Abstract
The Internet of Things (IoT) is a network of globally connected physical objects, which are associated with each other via Internet. The IoT foresees the interconnection of few trillions of intelligent objects around us, uniquely and addressable every day, these objects have the ability to accumulate process and communicate data about themselves and their surrounding environment. The best examples of IoT systems are health care, building smart city with advance construction management system, public and defense surveillance and data acquisition. Recent advancement in the technology has developed smart and intelligent sensor nodes and RFIDs lead to a large number of wireless networks with smart and intelligent devices (object, or things) connected to the Internet continuously transmit the data. So to provide security and privacy to this data in IoT is a very challenging task, which is to be concerned at highest priority for several current and future applications of IoT. Devices such as smart phone, WSNs and RFIDs etc., are the major components of IoT network which are basically resource constrained devices. Design and development of security and privacy management schemes for these devices is guided by factors like good performance, low power consumption, robustness to attacks, tampering of the data and end to end security. Security schemes in IoT provide unauthorized access to information or other objects by protecting against alterations or destruction. Privacy schemes maintain the right to control about the collected information for its usage and purpose. In this paper, we have surveyed major challenges such as Confidentiality, Integrity, Authentication, and Availability for IoT in a brief manner.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of things (IoT): A vision, architectural elements and future directions. Journal of Future Generation Computer Systems, 29(7), 1645–1660.
Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Journal of Computer Network, 54(15), 2787–2805.
Bandyopadhyay, D., & Sen, J. (2011). Internet of things: Applications and challenges in technology and standardization. Journal of Wireless Personal Communications, 58(1), 49–69.
Miorandi, D., Sicari, S., De Pellegrini, F., & Chlamtac, I. (2012). Internet of things: Vision, applications and research challenges. Journal of Ad Hoc Networks, 10(7), 1497–1516.
Yang, D., Liu, F., & Liang, Y. (2010). A survey of internet of things. In Proceedings of The international conference on E-business intelligence (ICEBI2010) (Vol. 978, pp. 78–99), Kunming, China.
Vision and challenges for realising the internet of things. Cluster of European Research Projects on the Internet of Things, European Commission Information Society and Media, 2010.
Internet of things: Converging technologies for smart environments and integrated ecosystems. River Publishers, 2013.
Internet of things market value networks and business models: State of the art report. University of Jyvaskyla, 2013.
Covington, M., & Carskadden, R. (2013). Threat implications of the internet of things. In Proceedings of the 5th international conference on cyber conflict (pp. 1–12), Estonia.
Roman, R., Najera, P., & Lopez, J. (2011). Securing the internet of things. Journal of Computer Network, 44(9), 51–58.
Mardiana, B., Mohamad, N., & Haslina, H. W. (2019). Current research on internet of things (IoT) security: A survey. Journal of Computer Networks, 148, 283–294.
Suo, H., Wan, J., Zou, C., & Liu, J. (2012). Security in the internet of things: A review. In Proceedings of The IEEE international conference on computer science and electronics engineering (Vol. 3. pp. 648–651), China.
Yang, G., Xu, J., Chen, W., Qi, Z. H., & Wang, H. Y. (2010). Security characteristic and technology in the internet of things. Journal of Nanjing University of Posts and Telecommunications, 30(4).
Internet of things strategic research roadmap. http://www.internet-of-things-research.eu/pdf...pdf.
Pan, J., Paul, S., & Jain, R. (2011). A survey of the research on future internet architectures. IEEE Communications Magazine, 49(7), 26–36.
Jala, A., Mohsen, G., Mehdi, M., Mohammed, A., & Moussa, A. (2015). Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Communication Surveys and Tutorials, 17(4), 2347–2376.
Farooq, M. U., Waseem, M., Mazhar, S., Khairi, A., & Kamal, T. (2015). A review on internet of things (IoT). Journal of Computer Applications, 113(1), 1–7.
