Internet of Things: A survey on the security of IoT frameworks

Journal of Information Security and Applications - Tập 38 - Trang 8-27 - 2018
Mahmoud Ammar1, Giovanni Russello2, Bruno Crispo1
1Department of Computer Science, KU Leuven University, Heverlee, 3001, Belgium
2Department of Computer Science, University of Auckland, Private Bag 92019, Auckland 1142, New Zealand

Tài liệu tham khảo

Singh, 2014, A survey of internet-of-things: Future vision, architecture, challenges and services, 287 Derhamy, 2015, A survey of commercial frameworks for the internet of things, 1 Khan, 2012, Future internet: the internet of things architecture, possible applications and key challenges, 257 Specification Z. Zigbee alliance. URL: http://www.zigbee.org 2006; 558. Z-Wave. Z-wave public specification. http://z-wave.sigmadesigns.com/design-z-wave/z-wave-public-specification/, Online; accessed: April 2017. Gomez, 2012, Overview and evaluation of bluetooth low energy: an emerging low-power wireless technology, Sensors, 12, 11734, 10.3390/s120911734 Ghosh, 2010, Lte-advanced: next-generation wireless broadband technology [invited paper], IEEE Wireless Commun, 17, 10, 10.1109/MWC.2010.5490974 Rescorla E. Http over tls 2000. Shelby, 2014, The constrained application protocol (coap) Locke D. Mq telemetry transport (mqtt) v3.1 protocol specification. http://www.ibm.com/developerworks/webservices/library/ws-mqtt/index.html Online; accessed: April 2017. Saint-Andre P. Extensible messaging and presence protocol (xmpp): Core2011;. Vinoski, 2006, Advanced message queuing protocol, IEEE Internet Comput, 10, 87, 10.1109/MIC.2006.116 Group O.M. Data distribution service v1.2. http://www.omg.org/spec/DDS/1.2/. Online; accessed: April 2017. Al-Fuqaha, 2015, Internet of things: a survey on enabling technologies, protocols, and applications, IEEE Commun Surveys Tutorials, 17, 2347, 10.1109/COMST.2015.2444095 Sheng, 2013, A survey on the ietf protocol suite for the internet of things: standards, challenges, and opportunities, IEEE Wireless Commun, 20, 91, 10.1109/MWC.2013.6704479 Yang, 2017, A survey on security and privacy issues in internet-of-things, IEEE Internet Things J, 10.1109/JIOT.2017.2694844 Kumar, 2014, A survey on internet of things: security and privacy issues, Int J Comput Appl, 90 Vikas B. Internet of things (iot): A survey on privacy issues and security 2015. Borgohain T., Kumar U., Sanyal S. Survey of security and privacy issues of internet of things. arXiv:150102211 2015. Bouij-Pasquier, 2015, A security framework for internet of things, 19 Fremantle, 2017, A survey of secure middleware for the internet of things, Peer J Comput Sci, 3, e114, 10.7717/peerj-cs.114 Amazon. Aws iot framework. https://aws.amazon.com/iot. Online; accessed: April 2017. Amazon. Amazon dynamodb. https://aws.amazon.com/dynamodb. Online; accessed: April 2017. Amazon. Amazon s3. https://aws.amazon.com/s3. Online; accessed: April 2017. Amazon. Amazon machine learning. https://aws.amazon.com/machine-learning. Online; accessed: April 2017. Amazon. Components of aws iot framework. https://aws.amazon.com/iot/how-it-works/. Online; accessed: April 2017. Hunkeler, 2008, Mqtt-sa publish/subscribe protocol for wireless sensor networks, 791 Dierks T., Rescorla E. The transport layer security (tls) protocol version 1.2. https://www.ietf.org/rfc/rfc5246.txt. Online; accessed: April 2017. Amazon. Amazon iot protocols. http://docs.aws.amazon.com/iot/latest/developerguide/protocols.html. Online; accessed: April 2017. Amazon. Amazon lambda. https://aws.amazon.com/lambda. Online; accessed: April 2017. Amazon. Amazon management console. https://aws.amazon.com/console. Online; accessed: April 2017. Amazon. Amazon kinesis. https://aws.amazon.com/kinesis. Online; accessed: April 2017. Amazon. Amazon command line interface. https://aws.amazon.com/cli. Online; accessed: April 2017. Cooper D. Internet x.509 public key infrastructure certificate and certificate revocation list (crl) profile. https://tools.ietf.org/html/rfc5280. Online; accessed: April 2017. Amazon. Iam users, groups, and roles. http://docs.aws.amazon.com/iot/latest/developerguide/iam-users-groups-roles.html. Online; accessed: April 2017. Amazon. Amazon cognito identities. http://docs.aws.amazon.com/iot/latest/developerguide/cognito-identities.html. Online; accessed: April 2017. Amazon. X.509 certificates. http://docs.aws.amazon.com/iot/latest/developerguide/x509-certs.html. Online; accessed: April 2017. Amazon. Aws identity