Abstract
Security and trust are topics that go across the whole IoT architecture. They span from the strategic/business layers down to the technical ones. Considering the IoT (Internet of Things) ecosystem’s natural geographical distributions, cross domain specific issues, diversified technology stacks, it is crucial to build a solid and system-wide security framework. This chapter discusses important operational and technical security concepts and how to build a security framework for IoT ecosystems. The approach is explained and brought closer to the readers using the VICINITY IoT platform as a demonstration case study.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Alliance, O. C. https://www.openchargealliance.org/protocols/ocpp-20/
Bauer, M., Boussard, M., Bui, N., Loof, J. D., Magerkurth, C., Meissner, S., et al. (2013). IoT Reference Architecture. Enabling Things to Talk (pp. 163–211). https://doi.org/10.1007/978-3-642-40403-0_8
Butun, I., Pereira, N., & Gidlund, M. (2018). Security risk analysis of LoRaWAN and future directions. Future Internet, 11(1), 3. https://doi.org/10.3390/fi11010003. https://www.mdpi.com/1999-5903/11/1/3/pdf
Dabbagh, M., & Rayes, A. (2018). Internet of things security and privacy. In Internet of things from hype to reality (pp. 211–238). https://doi.org/10.1007/978-3-319-99516-8_8
Foundation, T. O. https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=IoT_Vulnerabilities
Foundation, T. O. https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=IoT_Attack_Surface_Areas
Ghirardello, K., Maple, C., Ng, D., & Kearney, P. (2018). Cyber security of smart homes: Development of a reference architecture for attack surface analysis. In Living in the Internet of Things: Cybersecurity of the IoT - 2018. https://doi.org/10.1049/cp.2018.0045
Gruschka, N., & Jensen, M. (2010). Attack surfaces: A taxonomy for attacks on cloud services. In 2010 IEEE 3rd International Conference on Cloud Computing. https://doi.org/10.1109/cloud.2010.23
Hackenberg, R., Weiss, N., Renner, S., & Pozzobon, E. (2017). Extending vehicle attack surface through smart devices. The Eleventh International Conference on Emerging Security Information, Systems and Technologies, ThinkMind, 131–135.
International Organization for Standardization Geneva, Switzerland (2011). ISO/IEC 27005:2011 Information technology – Security techniques – Information security risk management. https://www.iso.org/standard/56742.html
Kim, J.Y., Holz, R., Hu, W., & Jha, S. (2017). Automated analysis of secure Internet of things protocols. In Proceedings of the 33rd Annual Computer Security Applications Conference on - ACSAC 2017. https://doi.org/10.1145/3134600.3134624
Leblanc, J., & Messerschmidt, T. (2016). Identity and data security for web development: Best practices. Sebastopol: O’reilly Media.
Marksteiner, S., Jimenez, V. J. E., Valiant, H., & Zeiner, H. (2017). An overview of wireless IoT protocol security in the smart home domain. In 2017 Internet of Things Business Models, Users, and Networks. https://doi.org/10.1109/ctte.2017.8260940
Reshetova, E., & McCool, M. (2019). Web of Things (WoT) Security and Privacy Considerations. https://www.w3.org/TR/wot-security/#wot-threat-model-stakeholders
Soós, G., Kozma, D., Janky, F. N., & Varga, P. (2018). IoT device lifecycle–A generic model and a use case for cellular mobile networks. In: 2018 IEEE 6th International Conference on Future Internet of Things and Cloud (FiCloud) (pp. 176–183). Piscataway: IEEE.
Thakkar, D. (2016). Internet of Things and Multifactor Authentication. https://www.bayometric.com/internet-things-multifactor-authentication/
Xu, R., Chen, Y., Blasch, E., & Chen, G. (2018). A Federated Capability-Based Access Control Mechanism for Internet of Things (IoTs). https://arxiv.org/pdf/1805.00825.pdf
Zhu, X., & Badr, Y.: Identity Management Systems for the Internet of Things: A Survey Towards Blockchain Solutions. Archives-ouvertes.fr (2018). https://hal.archives-ouvertes.fr/hal-01945947
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Oravec, V. (2021). Security and Trust. In: Zivkovic, C., Guan, Y., Grimm, C. (eds) IoT Platforms, Use Cases, Privacy, and Business Models. Springer, Cham. https://doi.org/10.1007/978-3-030-45316-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-45316-9_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-45315-2
Online ISBN: 978-3-030-45316-9
eBook Packages: EngineeringEngineering (R0)