A survey on the Internet of Things security

Abstract

PurposeInternet of Things (IoT) is a challenging and promising system concept and requires new types of architectures and protocols compared to traditional networks. Security is an extremely critical issue for IoT that needs to be addressed efficiently. Heterogeneity being an inherent characteristic of IoT gives rise to many security issues that need to be addressed from the perspective of new architectures such as software defined networking, cryptographic algorithms, federated cloud and edge computing.Design/methodology/approachThe paper analyzes the IoT security from three perspectives: three-layer security architecture, security issues at each layer and security countermeasures. The paper reviews the current state of the art, protocols and technologies used at each layer of security architecture. The paper focuses on various types of attacks that occur at each layer and provides the various approaches used to countermeasure such type of attacks.FindingsThe data exchanged between the different devices or applications in the IoT environment are quite sensitive; thus, the security aspect plays a key role and needs to be addressed efficiently. This indicates the urgent needs of developing general security policy and standards for IoT products. The efficient security architecture needs to be imposed but not at the cost of efficiency and scalability. The paper provides empirical insights about how the different security threats at each layer can be mitigated.Originality/valueThe paper fulfills the need of having an extensive and elaborated survey in the field of IoT security, along with suggesting the countermeasures to mitigate the threats occurring at each level of IoT protocol stack.