Pervasive IoT applications enable us to perceive,analyze,control,and optimize the traditional physical systems.Recently,security breaches in many IoT applications have indicated that IoT applications may put the physi...Pervasive IoT applications enable us to perceive,analyze,control,and optimize the traditional physical systems.Recently,security breaches in many IoT applications have indicated that IoT applications may put the physical systems at risk.Severe resource constraints and insufficient security design are two major causes of many security problems in IoT applications.As an extension of the cloud,the emerging edge computing with rich resources provides us a new venue to design and deploy novel security solutions for IoT applications.Although there are some research efforts in this area,edge-based security designs for IoT applications are still in its infancy.This paper aims to present a comprehensive survey of existing IoT security solutions at the edge layer as well as to inspire more edge-based IoT security designs.We first present an edge-centric IoT architecture.Then,we extensively review the edge-based IoT security research efforts in the context of security architecture designs,firewalls,intrusion detection systems,authentication and authorization protocols,and privacy-preserving mechanisms.Finally,we propose our insight into future research directions and open research issues.展开更多
Security issues and lnternet of Things (loT) become indispensable part in digital community as loT develops with the pervasive introduction of additional "smart" sensors and devices over the last decades, and it n...Security issues and lnternet of Things (loT) become indispensable part in digital community as loT develops with the pervasive introduction of additional "smart" sensors and devices over the last decades, and it necessitates the implementation of information security principle in digital community system. A three-level criticality model to determine the potential impact is proposed in digital community system when various devices lost in this paper. Combining the actual security requirement of digital community and characteristics of loT, a hierarchical security architecture including defense-in-deep cybersecurity and distribute secure control is proposed. A high-assurance trust model, which assumes insider compromise, which exists in the digital community, is finally proposed according to the security issues analysis.展开更多
With the large scale adoption of Internet of Things(IoT)applications in people’s lives and industrial manufacturing processes,IoT security has become an important problem today.IoT security significantly relies on th...With the large scale adoption of Internet of Things(IoT)applications in people’s lives and industrial manufacturing processes,IoT security has become an important problem today.IoT security significantly relies on the security of the underlying hardware chip,which often contains critical information,such as encryption key.To understand existing IoT chip security,this study analyzes the security of an IoT security chip that has obtained an Arm Platform Security Architecture(PSA)Level 2 certification.Our analysis shows that the chip leaks part of the encryption key and presents a considerable security risk.Specifically,we use commodity equipment to collect electromagnetic traces of the chip.Using a statistical T-test,we find that the target chip has physical leakage during the AES encryption process.We further use correlation analysis to locate the detailed encryption interval in the collected electromagnetic trace for the Advanced Encryption Standard(AES)encryption operation.On the basis of the intermediate value correlation analysis,we recover half of the 16-byte AES encryption key.We repeat the process for three different tests;in all the tests,we obtain the same result,and we recover around 8 bytes of the 16-byte AES encryption key.Therefore,experimental results indicate that despite the Arm PSA Level 2 certification,the target security chip still suffers from physical leakage.Upper layer application developers should impose strong security mechanisms in addition to those of the chip itself to ensure IoT application security.展开更多
Internet of Things (IoT) has become a prevalent topic in the world of technology. It helps billion of devices to connect to the internet so that they can exchange data with each other. Nowadays, the IoT can be applied...Internet of Things (IoT) has become a prevalent topic in the world of technology. It helps billion of devices to connect to the internet so that they can exchange data with each other. Nowadays, the IoT can be applied in anything, from cellphones, coffee makers, cars, body sensors to smart surveillance, water distribution, energy management system, and environmental monitoring. However, the rapid growth of IoT has brought new and critical threats to the security and privacy of the users. Due to the millions of insecure IoT devices, an adversary can easily break into an application to make it unstable and steal sensitive user information and data. This paper provides an overview of different kinds of cybersecurity attacks against IoT devices as well as an analysis of IoT architecture. It then discusses the security solutions we can take to protect IoT devices against different kinds of security attacks. The main goal of this research is to enhance the development of IoT research by highlighting the different kinds of security challenges that IoT is facing nowadays, and the existing security solutions we can implement to make IoT devices more secure. In this study, we analyze the security solutions of IoT in three forms: secure authentication, secure communications, and application security to find suitable security solutions for protecting IoT devices.展开更多
