Vol. 5, Issue 6 (2020)
Privacy and security in the internet of things (Iot)
Author(s): Khan Muhammad Wafa, Sebghatullah Aslamzai
Abstract: The Internet of Things (IoT) provides opportunities for intelligent wearable devices, home appliances, and software/middleware to communicate and share information on the Internet. In this research, I begin with general information security background of IoT and continue on with information security related challenges that IoT will have experienced. I will also point out research directions that could be the future work for the solutions to the security challenges that IoT encounters. With the aim and target at proposing a methodological approach for secure IoT application development, I investigated what are security challenges in the sense of IoT development. I reviewed literature and investigated two industry cases. The preliminary finding results in a list of few security challenges with regards to organizational, technical and methodological perspectives. Cross case comparison provides initial explanation about the less focus on organizational and methodological security concerns in my cases. My approach was initially exemplified in a smart home setting and consists of three main tiers namely: cloud storage, overlay, and smart home but I delve deeper and outlined the various core components and functions of the smart generous tier. Each smart place is equipped with an always high resource device, online, known as miner that is responsible for handling all communication within and external to the internal system. The miner also preserves a private and secure Block Chain, used for controlling and auditing communications. I show that our proposed block chain base smart places framework is secure by thoroughly analyzing its security with respect to the fundamental security goals of integrity, confidentiality and availability. Finally, I present solutions and results to highlight that the overheads in terms of traffic, processing time and energy consumption introduced by this approach are insignificant relative to its security and privacy gains.