Abstract

ABSTRACT The benefits ushered through the use of IoT come with its share of security concerns. IoT networks are heterogeneous and existing network security tools and controls are inadequate for them. The IoT devices and the data transmitted to and from these devices remain exposed to a multitude of threats. In this paper, we review the security concerns involved in the implementation of IoT and propose a framework for security of IoT devices based on Zero Trust and blockchain. A risk-based segmentation of IoT network increases the homogeneity of IoT device attributes and communication protocols. Zero Trust extends the perimeter of trust beyond the IT/OT network. Blockchain improves the device identification and access control capabilities of the IoT network. We support the conceptual framework with a case study on the implementation of IoT security using Zero Trust and blockchain. We provide a risk-scoring method and a five-point recommendation for management of IoT security. Our proposed IoT security framework will help implementors of IoT to overcome existing security concerns and will benefit academic researchers and practitioners alike.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call