Security of the Internet of Things (IoT)-based Smart Systems involving sensors, actuators and distributed control loop is of paramount importance but very difficult to address. Security patterns consist of domain-inde...Security of the Internet of Things (IoT)-based Smart Systems involving sensors, actuators and distributed control loop is of paramount importance but very difficult to address. Security patterns consist of domain-independent time-proven security knowledge and expertise. How are they useful for developing secure IoT-based smart systems? Are there architectures that support IoT security? We aim to systematically review the research work published on patterns and architectures for IoT security (and privacy). Then, we want to provide an analysis on that research landscape to answer our research questions. We follow the well-known guidelines for conducting systematic literature reviews. From thousands of candidate papers initially found in our search process, we have systematically distinguished and analyzed thirty-six (36) papers that have been peer-reviewed and published around patterns and architectures for IoT security and privacy in the last decade (January 2010–December 2020). Our analysis shows that there is a rise in the number of publications tending to patterns and architectures for IoT security in the last three years. We have not seen any approach of applying systematically architectures and patterns together that can address security (and privacy) concerns not only at the architectural level, but also at the network or IoT devices level. We also explored how the research contributions in the primary studies handle the different issues from the OWASP Internet of Things (IoT) top ten vulnerabilities list. Finally, we discuss the current gaps in this research area and how to fill in the gaps for promoting the utilization of patterns for IoT security and privacy by design.展开更多
物联网(Internet of Things,IoT)行业随着国家经济的发展得到了快速应用,目前已经成为快速发展的高技术行业。物联网行业的许多技术来源于互联网,通过各种不同的前端设备去采集大量的真实数据信息,而这些数据涉及到客户的隐私,需要采用...物联网(Internet of Things,IoT)行业随着国家经济的发展得到了快速应用,目前已经成为快速发展的高技术行业。物联网行业的许多技术来源于互联网,通过各种不同的前端设备去采集大量的真实数据信息,而这些数据涉及到客户的隐私,需要采用严格的安全措施来进行保护,但是在行业的快速发展中,出现了较多物联网安全隐私方面的问题,亟需要加强安全保护技术的研发力度。分析目前物联网的安全问题,从数据信息的传输与采集进行讨论,给出相应的物联网安全保护架构及具体的技术,有效提升物联网安全保护力度。展开更多
基金This research has been supported by the National Science Foundation(under grant#1723596)the National Security Agency(under grant#H98230-17-1-0355).
文摘Pervasive IoT applications enable us to perceive,analyze,control,and optimize the traditional physical systems.Recently,security breaches in many IoT applications have indicated that IoT applications may put the physical systems at risk.Severe resource constraints and insufficient security design are two major causes of many security problems in IoT applications.As an extension of the cloud,the emerging edge computing with rich resources provides us a new venue to design and deploy novel security solutions for IoT applications.Although there are some research efforts in this area,edge-based security designs for IoT applications are still in its infancy.This paper aims to present a comprehensive survey of existing IoT security solutions at the edge layer as well as to inspire more edge-based IoT security designs.We first present an edge-centric IoT architecture.Then,we extensively review the edge-based IoT security research efforts in the context of security architecture designs,firewalls,intrusion detection systems,authentication and authorization protocols,and privacy-preserving mechanisms.Finally,we propose our insight into future research directions and open research issues.
基金Supported by the National Science Foundation of China of Shanxi(2015011040)
文摘Security issues and lnternet of Things (loT) become indispensable part in digital community as loT develops with the pervasive introduction of additional "smart" sensors and devices over the last decades, and it necessitates the implementation of information security principle in digital community system. A three-level criticality model to determine the potential impact is proposed in digital community system when various devices lost in this paper. Combining the actual security requirement of digital community and characteristics of loT, a hierarchical security architecture including defense-in-deep cybersecurity and distribute secure control is proposed. A high-assurance trust model, which assumes insider compromise, which exists in the digital community, is finally proposed according to the security issues analysis.
基金This work was partially supported by the National Natural Science Foundation of China(Nos.61872243 and U1713212)Guangdong Basic and Applied Basic Research Foundation(No.2020A1515011489)+1 种基金the Natural Science Foundation of Guangdong Province-Outstanding Youth Program(No.2019B151502018)Shenzhen Science and Technology Innovation Commission(No.R2020A045).
