Abstract
In today’s era, there is a rapid increase in the demand for IoT applications. Thus, securing the information content delivered among various entities involved in the IoT applications development has become an important issue. It is also identified that there is a high cost of implementing a secured IoT application as it requires efforts, skills and knowledge to understand the security concern, especially when developers and requirement engineers do not have any formal training in software engineering and eliciting security requirements. In addition, requirements engineers who are unfamiliar with the IoT applications confront problems to elicit accurate security requirements to avoid misinterpretations. Motivated by these issues, this paper presents the development of a new IoT security requirements library of security requirement for the development of IoT applications. Using an industry scenario, the utilities of the library demonstrated the elicitation of security requirements for each of the IoT attributes of specific business applications domains.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
GSM Association, IoT Security Guidelines Overview Document (2016)
Rose, K., Eldridge, S., Chapin, L.: The Internet of Things: An Overview Understanding the Issues of a More Connected World (2015)
Maskani, I., Boutahar, J., El Houssaini, S.E.G.: Analysis of security requirements engineering: towards a comprehensive approach. Int. J. Adv. Comput. Sci. Appl. 7(11), 38–45 (2016)
Borgohain, T., Kumar, U., Sanyal, S.: Survey of security and privacy issues of Internet of Things. Cryptogr. Secur., 7 (2015)
Tankard, C.: The security issues of the Internet of Things. Comput. Fraud Secur. 2015(9), 11–14 (2015)
Ramesh, M.R.R., Reddy, C.S.: A survey on security requirement elicitation methods: classification, merits and demerits. Int. J. Appl. Eng. Res. 11(1), 64–70 (2016)
Ikram, N., Siddiqui, S., Khan, N.F.: Security requirement elicitation techniques : the comparison of misuse cases and issue based information systems, pp. 36–43 (2014)
Oltsik, J.: The Internet of Things: a CISO and network security perspective. ESG White Paper, October 2014
Russell, B., Garlati, C., Lingenfelter, D.: Security guidance for early adopters of the Internet of Things (IoT). Mob. Work. Gr. Peer Rev. Doc., April 2015
Borgia, E.: The Internet of Things Vision: key features, applications and open issues. Comput. Commun. 54, 1–31 (2014)
Zolanvari, M.: IoT security: a survey, pp. 1–15 (2010)
Patel, K.L., Patel, S.M.: Internet of Things-IOT : definition, characteristics, architecture, enabling technologies, application & future challenges. Int. J. Eng. Sci. Comput. 6(5), 6122–6131 (2016)
Alqassem, I., Svetinovic, D.: A taxonomy of security and privacy requirements for the internet of things (IoT). In: 2014 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM), pp. 1244–1248 (2014)
Rahimi, S., Nguyen, T., Rahmani, A.M.: End-to-end security scheme for mobility enabled healthcare Internet of Things. Futur. Gener. Comput. Syst. 64, 108–124 (2016)
Gope, P., Hwang, T.: BSN-Care: a secure IoT-Based modern healthcare using body sensor network. IEEE Sens. J. 16(5), 1368–1376 (2016)
Islam, S.M.R., Kwak, D., Kabir, H.: The Internet of Things for health care: a comprehensive survey. IEEE Access 3, 678–708 (2015)
Dhariwal, K., Mehta, A.: Architecture and plan of smart hospital based on Internet of Things (IOT). Int. Res. J. Eng. Technol. 4(4), 1976–1980 (2017)
Khanna, A., Anand, R.: IoT based smart parking system. In: International Conference on Internet of Things and Applications (IOTA), pp. 266–270 (2016)
Aravindan, V., James, D.: Smart homes using Internet of Things. Int. Res. J. Eng. Technol. 4(4), 1725–1729 (2017)
Lau, H., Zhu, M., Ye, S.: An intelligent tracking system based on Internet of Things for the cold chain. Internet Res. 26(2), 435–445 (2016)
Ukil, A., Bandyopadhyay, S., Bhattacharyya, A., Pal, A., Bose, T.: Lighweight security scheme for iot application using CoAP. Int. J. Pervasive Comput. Commun. 10(4), 372–392 (2014)
Ibrahim, A.A., Kamalrudin, M., Abdollah, M.F.: Postgraduate research seminar 2017 (PGRS 2017). In: Proceeding of Postgraduate Research Seminar in Conjuction with ISORIS 2017, pp. 235–242, July 2017
Kabir, A., Rahman, M.: A survey on security requirements elicitation and presentation in requirements engineering phase. Am. J. Eng. Res. 2(12), 360–366 (2014)
Beckers, K., Heisel, M., Côté, I., Goeke, L., Güler, S.: A structured method for security requirements elicitation concerning the cloud computing domain. Int. J. Secur. Softw. Eng. 5(2), 24 (2014)
Islam, G., Qureshi, M.A.: A Framework for Security Requirements Elicitation (2012)
Kamalrudin, M.: Automated Support for Consistency Management and Validation of Requirements (2011)
Kamalrudin, M., Hosking, J., Grundy, J.: MaramaAIC: tool support for consistency management and validation of requirements. Autom. Software Eng. 24(1), 1–45 (2016)
Kamalrudin, M., Grundy, J.: Generating essential user interface prototypes to validate requirements. In: Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering, ASE 2011, pp. 564–567 (2011)
Yusop, N., Kamalrudin, M., Sidek, S.: Automated support to capture and validate security requirements for mobile apps. Requir. Eng. Towar. Sustain. World 671, 97–112 (2016)
Acknowledgements
The authors would like to acknowledge Universiti Teknikal Malaysia Melaka (UTeM) and Ministry of Higher Education (MoHE) for its support and the funding of this FRGS research grant: FRGS/1/2016/ICT01/FTMK-CACT/F00325.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kamalrudin, M., Ibrahim, A.A., Sidek, S. (2018). A Security Requirements Library for the Development of Internet of Things (IoT) Applications. In: Kamalrudin, M., Ahmad, S., Ikram, N. (eds) Requirements Engineering for Internet of Things. APRES 2017. Communications in Computer and Information Science, vol 809. Springer, Singapore. https://doi.org/10.1007/978-981-10-7796-8_7
Download citation
DOI: https://doi.org/10.1007/978-981-10-7796-8_7
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-7795-1
Online ISBN: 978-981-10-7796-8
eBook Packages: Computer ScienceComputer Science (R0)