and access management (iam). https://aws.amazon.com/iam/. Online; accessed: April 2017. Amazon. Amazon cognito. https://aws.amazon.com/cognito/. Online; accessed: April 2017. Amazon. Signature version 4 signing process. http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html. Online; accessed: April 2017. Amazon. Aws authorization. http://docs.aws.amazon.com/iot/latest/developerguide/authorization.html. Online; accessed: April 2017. ARM. Arm mbed iot device platform. http://www.arm.com/products/iot-solutions/mbed-iot-device-platform. Online; accessed: April 2017. ARM. mbed device connector. https://www.mbed.com/en/platform/cloud/mbed-device-connector-service/. Online; accessed: April 2017. ARM. mbed os. https://www.mbed.com/en/platform/mbed-os/. Online; accessed: April 2017. mbed A. mbed client. https://www.mbed.com/en/platform/mbed-client/. Online; accessed: April 2017. mbed A. mbed device connector. https://docs.mbed.com/docs/getting-started-with-mbed-device-connector/en/latest/Connector-intro/. Online; accessed: April 2017. mbed A. mbed cloud. https://cloud.mbed.com/. Online; accessed: April 2017. mbed A. mbed documentation. https://docs.mbed.com/. Online; accessed: April 2017. mbed A. mbed security. https://www.mbed.com/en/technologies/security/. Online; accessed: April 2017. mbed A. mbed uvisor. https://www.mbed.com/en/technologies/security/uvisor/. Online; accessed: April 2017. mbed A. mbed tls. https://tls.mbed.org/core-features. Online; accessed: April 2017. Microsoft. Tap into the internet of your things with azure iot suite. https://www.microsoft.com/en-us/cloud-platform/internet-of-things-azure-iot-suite. Online; accessed: April 2017. Azure M. Microsoft azure iot reference architecture. https://azure.microsoft.com/en-us/updates/microsoft-azure-iot-reference-architecture-available/. Online; accessed: April 2017. Azure M. Azure iot hub. https://azure.microsoft.com/en-us/services/iot-hub/. Online; accessed: April 2017. Azure M. Communication protocols. https://azure.microsoft.com/en-us/documentation/articles/iot-hub-devguide-messaging/#communication-protocols. Online; accessed: April 2017. Azure M. Azure iot protocol gateway. https://azure.microsoft.com/en-us/documentation/articles/iot-hub-protocol-gateway/. Online; accessed: April 2017. Azure M. Azure products. https://azure.microsoft.com/services/. Online; accessed: April 2017. Microsoft. Power bi. https://powerbi.microsoft.com. Online; accessed: April 2017. Azure M. Azore iot sdks. https://github.com/Azure/azure-iot-sdks. Online; accessed: April 2017. Microsoft. Security development lifecycle. https://www.microsoft.com/en-us/sdl/default.aspx. Online; accessed: April 2017. Microsoft. Operational security assurance. https://www.microsoft.com/en-us/SDL/OperationalSecurityAssurance. Online; accessed: April 2017. Azure M. Internet of things security from the ground up. https://azure.microsoft.com/en-us/documentation/articles/iot-hub-security-ground-up/. Online; accessed: April 2017. Azure M. What is azure active directory. https://azure.microsoft.com/en-us/documentation/articles/active-directory-whatis/. Online; accessed: April 2017. Azure M. Documentdb. https://azure.microsoft.com/en-us/services/documentdb/. Online; accessed: April 2017. Google. Brillo. https://developers.google.com/brillo/. Online; accessed: April 2017. Google. Weave. https://developers.google.com/weave/. Online; accessed: April 2017. Gargenta, 2012, Deep dive into android ipc/binder framework Google. Ota updates. https://source.android.com/devices/tech/ota/. Online; accessed: April 2017. MSV J. Google brillo vs. apple homekit: The battleground shifts to iot. http://www.forbes.com/sites/janakirammsv/2015/10/29/google-brillo-vs-apple-homekit-the-battleground-shifts-to-iot/#484c33674cac. Online; accessed: April 2017. Gaillard F. Microprocessor (MPU) or Microcontroller (MCU)? What factors should you consider when selecting the right processing device for your next design. Technical report, Atmel Corporation, 2013. URL http://www.atmel.com/images/mcu_vs_mpu_article.pdf. CNXSoft. Brillo android based os for iot projects supports arm, intel and mips platforms. http://www.cnx-software.com/2015/10/28/brillo-android-based-os-for-iot-projects-support-arm-intel-and-mips-platforms/. Online; accessed: April 2017. Intel. Getting started with brillo on the intel edison board. https://software.intel.com/en-us/articles/getting-started-with-brillo-on-the-intel-edison-board. Online; accessed: April 