Sonar, K., & Upadhyay, H. (2014). A survey: DDOS attack on internet of things. Journal of Engineering Research and Development, 10(11), 58–63.
Borgohain, T., Kumar, U., & Sanyal, S. (2015). Survey of security and privacy issues of internet of things. Journal of Networking and Applications, 6(4), 2372–2378.
Akanksha, T., & Gupta, B. B. (2020). Security, privacy and trust of different layers in internet of things (IoTs) frameworks. Journal of Future Generation Computer Systems, 108, 909–920.
Altaf, A., Abbas, H., Iqbal, F., & Derhab, A. (2019). Trust models of internet of smart things: A survey, open issues, and future directions. Journal of Network and Computer Applications, 137, 93–111.
Yinghui, H., & Guanyu, L. (2010). Descriptive models for internet of things. In Proceedings of the IEEE international conference on intelligent control and information processing (pp. 483–486), China.
Mealling, M. (2003). Auto-ID object name service (ONS) v1.0. Auto-ID Center Working Draft.
Miao, W., Ting, L., Fei, L., Ling, S., & Hui D. (2010). Research on the architecture of internet of things. In Proceedings of the IEEE international conference on advanced computer theory and engineering (pp. 484–487), China.
Jinxin, Z., & Mangui, L. (2010). A new architecture for converged internet of things. In Proceedings of the international conference on internet technology and applications (pp. 1–4), Brazil.
Kraijak, S., & Tuwanut, P. (2015). A survey on IoT architectures, protocols, applications, security, privacy, real-world implementation and future trends. In Proceedings of The 11th international conference on wireless communications, networking and mobile computing (WiCOM 2015) (pp. 1–5), China.
Inge, G. (2008). Architecture for the internet of things (IoT): API and interconnect. In Proceedings of the 2nd international conference on sensor technologies and applications (pp. 802–807), Syria.
Mashal, I., Alsaryrah, O., Chung, T. Y., Yang, C. Z., Kuo, W. H., & Agrawal, D. P. (2015). Choices for interaction with things on internet and underlying issues. Journal of Ad Hoc Networks, 28, 68–90.
Said, O., & Masud, M. (2013). Towards internet of things: Survey and future vision. Journal of Computer Networks, 5(1), 1–17.
Wu, M., Lu, T. J., Ling, F. Y., Sun, J., & Du, H. Y. (2010). Research on the architecture of internet of things. In Proceedings of the 3rd IEEE international conference on advanced computer theory and engineering, China.
Chowdhury, S. N., Kuhikar, S. M., & Dhawan, S. (2015). IoT architecture: A survey. Journal of Industrial Electronics and Electrical Engineering, 3(5), 88–92.
Sethi, P., & Sarang, S. R. (2017). Internet of things: Architectures, protocols, and applications. Journal of Electrical and Computer Engineering, 17, 1–25.
Mohmmad, S., Sirajuddin, M., & Shabana, (2016). IoT middleware for device privacy on big data. Journal of Innovative Research in Science, Engineering and Technology, 5(6), 10266–10273.
Zaidan, A. A., & Zaidan, B. B. (2020). A review on intelligent process for smart home applications based on IoT: Coherent taxonomy, motivation, open challenges and recommendations. Journal of Artificial Intelligence Review, 53, 141–165.
https://econsultancy.com/blog/68878-10-examples-of-the-internet-of-things-in-healthcare.
Zeadally, S., Siddiqui, F., Baig, Z., & Ibrahim, A. (2019). Smart health care challenges and potential solutions using internet of things (IoT) and big data analytics. PSU Research Review. https://www.emerald.com/insight/content/doi/10.1108/PRR-08-2019-0027/....-analytics.
Yang, Z., Zhou, Q., Lei, L., Zheng, K., & Xiang, W. (2016). An IoT-cloud based wearable ECG monitoring system for smart health care. Journal of Medical Systems, 40(12), 286–296.
