TY - JOUR
T1 - Framework-based security measures for Internet of Thing
T2 - A literature review
AU - Rueda-Rueda, Johan Smith
AU - Portocarrero, Jesus M.T.
N1 - Publisher Copyright:
© 2021 J. Smith Rueda-Rueda and J. M. T. Portocarrero, published by De Gruyter.
PY - 2021/1/1
Y1 - 2021/1/1
N2 - This paper presents a review of state-of-the-art security frameworks for IoT applications. It aims to find out what alternatives have been proposed to guide IoT application developers in the implementation of security measures through all development phases. In this literature review, we identified 21 security frameworks, and we analyzed them from IoT application domains addressed and IoT elements protected. We find four application domains: generic, smart cities, smart car/VANET, and smart infrastructures. Concerning elements protected, we analyzed the frameworks through protected application resources and we also consider security properties in this paper. Our two principal findings are: (i) Even though there are a wide variety of security frameworks, we did not find a proposal that addresses all the layers of an IoT application (device, network, service and application) and all development phases (analysis, design, implementation, testing, deployment, and maintenance), (ii) Addressing security from the design phase allows IoT developers to have a broader perspective of the system, avoiding massive changes to be made in later stages, saving costs and time. This gap and concerns enable various research on security by design and secure development to be carried out, and proposed frameworks to address the identified problems.
AB - This paper presents a review of state-of-the-art security frameworks for IoT applications. It aims to find out what alternatives have been proposed to guide IoT application developers in the implementation of security measures through all development phases. In this literature review, we identified 21 security frameworks, and we analyzed them from IoT application domains addressed and IoT elements protected. We find four application domains: generic, smart cities, smart car/VANET, and smart infrastructures. Concerning elements protected, we analyzed the frameworks through protected application resources and we also consider security properties in this paper. Our two principal findings are: (i) Even though there are a wide variety of security frameworks, we did not find a proposal that addresses all the layers of an IoT application (device, network, service and application) and all development phases (analysis, design, implementation, testing, deployment, and maintenance), (ii) Addressing security from the design phase allows IoT developers to have a broader perspective of the system, avoiding massive changes to be made in later stages, saving costs and time. This gap and concerns enable various research on security by design and secure development to be carried out, and proposed frameworks to address the identified problems.
KW - Cybersecurity
KW - IoT application
KW - Security framework
KW - Security requirements
KW - State-of-art
UR - http://www.scopus.com/inward/record.url?scp=85106761072&partnerID=8YFLogxK
U2 - 10.1515/comp-2020-0220
DO - 10.1515/comp-2020-0220
M3 - Articulo en revista no especializada
AN - SCOPUS:85106761072
SN - 2299-1093
VL - 11
SP - 346
EP - 354
JO - Open Computer Science
JF - Open Computer Science
IS - 1
ER -