2017. Android. Hardware-backed keystore. https://source.android.com/security/keystore. Online; accessed: April 2017. Ericsson. Open source release of iot app environment calvin. https://www.ericsson.com/research-blog/cloud/open-source-calvin/. Online; accessed: April 2017. Morrison, 2010 Hewitt C. Actor model of computation: scalable robust information systems. arXiv:100814592010;. Ericsson. A closer look at calvin. https://www.ericsson.com/research-blog/cloud/closer-look-calvin/. Online; accessed: April 2017. Persson, 2015, Calvin merging cloud and iot, Procedia Comput Sci, 52, 210, 10.1016/j.procs.2015.05.059 Ericsson. Security in calvin. https://github.com/EricssonResearch/calvin-base/wiki/Security/. Online; accessed: April 2017. Apple. The smart home just got smarter. http://www.apple.com/ios/home/. Online; accessed: April 2017. Apple. Siri. http://www.apple.com/ios/siri/. Online; accessed: April 2017. Apple. About bonjour. https://developer.apple.com/library/content/documentation/Cocoa/Conceptual/NetServices/Introduction.html. Online; accessed: April 2017. Apple. icloud. http://www.apple.com/lae/icloud/. Online; accessed: April 2017. Apple. tvos. http://www.apple.com/tvos/. Online; accessed: April 2017. Apple. Homekit developer guide. https://developer.apple.com/library/content/documentation/NetworkingInternet/Conceptual/HomeKitDeveloperGuide/Introduction/Introduction.html#//apple_ref/doc/uid/TP40015050. Online; accessed: April 2017. Apple. Mfi program. https://developer.apple.com/programs/mfi/. Online; accessed: April 2017. Apple. ios security. http://www.apple.com/business/docs/iOS_Security_Guide.pdf. Online; accessed: April 2017. Bernstein, 2012, High-speed high-security signatures, J Cryptograph Eng, 2, 77, 10.1007/s13389-012-0027-1 Bernstein D. A state-of-the-art diffie-hellman function. https://cr.yp.to/ecdh.html. Online; accessed: April 2017. Snow, 2013, Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization, 574 Barker E., Kelsey J. Recommendation for random number generation using deterministic random bit generators. https://doi.org/10.6028/NIST.SP.800-90Ar1. Online; accessed: April 2017. Alliance O. Osgi architecture. https://www.osgi.org/developer/architecture/. Online; accessed: April 2017. Organization E. Kura framework. http://www.eclipse.org/kura/. Online; accessed: April 2017. Organization E. Kura framework. http://wiki.eclipse.org/Kura. Online; accessed: April 2017. Organization E. Kura - osgi-based application framework for m2m service gateways. http://www.eclipse.org/proposals/technology.kura/. Online; accessed: April 2017. Organization E. Kura - a gateway for the internet of things. http://www.eclipse.org/community/eclipse_newsletter/2014/february/article3.php. Online; accessed: April 2017. Organization E. Mqtt and coap, iot protocols. http://www.eclipse.org/community/eclipse_newsletter/2014/february/article2.php. Online; accessed: April 2017. Organization E. Kura - hardware targets. http://eclipse.github.io/kura/ref/hardware-targets.html. Online; accessed: April 2017. Organization E. Kura - raspberry pi quick start. http://eclipse.github.io/kura/doc/raspberry-pi-quick-start.html. Online; accessed: April 2017. Organization E. Kura - beaglebone quick start. http://eclipse.github.io/kura/doc/beaglebone-quick-start.html. Online; accessed: April 2017. Eurotech. Eurotech. https://www.eurotech.com/en/about+eurotech/. Online; accessed: April 2017. Lawton G. How to put configurable security in effect for an iot gateway. http://www.theserverside.com/tip/How-to-put-configurable-security-in-effect-for-an-IoT-gateway. Online; accessed: April 2017. Organization E. Eclipse paho. http://www.eclipse.org/paho/. Online; accessed: April 2017. SmartThings. Smartthings documentation. http://docs.smartthings.com/en/latest/. Online; accessed: April 2017. SmartThings. Cloud and lan-connected devices. http://docs.smartthings.com/en/latest/cloud-and-lan-connected-device-types-developers-guide/. Online; accessed: April 2017. SmartThings. Smartthings architecture. http://docs.smartthings.com/en/latest/architecture/index.html. Online; accessed: April 2017. Groovy. Groovy programming language. http://www.groovy-lang.org. Online; accessed: April 2017. Kawaguchi K. Groovy sandbox. http://groovy-sandbox.kohsuke.org/. Online; accessed: April 2017. Fernandes, 2016, Security Analysis of Emerging Smart Home Applications
Thông tin
Thông tin xuất bản

Journal of Information Security and Applications

Tập 38

8-27

Thông tin tác giả