Taxonomy and analysis of security protocols for Internet of Things

Ashok Kumar Das; Sherali Zeadally; Debiao He

doi:10.1016/j.future.2018.06.027

Taxonomy and analysis of security protocols for Internet of Things

Ashok Kumar Das, Sherali Zeadally, Debiao He

School of Information Science

Research output: Contribution to journal › Article › peer-review

129 Scopus citations

Abstract

The Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since the communication often takes place over the Internet, it is vulnerable to various security threats in an IoT environment. We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to the IoT environment. We then present a taxonomy of security protocols for the IoT environment which includes important security services such as key management, user and device authentication, access control, privacy preservation, and identity management. We also present a comparative study of recently proposed IoT-related state-of-art security protocols in terms of various security and functionality features they support. Finally, we discuss some future challenges for IoT security protocols that need to be addressed in the future.

Original language	English
Pages (from-to)	110-125
Number of pages	16
Journal	Future Generation Computer Systems
Volume	89
DOIs	https://doi.org/10.1016/j.future.2018.06.027
State	Published - Dec 2018

Bibliographical note

Funding Information:
We thank the anonymous reviewers and the Editor for their valuable comments which helped us to improve the quality and presentation of the paper. This work was supported by the Information Security Education & Awareness (ISEA) Phase II Project, Department of Electronics and Information Technology (DeitY), India. The work was also supported by the National Natural Science Foundation of China (Nos. 61501333 , 61572379 , U1536204 ) and the National High-Tech Research and Development Program of China (863 Program) (No. 2015AA016004 ).

Publisher Copyright:
© 2018 Elsevier B.V.

Keywords

Access control
Authentication
Identity management
IoT
Key management
Privacy
Security
Sensing devices

ASJC Scopus subject areas

Software
Hardware and Architecture
Computer Networks and Communications

Access to Document

10.1016/j.future.2018.06.027

Cite this

@article{fce21386f1f34be98e75ad360ade9597,

title = "Taxonomy and analysis of security protocols for Internet of Things",

abstract = "The Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since the communication often takes place over the Internet, it is vulnerable to various security threats in an IoT environment. We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to the IoT environment. We then present a taxonomy of security protocols for the IoT environment which includes important security services such as key management, user and device authentication, access control, privacy preservation, and identity management. We also present a comparative study of recently proposed IoT-related state-of-art security protocols in terms of various security and functionality features they support. Finally, we discuss some future challenges for IoT security protocols that need to be addressed in the future.",

keywords = "Access control, Authentication, Identity management, IoT, Key management, Privacy, Security, Sensing devices",

author = "Das, {Ashok Kumar} and Sherali Zeadally and Debiao He",

note = "Funding Information: We thank the anonymous reviewers and the Editor for their valuable comments which helped us to improve the quality and presentation of the paper. This work was supported by the Information Security Education & Awareness (ISEA) Phase II Project, Department of Electronics and Information Technology (DeitY), India. The work was also supported by the National Natural Science Foundation of China (Nos. 61501333 , 61572379 , U1536204 ) and the National High-Tech Research and Development Program of China (863 Program) (No. 2015AA016004 ). Publisher Copyright: {\textcopyright} 2018 Elsevier B.V.",

year = "2018",

month = dec,

doi = "10.1016/j.future.2018.06.027",

language = "English",

volume = "89",

pages = "110--125",

}

TY - JOUR

T1 - Taxonomy and analysis of security protocols for Internet of Things

AU - Das, Ashok Kumar

AU - Zeadally, Sherali

AU - He, Debiao

N1 - Funding Information: We thank the anonymous reviewers and the Editor for their valuable comments which helped us to improve the quality and presentation of the paper. This work was supported by the Information Security Education & Awareness (ISEA) Phase II Project, Department of Electronics and Information Technology (DeitY), India. The work was also supported by the National Natural Science Foundation of China (Nos. 61501333 , 61572379 , U1536204 ) and the National High-Tech Research and Development Program of China (863 Program) (No. 2015AA016004 ). Publisher Copyright: © 2018 Elsevier B.V.

PY - 2018/12

Y1 - 2018/12

N2 - The Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since the communication often takes place over the Internet, it is vulnerable to various security threats in an IoT environment. We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to the IoT environment. We then present a taxonomy of security protocols for the IoT environment which includes important security services such as key management, user and device authentication, access control, privacy preservation, and identity management. We also present a comparative study of recently proposed IoT-related state-of-art security protocols in terms of various security and functionality features they support. Finally, we discuss some future challenges for IoT security protocols that need to be addressed in the future.

AB - The Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since the communication often takes place over the Internet, it is vulnerable to various security threats in an IoT environment. We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to the IoT environment. We then present a taxonomy of security protocols for the IoT environment which includes important security services such as key management, user and device authentication, access control, privacy preservation, and identity management. We also present a comparative study of recently proposed IoT-related state-of-art security protocols in terms of various security and functionality features they support. Finally, we discuss some future challenges for IoT security protocols that need to be addressed in the future.

KW - Access control

KW - Authentication

KW - Identity management

KW - IoT

KW - Key management

KW - Privacy

KW - Security

KW - Sensing devices

UR - http://www.scopus.com/inward/record.url?scp=85049345619&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85049345619&partnerID=8YFLogxK

U2 - 10.1016/j.future.2018.06.027

DO - 10.1016/j.future.2018.06.027

M3 - Article

AN - SCOPUS:85049345619

SN - 0167-739X

VL - 89

SP - 110

EP - 125

JO - Future Generation Computer Systems

JF - Future Generation Computer Systems

ER -

Taxonomy and analysis of security protocols for Internet of Things

Abstract

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this