Proposed Security Model and Threat Taxonomy for the Internet of Things (IoT)

  • Sachin Babar
  • Parikshit Mahalle
  • Antonietta Stango
  • Neeli Prasad
  • Ramjee Prasad
Part of the Communications in Computer and Information Science book series (CCIS, volume 89)


IoT is an intelligent collaboration of tiny sensors and devices giving new challenges to security and privacy in end to end communication of things. Protection of data and privacy of things is one of the key challenges in the IoT. Lack of security measures will result in decreased adoption among users and therefore is one of the driving factors in the success of the IoT. This paper gives an overview, analysis and taxonomy of security and privacy challenges in IoT. Finally, Security Model for IoT has been proposed.


Security Privacy Internet of Things trust authentication authorization 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Silverajan, B., Harju, J.: Developing network software and communications protocols towards the internet of things. In: Proceedings of the Fourth International ICST Conference on Communication System Software and MiddlewaRE, COMSWARE 2009, Dublin, Ireland, June 16-19, pp. 1–8. ACM, New York (2009)CrossRefGoogle Scholar
  2. 2.
    Adjie-Winoto, W., Schwartz, E., Balakrishnan, H., Lilley, J.: The design and implementation of an intentional naming system. In: Proceedings of the Seventeenth ACM Symposium on Operating Systems Principles, SOSP 1999, Charleston, South Carolina, US, December 12-15, pp. 186–201. ACM, New York (1999)CrossRefGoogle Scholar
  3. 3.
    Beerliova, Z., Eberhard, F., Erlebach, T., Hall, A., Hoffmann, M., Mihalák, M., Ram, L.S.: Network Discovery and Verification. IEEE Journal on Selected Areas in Communications 24(12), 2168–2181 (2006)CrossRefGoogle Scholar
  4. 4.
    Hu, Y.-C., Wang, H.J.: Location Privacy in Wireless Networks. In: Proceedings of the ACM SIGCOMM Asia Workshop (2005)Google Scholar
  5. 5.
    Kocher, P., Lee, R., McGraw, G., Raghunathan, A.: Security as a new dimension in embedded system design. In: Proceedings of the 41st Annual Design Automation Conference, DAC 2004, San Diego, CA, USA, June 7-11, pp. 753–760. ACM, New York (2004)Google Scholar
  6. 6.
    Welch, D., Lathrop, S.: Wireless security threat taxonomy. In: Information Assurance Workshop, IEEE Systems, Man and Cybernetics Society, June 18-20, pp. 76–83 (2003)Google Scholar
  7. 7.
    Public-Key Infrastructure (X.509),
  8. 8.
    Kohnfelder, L.M.: Towards a Practical Public Key System, Thesis (1978),
  9. 9.
    Neuman, B.C., Ts’o, T.: Kerberos: an authentication service for computer networks. IEEE Communications Magazine 32(9), 33–38 (1994)CrossRefGoogle Scholar
  10. 10.
    Introduction to Windows Live ID, download,
  11. 11.
  12. 12.
    Introduction to the Liberty Alliance Identity Architecture (2003),
  13. 13.
    Goodner, M.: Understanding WS-Federation (2007),
  14. 14.
    Shim, S.S.Y., Bhalla, P.: Federated identity management. IEEE Computer 38(12), 120–122 (2005)Google Scholar
  15. 15.
    Chappell, D.: Introducing Windows CardSpace,

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Sachin Babar
    • 1
  • Parikshit Mahalle
    • 1
  • Antonietta Stango
    • 1
  • Neeli Prasad
    • 1
  • Ramjee Prasad
    • 1
  1. 1.Center for TeleInFrastrukturAalborg UniversityAalborgDenmark

Personalised recommendations