skip to main content
10.1145/3357419.3357450acmotherconferencesArticle/Chapter ViewAbstractPublication PagesicicmConference Proceedingsconference-collections
research-article

An Integrated Model of Technical and Non-Technical Perspectives on Managing IoT Security

Published: 23 August 2019 Publication History

Abstract

Security and data privacy are two inseparable issues regarding Internet of Things (IoT) implementation. Most research discusses the method of overcoming these issues by utilizing IoT reference architectures, namely application, network, and perception layers. Studies present information about what kind of attacks appear in each IoT layer followed by how to prevent and mitigate said attacks. Moreover, some researchers conduct inquiries in regard to security issues emerging in cross layers and the integration of multi-layer architecture. In this research, we try to use different perspectives to examine the problems and solutions concerning IoT security. We involve technical and non-technical elements for managing these problems and propose an integrated model in which actors---regulators, industry, and users---actively participate in addressing security and data privacy issues that arise on every IoT architecture.

References

[1]
B. Filkins and D. Wylie, "The 2018 SANS Industrial IoT Security Survey: Shaping IIoT Security Concerns," p. 21, 2018.
[2]
"Abdul-Ghani, H.A.; Konstantas, D. A "Comprehensive Study of Security and Privacy Guidelines, Threats, and Countermeasures."
[3]
"New IoT-malware grew three-fold in H1 2018," Kaspersky, September 18, 2018. [Online], Available: https://www.kaspersky.com/about/press-releases/2018_new-iot-malware-grew-three-fold-in-h1-2018 [Accessed June 14, 2019].
[4]
S. M. Riazul Islam, Daehan Kwak, M. Humaun Kabir, M. Hossain, and Kyung-Sup Kwak, "The Internet of Things for Health Care: A Comprehensive Survey," IEEE Access, vol. 3, pp. 678--708, 2015.
[5]
F. A. Alaba, M. Othman, I. A. T. Hashem, and F. Alotaibi, "Internet of Things security: A survey," J. Netw. Comput. Appl., vol. 88, pp. 10--28, Jun. 2017.
[6]
BREACH LEVEL INDEX, "2017 - The Year of Internal Threats and Accidental Data Breaches", 2017. [Online], Available: https://breachlevelindex.com/assets/Breach-Level-Index-Report-2017-Gemalto.pdf [Accessed June 14, 2019].
[7]
A. Tewari and B. B. Gupta, "Security, privacy and trust of different layers in Internet-of-Things (IoTs) framework," Future Gener. Comput. Syst., May 2018.
[8]
J. Hou, L. Qu, and W. Shi, "A survey on internet of things security from data perspectives," Comput. Netw., vol. 148, pp. 295--306, Jan. 2019.
[9]
M. Aly, F. Khomh, M. Haoues, A. Quintero, and S. Yacout, "Enforcing security in Internet of Things frameworks: A Systematic Literature Review," Internet Things, vol. 6, p. 100050, Jun. 2019.
[10]
M. Ammar, G. Russello, and B. Crispo, "Internet of Things: A survey on the security of IoT frameworks," J. Inf. Secur. Appl., vol. 38, pp. 8--27, Feb. 2018.
[11]
D. E. Kouicem, A. Bouabdallah, and H. Lakhlef, "Internet of things security: A top-down survey," Comput. Netw., vol. 141, pp. 199--221, Aug. 2018.
[12]
M. binti Mohamad Noor and W. H. Hassan, "Current research on Internet of Things (IoT) security: A survey," Comput. Netw., vol. 148, pp. 283--294, Jan. 2019.
[13]
H. A. Khattak, M. A. Shah, S. Khan, I. Ali, and M. Imran, "Perception layer security in Internet of Things," Future Gener. Comput. Syst., vol. 100, pp. 144--164, Nov. 2019.
[14]
M. Suryanegara, A. S. Arifin, M. Asvial, and G. Wibisono, "A system engineering approach to the implementation of the Internet of Things (IoT) in a country," in 2017 4th International Conference on Information Technology, Computer, and Electrical Engineering (ICITACEE), Semarang, 2017, pp. 20--23.
[15]
IEEE Standards Association, "Internet of Things- IEEE standards enabling products with real-world applications" [Online], Available: https://standards.ieee.org/initiatives/iot/stds.html
[16]
National Institute of Standards and Technology, "CYBERSECURITY FRAMEWORK", [Online], Available: https://www.nist.gov/cyberframework [Accessed June 14, 2019].
[17]
International Telecommunication Union, "SG17: Security" [Online], Available: https://www.itu.int/en/ITU-T/studygroups/2017-2020/17/Pages/default.aspx
[18]
International Organization for Standardization, "ISO/IEC 27000 family - Information security management systems" [Online], Available: https://www.iso.org/isoiec-27001-information-security.html
[19]
International Organization for Standardization, "ISO/IEC 15408-1:2009" [Online], Available: https://www.iso.org/obp/ui/#iso:std:iso-iec:15408:-1:ed-3:v2:en

Cited By

View all
  • (2024)Potential Smart Grid Vulnerabilities to Cyber Attacks: Current Threats and Existing Mitigation StrategiesHeliyon10.1016/j.heliyon.2024.e37980(e37980)Online publication date: Sep-2024
  • (2022) A Novel Secure Root Key Updating Scheme for LoRaWANs Based on CTR_AES DRBG 128 IEEE Access10.1109/ACCESS.2022.315028110(18807-18819)Online publication date: 2022

Index Terms

  1. An Integrated Model of Technical and Non-Technical Perspectives on Managing IoT Security

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    ICICM '19: Proceedings of the 9th International Conference on Information Communication and Management
    August 2019
    210 pages
    ISBN:9781450371889
    DOI:10.1145/3357419
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    In-Cooperation

    • Chinese Academy of Sciences

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 23 August 2019

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. Data Privacy
    2. Governmental regulations
    3. IoT Regulation
    4. IoT Security
    5. Policy

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    ICICM 2019

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)13
    • Downloads (Last 6 weeks)6
    Reflects downloads up to 14 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)Potential Smart Grid Vulnerabilities to Cyber Attacks: Current Threats and Existing Mitigation StrategiesHeliyon10.1016/j.heliyon.2024.e37980(e37980)Online publication date: Sep-2024
    • (2022) A Novel Secure Root Key Updating Scheme for LoRaWANs Based on CTR_AES DRBG 128 IEEE Access10.1109/ACCESS.2022.315028110(18807-18819)Online publication date: 2022

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media