Gil, D., Terol, R. M., Azor, J., & Szymanski, J. (2017). An IoT-based computational framework for healthcare monitoring in mobile environments. Sensors, 17(10), 1–25.
Fraga-Lamas, P., Fernández-Caramás, T. M., Suárez-Albela, M., Castedo, L., & González-López, M. (2016). A review on internet of things for defense and public safety. Sensors, 16, 1644.
Zielinski, Z., Chudzikiewicz, J., & FurtakAn, J. (2019). Approach to integrating security and fault tolerance mechanisms into the military IoT: Technology, communications and computing. In Security and fault tolerance in internet of things (pp. 111–128).
Arafath, M. S., Khan, R., Ur, K., & Sunitha, K. V. N. (2017). Incorporating privacy and security in military application based on opportunistic sensor network. Journal of Internet Technology and Secured Transactions, 7(4), 295–316.
https://www.raconteur.net/technology/top-5-applications-for-the-industrial-internet-of-things.
Mazzei, D., Baldi, G., Fantoni, G., Montelisciani, G., Pitasi, A., Ricci, L., et al. (2020). A blockchain tokenizer for industrial IoT trustless applications. Journal of Future Generation Computer Systems, 105, 432–445.
Sharma, S., & Sain, H. (2020). Fog assisted task allocation and secure deduplication using 2FBO and MoWo in cluster-based industrial IoT (IIoT). Journal of Computer Communications, 152, 187–199.
Sisinni, E., Saifullah, A., Han, S., & Jennehag, U. (2018). Industrial internet of things: Challenges, opportunities, and directions. IEEE Transactions on Industrial Informatics, 17, 4724–4734.
https://www.tutorialspoint.com…monitoring.html.
Dimitrakopoulos, M. G. (2011). Intelligent transportation systems based on internet-connected vehicles: Fundamental research areas and challenges. In Proceedings of The 11th IEEE international conference on information technology and system telecommunications (pp. 145–151), Cyprus.
Rukmini, M. S. S., & Usha Devi, Y. (2016). IoT in connected vehicles: Challenges and issues— A review. In Proceedings of The IEEE international conference on signal processing, communication, power and embedded system (SCOPES) (pp. 1864–1867), Paralakhemundi.
Rahmana, M. A., Asyharib, T., Kurniawan, I. F., Ali, M. J., Rahman, M. M., & Karima, M. (2020). A scalable hybrid MAC strategy for traffic-differentiated IoT-enabled intra vehicular networks. Journal of Computer Communications, 157, 320–328.
Li, H., Wang, H., Tao, X., & Zhou, G. (2011). Application study on internet of things in environment protection field. Journal of Informatics in Control, Automation and Robotics, 2, 99–106.
Ma, J., Yu, H., Xu, Y., & Deng, K. (2020). CDAM: Conservative data analytical model for dynamic climate information evaluation using intelligent IoT environment–an application perspective. Journal of Computer Communications, 150, 177–184.
Lagkas, T., Eleftherakis, G., Dimopoulos, K., & Zhang, J. (2020). Signal strength based scheme for following mobile IoT devices in dynamic environments. Journal of Pervasive and Mobile Computing, 65, 1–24.
Elmustafa, S. A. A., & Mujtaba, E. Y. (2019). Internet of things in smart environment: Concept, applications, challenges, and future directions. International Scientific Journal, 134, 1–51.
Punitha, A., & Geetha, V. (2018). Review on challenges and opportunities of IoT in agriculture. Journalof Advanced Research in Applied Science, 5(11), 25–31.
Mohanraj, I., Ashokumar, K., & Naren, J. (2016). Field monitoring and automation using IoT in agriculture domain. Journal of Procedia Computer Science, 93, 931–939.
Li, M., Shao, S., Ye, Q., Gangyan, X., & Huangg, G. Q. (2020). Blockchain enabled logistics finance execution platform for capital constrained e-commerce retail. Journal of Robotics and Computer Integrated Manufacturing, 65, 1–14.
