Browse/search for people

Publication - Dr Theo Tryfonas

    The Internet of Things: A Security Point of View

    Citation

    Li, S, Tryfonas, T & Li, H, 2016, ‘The Internet of Things: A Security Point of View’. Internet Research, vol 26., pp. 337-359

    Abstract

    Purpose
    -- To provide an in-depth overview of the security requirements and challenges for Internet of Things (IoT) and discuss security solutions for various enabling technologies and implications to various applications.

    Design/methodology/approach
    -- Security requirements and solutions are analyzed based on a four-layer framework of IoT on sensing layer, network layer, service layer, and application layer. The cross-layer threats are analyzed followed by the security discussion for the enabling technologies including identification and tracking technologies, WSN and RFID, communication, networks, and service management.

    Finding
    -- IoT calls for new security infrastructure based on the new technical standards. As a consequence, new security design for IoT shall pay attention to these new standards. Security at both the physical devices and service-applications is critical to the operation of IoT, which is indispensable for the success of IoT. Open problems remain in a number of areas, such as security and privacy protection, network protocols, standardisation, identity management, trusted architecture, etc.

    Practical implications
    -- The implications to various applications including SCADA, enterprise systems, social IoT are discussed. The paper will serve as a starting point for future IoT security design and management. The security strategies for IoT should be carefully designed by managing the trade-offs among security, privacy, and utility to provide security in multi-layer architecture of IoT.

    Originality/value
    -- The paper synthesizes the current security requirements for IoT and provides a clear framework of security infrastructure based on four layers. Accordingly, the security requirements and potential threats in the four-layer architecture are provided in terms of general devices security, communication security, network security, and application security.

    Full details in the University publications repository