文摘With the large scale adoption of Internet of Things(IoT)applications in people’s lives and industrial manufacturing processes,IoT security has become an important problem today.IoT security significantly relies on the security of the underlying hardware chip,which often contains critical information,such as encryption key.To understand existing IoT chip security,this study analyzes the security of an IoT security chip that has obtained an Arm Platform Security Architecture(PSA)Level 2 certification.Our analysis shows that the chip leaks part of the encryption key and presents a considerable security risk.Specifically,we use commodity equipment to collect electromagnetic traces of the chip.Using a statistical T-test,we find that the target chip has physical leakage during the AES encryption process.We further use correlation analysis to locate the detailed encryption interval in the collected electromagnetic trace for the Advanced Encryption Standard(AES)encryption operation.On the basis of the intermediate value correlation analysis,we recover half of the 16-byte AES encryption key.We repeat the process for three different tests;in all the tests,we obtain the same result,and we recover around 8 bytes of the 16-byte AES encryption key.Therefore,experimental results indicate that despite the Arm PSA Level 2 certification,the target security chip still suffers from physical leakage.Upper layer application developers should impose strong security mechanisms in addition to those of the chip itself to ensure IoT application security.
文摘Internet of Things (IoT) has become a prevalent topic in the world of technology. It helps billion of devices to connect to the internet so that they can exchange data with each other. Nowadays, the IoT can be applied in anything, from cellphones, coffee makers, cars, body sensors to smart surveillance, water distribution, energy management system, and environmental monitoring. However, the rapid growth of IoT has brought new and critical threats to the security and privacy of the users. Due to the millions of insecure IoT devices, an adversary can easily break into an application to make it unstable and steal sensitive user information and data. This paper provides an overview of different kinds of cybersecurity attacks against IoT devices as well as an analysis of IoT architecture. It then discusses the security solutions we can take to protect IoT devices against different kinds of security attacks. The main goal of this research is to enhance the development of IoT research by highlighting the different kinds of security challenges that IoT is facing nowadays, and the existing security solutions we can implement to make IoT devices more secure. In this study, we analyze the security solutions of IoT in three forms: secure authentication, secure communications, and application security to find suitable security solutions for protecting IoT devices.
基金The research leading to these results has partially received funding from the European Commission's H2020 Programme under the grant agreement numbers 958363(Dat4.ZERO)958357(InterQ).
文摘Security of the Internet of Things (IoT)-based Smart Systems involving sensors, actuators and distributed control loop is of paramount importance but very difficult to address. Security patterns consist of domain-independent time-proven security knowledge and expertise. How are they useful for developing secure IoT-based smart systems? Are there architectures that support IoT security? We aim to systematically review the research work published on patterns and architectures for IoT security (and privacy). Then, we want to provide an analysis on that research landscape to answer our research questions. We follow the well-known guidelines for conducting systematic literature reviews. From thousands of candidate papers initially found in our search process, we have systematically distinguished and analyzed thirty-six (36) papers that have been peer-reviewed and published around patterns and architectures for IoT security and privacy in the last decade (January 2010–December 2020). Our analysis shows that there is a rise in the number of publications tending to patterns and architectures for IoT security in the last three years. We have not seen any approach of applying systematically architectures and patterns together that can address security (and privacy) concerns not only at the architectural level, but also at the network or IoT devices level. We also explored how the research contributions in the primary studies handle the different issues from the OWASP Internet of Things (IoT) top ten vulnerabilities list. Finally, we discuss the current gaps in this research area and how to fill in the gaps for promoting the utilization of patterns for IoT security and privacy by design.
文摘物联网(Internet of Things,IoT)行业随着国家经济的发展得到了快速应用,目前已经成为快速发展的高技术行业。物联网行业的许多技术来源于互联网,通过各种不同的前端设备去采集大量的真实数据信息,而这些数据涉及到客户的隐私,需要采用严格的安全措施来进行保护,但是在行业的快速发展中,出现了较多物联网安全隐私方面的问题,亟需要加强安全保护技术的研发力度。分析目前物联网的安全问题,从数据信息的传输与采集进行讨论,给出相应的物联网安全保护架构及具体的技术,有效提升物联网安全保护力度。
