Internet of Things Security Research: A Rehash of Old Ideas or New Intellectual Challenges?

Fernandes, Earlence; Rahmati, Amir; Eykholt, Kevin; Prakash, Atul

doi:10.1109/msp.2017.3151346

Cited by 97 publications

(38 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Against this background, the IoT fundamentally challenges the field of IS security and privacy, requiring the redefinition of well-established rules and organizational practices to protect sensor data (Fernandes, Rahmati, Eykholt, & Prakash, 2017;Singh, Pasquier, Bacon, Ko, & Eyers, 2016). The confidentiality and integrity of data are essential to security and privacy to ensure that personal data cannot be viewed or manipulated by objectionable third parties (Anderson et al, 2017;Baskerville & Siponen, 2002;Chellappa & Pavlou, 2002).…”

Section: Security and Privacy In The Internet Of Thingsmentioning

confidence: 99%

"Blockchain for the IoT: Privacy-Preserving Protection of Sensor Data"

Chanson¹,

Bogner²,

Bilgeri³

et al. 2019

JAIS

View full text Add to dashboard Cite

A constantly growing pool of smart, connected Internet of Things (IoT) devices poses completely new challenges for business regarding security and privacy. In fact, the widespread adoption of smart products might depend on the ability of organizations to offer systems that ensure adequate sensor data integrity while guaranteeing sufficient user privacy. In light of these challenges, previous research indicates that blockchain technology may be a promising means to mitigate issues of data security arising in the IoT. Building upon the existing body of knowledge, we propose a design theory, including requirements, design principles, and features, for a blockchain-based sensor data protection system (SDPS) that leverages data certification. We then design and develop an instantiation of an SDPS (CertifiCar) in three iterative cycles that prevents the fraudulent manipulation of car mileage data. Furthermore, we provide an ex-post evaluation of our design theory considering CertifiCar and two additional use cases in the realm of pharmaceutical supply chains and energy microgrids. The evaluation results suggest that the proposed design ensures the tamper-resistant gathering, processing, and exchange of IoT sensor data in a privacy-preserving, scalable, and efficient manner.

show abstract

Section: Security and Privacy In The Internet Of Thingsmentioning

confidence: 99%

"Blockchain for the IoT: Privacy-Preserving Protection of Sensor Data"

Chanson¹,

Bogner²,

Bilgeri³

et al. 2019

JAIS

View full text Add to dashboard Cite

show abstract

“…Another approach is given in the TCP/IP model [21], [22], which is frequently used for internet communications because it is a simplified vision of the OSI layer model by only using four layers. The figure 2 shows a representation of both versions In the field of the IoT, [23] proposes an IoT stack as the combination of four main components: the physical layer, the IoT platform, the communication protocols/technologies and the application layer. Instead, [24] suggests an architecture based on three main layers: the perception layer, the network layer, and the application layer.…”

Section: Wireless Smart Home Protocolsmentioning

confidence: 99%

An overview of wireless IoT protocol security in the smart home domain

Marksteiner

Jiménez

Valiant

et al. 2017

2017 Internet of Things Business Models, Users, and Networks

View full text Add to dashboard Cite

While the application of IoT in smart technologies becomes more and more proliferated, the pandemonium of its protocols becomes increasingly confusing. More seriously, severe security deficiencies of these protocols become evident, as timeto-market is a key factor, which satisfaction comes at the price of a less thorough security design and testing. This applies especially to the smart home domain, where the consumerdriven market demands quick and cheap solutions. This paper presents an overview of IoT application domains and discusses the most important wireless IoT protocols for smart home, which are KNX-RF, EnOcean, Zigbee, Z-Wave and Thread. Finally, it describes the security features of said protocols and compares them with each other, giving advice on whose protocols are more suitable for a secure smart home.

show abstract

“…The rise of mobile and wearable computing, and the increasing advancements of connected Internet of Things (IoT) has created new opportunities and challenges for security and privacy. Recent research in IoT security and privacy has focused on software engineering security practices [1,2], patching networked devices [3], access control policy specification, and redesigning IoTbased authentication for sharing passwords among multiple users for unlocking devices [4,5].…”

Section: Introductionmentioning

confidence: 99%

“…In this respect, researchers have attempted to provide an alternative to textual passwords by proposing graphical password systems which ask users to complete an image-based task to login. Graphical passwords have shown to have good usability and security characteristics [2] and are now being widely adopted, e.g., Windows 10 picture password. Many graphical password systems have been proposed (see [7] for a review) which either require users to sketch a secret image or pattern on the screen [11,12], or select and recognize pictures on a grid [13], or provide users with various cues (visual, verbal, and spatial) to assist the recognition of system-assigned keywords [19].…”

Section: Introductionmentioning

confidence: 99%

FlexPass

Belk

Fidas

Pitsillides

2019

Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems

View full text Add to dashboard Cite

1 This paper presents a new user authentication paradigm which is based on a flexible user authentication method, namely FlexPass. FlexPass relies on a single, user-selected secret that can be reflected in both textual and graphical authentication secrets. Such an approach facilitates adaptability in nowadays ubiquitous user interaction contexts within the Internet of Things (IoT), in which end-users authenticate multiple times per day through a variety of interaction device types. We present an initial evaluation of the new authentication method based on an in-lab experiment with 32 participants. Analysis of results reveal that the FlexPass paradigm is memorable and that users like the adaptable perspective of the new approach. Findings are expected to scaffold the design of more user-centric knowledge-based authentication mechanisms within nowadays ubiquitous computation realms.

show abstract

Internet of Things Security Research: A Rehash of Old Ideas or New Intellectual Challenges?

Cited by 97 publications

References 10 publications

"Blockchain for the IoT: Privacy-Preserving Protection of Sensor Data"

"Blockchain for the IoT: Privacy-Preserving Protection of Sensor Data"

An overview of wireless IoT protocol security in the smart home domain

FlexPass

Contact Info

Product

Resources

About