Abstract
The rapid growth of small Internet connected devices, known as the Internet of Things (IoT), is creating a new set of challenges to create secure, private infrastructures. This paper reviews the current literature on the challenges and approaches to security and privacy in the Internet of Things, with a strong focus on how these aspects are handled in IoT middleware. We focus on IoT middleware because many systems are built from existing middleware and these inherit the underlying security properties of the middleware framework. The paper is composed of three main sections. Firstly, we propose a matrix of security and privacy threats for IoT. This matrix is used as the basis of a widespread literature review aimed at identifying requirements on IoT platforms and middleware. Secondly, we present a structured literature review of the available middleware and how security is handled in these middleware approaches. We utilise the requirements from the first phase to evaluate. Finally, we draw a set of conclusions and identify further work in this area.
Highlights
The Internet of Things (IoT) was originally coined as a phrase by Kevin Ashton in 1990 (Ashton, 2009), with reference to ‘‘taggable’’ items that used Radio Frequency Identification Devices (RFID) to become electronically identifiable and amenable to interactions with the Internet
This is an important basis for the section where we examine the provisions around security and privacy that are available in available middleware for the Internet of Things
We identified a list of security properties and capabilities that are important for the security and privacy of IoT
Summary
The Internet of Things (IoT) was originally coined as a phrase by Kevin Ashton in 1990 (Ashton, 2009), with reference to ‘‘taggable’’ items that used Radio Frequency Identification Devices (RFID) to become electronically identifiable and amenable to interactions with the Internet. We propose a new ontology based on a matrix of evaluation where we look at each of the classic security challenges in three different aspects: device/hardware, network, and cloud/server-side. In some cells in this matrix, we have not identified any areas where the IoT space presents new challenges: in other words, whilst the domain space covered by these cells contains security challenges, those challenges are no different from existing Web and Internet security challenges in that domain. In those cells we can say that the challenges are ‘‘unchanged’’. In the second part of this work, we use a structured survey methodology to identify a set of middleware designed to support IoT systems. In each cell we summarise the main challenges that are different in the IoT world or at least exacerbated
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have