Sfar, A. R., Natalizio, E., Challal, Y., & Chtourou, Z. (2017). A Markov game privacy preserving model in retail applications. In Proceedings of the international conference on selected topics in mobile and wireless networking (MoWNeT) (pp. 1–14), Avignon.
Dlamini, N. N., & Johnston, K. (2016). The use, benefits and challenges of using the internet of things (IoT) in retail businesses—A literature review. In Proceedings of the international conference on advances in computing and communication engineering (ICACCE) (pp. 430–437), Durban.
http://www.ingrammicroadvisor.com/data-center/internet-of-things-examples-for-the-connected-consumer.
Quevedo, J., Corujo, D., & Aguiar, R. (2014). Consumer driven information freshness approach for content centric networking. In Proceedings of the IEEE information centric networking to support disastar management workshop on name-oriented mobility (pp. 482–487), Canada.
Gunawan, T. S., et al. (2017). Prototype design of smart home system using internet of things. Indonesian Journal of Electrical Engineering and Computer Science, 07(07), 107–115.
Ahmad, S., Mehmood, F., Mehmood, A., & Kim, D. H. (2019). Design and implementation of decoupled IoT application store: A novel prototype for virtual objects sharing and discovery. Electronics, 08(285), 1–31.
Borgia, E., Gomes, D. G., Lagesse, B., Lea, R., & Puccinelli, D. (2016). Special issue on internet of things: Research challenges and solutions. Journal of Computer Communications, 89(4), 1–4.
Akyildiz, F., Pierobon, M., Balasubramaniam, S., & Koucheryavy, Y. (2015). The internet of bio-nano things. Journal of IEEE Communication and Management, 53(3), 32–40.
Akyildiz, I., & Jornet, J. (2010). The internet of nano-things. Journal of IEEE Wireless Communication, 17(6), 58–63.
Bor, M., Vidler, J., & Roedig, U. (2016). LoRa for the internet of things. In Proceedings of the international conference on embedded wireless systems and networks (pp. 361–366), Austria.
International Business Machines Corporation (IBM)—Eurotech, MQTT V3.1 Protocol Specification, 2010. http://public.dhe.ibm.com/software/dw/webservices/ws-mqtt/mqtt- v3r1.html.
Bormann, C., Castellani, A. P., & Shelby, Z. (2012). CoAP: An application protocol for billions of tiny internet nodes. Journal of IEEE Internet Computing, 16(2), 62–76.
Manzalini, A., Minerva, R., Callegati, F., Cerroni, W., & Campi, A. (2013). Clouds of virtual machines in edge networks. Journal of IEEE Communication Magazine, 51(7), 63–70.
Ravindran, R., Liu , X., Chakraborti, A., Zhang, X., & Wang, G. (2013). Towards software defined ICN based edge-cloud services. In Proceedings of The IEEE 2nd international conference on cloud networking (pp. 22–235), Spain.
Bonomi, F., Milito, R., Zhu, J., & Addepalli, S. (2012). Fog computing and its role in the internet of things. In Proceedings of the mobile cloud computing (pp. 13–16), Helsinki.
Shi , C., Ammar , M. H., Zegura, E. W., & Naik, M. (2012). Computing in cirrus clouds: The challenge of intermittent connectivity. In Proceedings of the mobile cloud computing (pp. 23–28), Helsinki.
Borgia, E., Bruno, R., Conti, M., Mascitti, D., & Passarella, A. (2016). Mobile edge clouds for information-centric IoT services. In Proceedings of the IEEE symposium on computers and communications (pp. 1–7), Italy.
Lea, R., & Blackstock, M. (2014). City hub: A cloud-based IoT platform for smart cities. In Proceedings of the 6th IEEE conference on cloud computing technology and science (pp. 799–804), Singapore.
