Taxonomy and analysis of security protocols for Internet of Things

Ashok Kumar Das, Sherali Zeadally, Debiao He

Research output: Contribution to journalArticlepeer-review

129 Scopus citations


The Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since the communication often takes place over the Internet, it is vulnerable to various security threats in an IoT environment. We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to the IoT environment. We then present a taxonomy of security protocols for the IoT environment which includes important security services such as key management, user and device authentication, access control, privacy preservation, and identity management. We also present a comparative study of recently proposed IoT-related state-of-art security protocols in terms of various security and functionality features they support. Finally, we discuss some future challenges for IoT security protocols that need to be addressed in the future.

Original languageEnglish
Pages (from-to)110-125
Number of pages16
JournalFuture Generation Computer Systems
StatePublished - Dec 2018

Bibliographical note

Funding Information:
We thank the anonymous reviewers and the Editor for their valuable comments which helped us to improve the quality and presentation of the paper. This work was supported by the Information Security Education & Awareness (ISEA) Phase II Project, Department of Electronics and Information Technology (DeitY), India. The work was also supported by the National Natural Science Foundation of China (Nos. 61501333 , 61572379 , U1536204 ) and the National High-Tech Research and Development Program of China (863 Program) (No. 2015AA016004 ).

Publisher Copyright:
© 2018 Elsevier B.V.


  • Access control
  • Authentication
  • Identity management
  • IoT
  • Key management
  • Privacy
  • Security
  • Sensing devices

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications


Dive into the research topics of 'Taxonomy and analysis of security protocols for Internet of Things'. Together they form a unique fingerprint.

Cite this