Exploiting Contextual Trust and Risk Assessment for Adaptive Security in Iot (Internet of Things)
In this paper, we survey articles presenting IoT security solutions published in English since January 2016. We make a number of observations, including the lack of publicly available IoT datasets that can be used by the research and practitioner communities.
For privacy, it deals with the preservation of lawfulness in sharing the information aboutand-between the involved devices. Since smart M-IoT will be dealing with a lot of connected components, maintenance of isolation in traffic patterns and establishing anonymity of users becomes an utmost requirement. Trust refers to the faithfulness in the identification of devices for communication. It further involves the reputation-building between the devices and the infrastructure leading a way to make the network secure while preserving its privacy.The effective implementation of rules and policies at the control layer due to the configuration complexity and artifacts requires intelligent solutions that can be assured by using certain aspects of optimization, machine learning or artificial intelligence.
I. F. Alexander and N. Maiden, Eds., “Scenarios, Stories, Use Cases: Through the Systems Development LifeCycle”. John Wiley & Sons, 2004.
S. Faily and I. Flechais, “A meta-model for usable secure requirements engineering,” in SESS – ICSE Workshop on Software Engineering for Secure Systems. Association for Computing Machinery (ACM), 2010.
H. Mouratidis and P. Giorgini, “Security attack testing (SAT)–testing the security of information systems at design time,” Information Systems, vol. 32, no. 1, Jan. 2007, pp. 1166–1183.
O. Vermesan, P. Friess, P. Guillemin, H. Sundmaeker, M. Eisenhauer, K. Moessner, F. L. Gall, and P. Cousin, “Internet of things strategic research and innovation agenda,” in Internet of Things–Global Technological and Societal Trends. River Publishers, 2011, pp. 7–151.
K. Habib and W. Leister, “Adaptive security for the Internet of Things reference model,” in Proceeding of Norwegian Information Security Conference, NISK 2013, C. Rong and V. Oleshchuk, Eds., 2013, pp. 13–24.