Giang, N. K., Blackstock, M., Lea, R., & Leung, V. C. M. (2015). Developing IoT applications in the fog: A distributed dataflow approach. In Proceedings of the 5th international conference on the internet of things (pp. 155–162), China.
Cui, A., & Stolfo, S. J. (2010). A quantitative analysis of the insecurity of embedded network devices: Results of a wide-area scan. In Proceedings of the conference on computer security applications (pp. 97–106), Florida.
Andrea, L., Chrysostomou, C., & Hadjichristofi, G. C. (2017). Internet of things: Security vulnerabilities and challenges. In IEEE international workshop on smart city and ubiquitous computing applications (pp. 180–187), Larnaca, Cyprus.
Iqbal, M. A., Olaleye, O. G., & Bayoumi, M. A. (2016). A review on internet of things (IoT): Security and privacy requirements and the solution approaches. Journal of Computer Science and Technology: E Network, Web and Security, 16(7), 1–11.
Dinu, D., Corre, Y. L., Khovratovich, D., Perrin, L., Groschłdl, J., & Biryukov, A. Triathlon of lightweight block ciphers for the internet of things. (Cryptology ePrint Archive, Report 2015/209). http://eprint.iacr.org/.
Sankaran, S. (2016). Lightweight security framework for IoTs using identity based cryptography. In Proceedings of the international conference on advances in computing, communications and informatics (ICACCI) (pp. 880–886), Jaipur.
Ammar, M., Russello, G., & Crispo, B. (2018). Internet of things: A survey on the security of IoT frameworks. Journal of Information Security and Applications, 38, 8–27.
Yang, Y., Wu, L., Yin, G., Li, L., & Zhao, H. (2017). A survey on security and privacy issues in internet of things. Journal of IEEE Internet of Things, 4(5), 1250–1258.
Sathish Kumar, J., & Patel, D. R. (2014). A survey on internet of things: Security and privacy issues. Journal of Computer Applications, 90(11), 20–26.
Newlin Rajkumar, M., Chatrapathi, C., & Venkatesa Kumar, V. (2014). Internet of things: A vision, technical issues, applications and security. Journal of Computer Science, 2(8), 20–27.
Joshitta, S. M., & Arockiam, L. (2016). Authentication in IoT environment: A survey. Journal of Advanced Research in Computer Science and Software Engineering, 6(10), 140–145.
Ye, N., Zhu, Y., Wang, R. C. B., Malekian, R., & Lin, Q. M. (2014). An efficient authentication and access control scheme for perception layer of internet of things. Journal of Information Science, 8(4), 1617–1624.
Jang, S., Lim, D., Kang, J., & Joe, I. (2016). An efficient device authentication protocol without certification authority for internet of things. Journal of Wireless Communication, 91(4), 1681–1695.
Sharaf-Dabbagh, Y., & Saad, W. (2016). Authentication of devices in the internet of things. In Proceedings of the IEEE 17th international symposium on a world of wireless, mobile and multimedia networks (Vol. 32, No. 6), Portugal.
Gupta, U. (2015). Application of multi factor authentication in internet of things domain. Journal of Computer Applications, 123(1), 21–23.
Sengul, C. (2017). Privacy, consent and authorization in IoT. In Proceedings of the 20th international conference on innovations in clouds, internet and networks (pp. 319–321), Chicago.
Hummen, R., Shafagh, H., Razaz, S., Voigtzx, T., & Wehrle, K. (2014). Delegation-based authentication and authorization for the IP-based internet of things. In Proceedings of the 11th international conference on sensing, communication, and networking (pp. 284–292), Singapore.
Henze, M., Wolters, B., Matzutt, R., Zimmermann, T., & Wehrle, K. (2017). Distributed configuration, authorization and management in the cloud-based internet of things. In Proceedings of The IEEE international conference on trust, security and privacy in computing and communications (IEEE TrustCom–17) (pp. 185–192), Australia.
