computing for Cyber-Physical Systems (CPS), in which applications rely on processing data closer to the data sources, and sharing the results across heterogeneous clusters. This has simplified the data exchanges between IoT/CPS systems, the cloud, and the edge for managing low latency, minimal bandwidth, and fault-tolerant applications. Nonetheless, many of these applications administer data collection on the edge and offer data analytic and storage capabilities in the cloud. This raises the problem of separate software stacks between the edge and the cloud with no unified fault-tolerant management, hindering dynamic relocation of data processing. In such systems, the data must also be preserved from being corrupted or duplicated in the case of intermittent long-distance network connectivity issues, malicious harming of edge devices, or other hostile environments. Within this context, the contributions of this paper are threefold: (i) to propose a new Internet of Things Edge-Cloud Federation (IoTEF) architecture for multi-cluster IoT applications by adapting our earlier Cloud and Edge Fault-Tolerant IoT (CEFIoT) layered design. We address the fault tolerance issue by employing the Apache Kafka publish/subscribe platform as the unified data replication solution. We also deploy Kubernetes for fault-tolerant management, combined with the federated scheme, offering a single management interface and allowing automatic reconfiguration of the data processing pipeline, (ii) to formulate functional and non-functional requirements of our proposed solution by comparing several IoT architectures, and (iii) to implement a smart buildings use case of the ongoing Otaniemi3D project as proof-of-concept for assessing IoTEF capabilities. The experimental results conclude that the architecture minimizes latency, saves network bandwidth, and handles both hardware and network connectivity based failures.

Download Full-text

A taxonomy of security and privacy requirements for the Internet of Things (IoT)

2014 IEEE International Conference on Industrial Engineering and Engineering Management ◽

10.1109/ieem.2014.7058837 ◽

2014 ◽

Cited By ~ 31

Author(s):

Israa Alqassem ◽

Davor Svetinovic

Keyword(s):

Internet Of Things ◽

Security And Privacy ◽

The Internet ◽

Privacy Requirements ◽

The Internet Of Things

Download Full-text

Investigating the factors affecting the internet of things (IOT) adoption model -an exploratory study in Egypt

The Business and Management Review ◽

10.24052/bmr/v11nu02/art-12 ◽

2020 ◽

Vol 11 (02) ◽

pp. 97-108

Author(s):

Ghada Zaky ◽

◽

Prof. Ayman Shawky ◽

Prof. Mohamed A. Ragheb ◽

◽

...

Keyword(s):

Developing Countries ◽

Internet Of Things ◽

Security And Privacy ◽

The Internet ◽

Privacy Concern ◽

Critical Question ◽

Iot Applications ◽

Adoption Model ◽

The Internet Of Things ◽

Security Concern

Purpose: This study aims to investigate the factors that affect developing countries especially Egyptian users to adopt IOT Applications/devices, and to what extent those variables affect the overall attitude towards, behavioral intentions and actual usage of IOT applications/devices. Moreover, to develop an extended adoption model by integrating the security concern and privacy concern in UTAUT2 model. Design/Methodology: a descriptive quantitative approach was adopted, and a comprehensive research model was adapted from literature and then tested via an online questionnaire. Results/Findings: The findings revealed that Effort Expectancy, Facilitating Conditions and Security Concern all have a significant positive effect on the overall intention towards using IOT applications/devices in Egypt. Theoretical and practical implications: The Internet of Things (IOT) has emerged as an innovative computing technology destined to optimize business operations and create new products and services. IOT enable the devices to communicate and integrate with one another to collect, exchange, and make data accessible through the Internet. It is projected that by 2025, over 50 billion devices will be connected to the IOT network, reaching a market value of up to $11 trillion. This study adapted the Extended Unified Theory of Acceptance and Use of Technology (UTAUT2) as the theoretical framework and its findings contribute to the literature by adding security and privacy concerns as new predictor variables. This contributes theoretically to the current literature by providing meaningful insights into the main factors that affect using IOT Applications/Devices in developing countries specially Egypt. This study’s conceptual effort provided an overall overview of how IOT users arrive at choosing (or not choosing) to use IOT applications/devices. Additionally, the analytic effort of this study provided a holistic assessment of the role of each variable. One critical question in this case is whether industrial leaders should assign an equal number of resources to each variable or not. By assessing the significance of each variable, the researcher attempted to clarify the comparative importance of each variable in forecasting purchase intentions and decisions to use IOT applications/devices.

Download Full-text

Assessment of the Various Techniques and Models Used To Secure the Applications of Internet of Things

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.b3745.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 3334-3339

Keyword(s):

Internet Of Things ◽

Vital Role ◽

Privacy And Security ◽

Iot Applications ◽

The World ◽

Different Types ◽

Pros And Cons ◽

Threat Avoidance

In The Today’s Environment Digitization Plays A Vital Role In Daily Aspects Of Life And Mostly All The Appliances Are Digitally Connected And Smart In Operation That Grows Rapidly In All Over The World. For This, Iot Frameworks Is Mainly Applied And Utilized To Build Different Types Iot Applications. During The Formation Of Applications In Iot, Different Types Of Rules, Standards And Procedures Are Used Which Is Embedded In The Iot Framework. While Implementing The Privacy And Security In The Applications Needs A Variety Of Procedures And Mechanisms For Confirmations That All The Things Are Properly Working And Threat Avoidance. This Paper Focuses On Assessment Of Various Security Mechanisms Which Can Be Applied To Build An Iot Application. Also, The Pros And Cons Of Each Technique In The Domain Of Iot Application.

Download Full-text

2-SQUARE

International Journal of Software Innovation ◽

10.4018/ijsi.2013010104 ◽

2013 ◽

Vol 1 (1) ◽

pp. 41-53 ◽

Cited By ~ 2

Author(s):

Alan Lai ◽

Cui Zhang ◽

Senad Busovaca

Keyword(s):

Software Engineering ◽

Requirements Engineering ◽

Security And Privacy ◽

Engineering Process ◽

Privacy Requirements ◽

Requirements Engineering Process ◽

Daunting Task ◽

Process Guidance ◽

Engineering Institute

This paper presents a highly flexible and expandable tool called 2-SQUARE in support of the SQUARE methodology for security and privacy requirements engineering developed by the Software Engineering Institute at Carnegie Mellon University. Security and privacy requirements engineering can be a daunting task even with the proper expertise. 2-SQUARE aims at making it straightforward to perform requirements engineering regardless of expertise by providing flexible workflows and process guidance. 2-SQUARE also facilitates communication between requirements engineers and stakeholders throughout the requirements engineering process.

Download Full-text