Hern, J. L., Ramos, A., Pawlowskixy, M. P., Jaray, A. J., Skarmeta, A. F., & Ladid, L. (2015). Towards a lightweight authentication and authorization framework for smart objects. Journal of Selected Areas in Communications, 33(4), 690–702.
Muhammad, F., Anjum, W., & Mazhar, K. S. (2015). Critical analysis on the security concerns of internet of things (IoT). International Journal of Computer Applications, 111(7), 1–6.
Hossain, M. M., Fotouhi, M., & Hasan, R. (2015). Towards an analysis of security issues, challenges, and open problems in the internet of things. In 15th IEEE world congress (pp. 1–8), Chicago.
Shahid, R. Lightweight Security solutions for the internet of things. www.diva-portal.org/smash/get/diva2:619066/FULLTEXT02.
Chikouche, N., Cayrel, P. L., & Boidje, B. O. (2019). A privacy preserving code based authentication protocol for internet of things. Journal of Supercomputing, 75, 8231–8261.
Miorandi, D., Sicari, S., De Pellegrini, F., & Chlamtac, I. (2012). Internet of things: Vision, applications and research challenges. Journal of Ad Hoc Networks, 10(7), 1497–1516.
Usman, M., Ahmed, I., Aslam, M. I., Khan, S., & Shah, U. A. (2017). SIT: A lightweight encryption algorithm for secure internet of things. Journal of Advanced Computer Science and Applications, 8(1), 12–20.
Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Journal of Computer and Telecommunications Networking, 54(15), 2787–2805.
Atzori, L., Iera, A., & Morabito, G. (2017). Preserving data integrity in IoT networks under opportunistic data manipulation. In Proceedings of the international conference on big data intelligence and computing and cyber science and technology congress (pp. 446–453), USA.
Zhang, G., Kou, L., Zhang, L., Liu, C., Da, Q., & Sun, J. (2017). A new digital watermarking method for data integrity protection in the perception layer of IoT. Journal of Security and Communication Networks, 2017, 1–12.
Fongen, A. (2012). Identity management and integrity protection in the internet of things. In Proceedings of The 3rd international conference on emerging security technologies (Vol. 4, pp. 111–114), Portugal.
Li, C., Liu, Q., & Wang, G. (2014). Survey of integrity detection methods in internet of things. In Proceedings of The 13th IEEE international conference on trust, security and privacy in computing and communications (pp. 906–913), Finland.
Internet of Things: IoT Governance European Research Cluster on the Internet of Things, 2014.
Networking protocols and standards for internet of things. Internet of Things and Data Analytics Handbook, 2017.
Pokorni, S. (2018). Reliability and availability of the internet of things. Military Technical Courier (pp. 588–600).
Kolisnyk, M., Kharchenko, V., Piskachova, I., & Bardis, N. (2017). A Markov model of IoT system availability considering DDos attacks and energy modes of server and router. In Proceedings of the international conference on ICT education, research and industrial applications (pp. 1–14), Ukren.
Mendez, D., Papapanagiotou, I., & Yang, B. (2017). Internet of things: Survey on security and privacy IoT security. Journal of IEEE Internet of Things, 4(5), 1250–1258.
Vignesh, R., & Samydura, A. (2017). Security on internet of things (IoT) with challenges and countermeasures. Journal of Engineering Development and Research, 5(1), 417–423.
Usman, M., Ahmed, I., Aslam, M. I., Khan, S., & Shah, U. A. (2018). Preserving privacy in internet of things: A survey. Journal of Information Technology, 10, 189–200.
Miloslavskaya, N., & Tolstoy, A. (2019). Internet of things: Information security challenges and solutions. Journal of Cluster Computing, 22, 103–119.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Chanal, P.M., Kakkasageri, M.S. Security and Privacy in IoT: A Survey. Wireless Pers Commun 115, 1667–1693 (2020). https://doi.org/10.1007/s11277-020-07649-9
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-020-07649-9