A survey on Internet of Things (IoT) security : Challenges and Current status

EOI: 10.11242/viva-tech.01.04.217

Download Full Text here


Ms. Bhavika Thakur, Ms. Amruta Dhuri, Ms. Riya Patil, Prof. Bhushan Save, "A survey on Internet of Things (IoT) security : Challenges and Current status", VIVA-IJRI Volume 1, Issue 4, Article 217, pp. 1-6, 2021. Published by Computer Engineering Department, VIVA Institute of Technology, Virar, India.


When Internet of Things (IoT) applications become a part of people’s daily life, security issues in IoT have caught substantial attention in both academia and industry. Compared to traditional computing systems, IoT systems have more inherent vulnerabilities, and in the intervening time, could have higher security requirements. However, the current design of IoT does not successfully address the higher security requirements postured by those vulnerabilities. Many recent attacks on IoT systems have shown that novel security solutions are needed to defend this emerging system. This paper purposes to examine security challenges resulted from the special characteristics of the IoT systems and the new features of the IoT applications. This could help pave the road to better security solution design. Furthermore, three architectural security designs are suggested and analyzed. Examples of how to implement these designs are discussed. Finally, for each layer in IoT architecture, open issues are also identified.


Architecture IoT, Challenges, Internet of Things, Open issues, Security.


  1. M. Abomhara and G. M. Koien, "Security and privacy in the Internet of Things: Current status and open issues," in Int'l Conference on Privacy and Security in Mobile Systems (PRISMS), 1-8, 2014.
  2. K. Zhao and L. Ge, "A survey on the internet of things security," in Int'l Conf. on Computational Intelligence and Security (CIS), 663-667, 2013.
  3. L. Atzori, A. Iera, G. Morabito, and M. Nitti, "The social internet of things (siot)–when social networks meet the internet of things: Concept,architecture and network characterization," Computer Networks, vol. 56, 3594-3608, 2012.
  4. M. Leo, F. Battisti, M. Carli, and A. Neri, "A federated architecture approach for Internet of Things security," in Euro Med Telco Conference (EMTC), 1-5, 2014.
  5. P. N. Mahalle, B. Anggorojati, N. R. Prasad, and R. Prasad, "Identity authentication and capability based access control (iacac) for the internet of things," J. of Cyber Security and Mobility, vol. 1, 309-348, 2013.
  6. M. Farooq, M. Waseem, A. Khairi, and S. Mazhar, "A Critical Analysis on the Security Concerns of Internet of Things (IoT)," Perception, vol. 111, 2015.
  7. R. Roman, P. Najera, and J. Lopez, "Securing the internet of things," Computer, vol. 44, 51-58, 2011.
  8. R. Roman, J. Zhou, and J. Lopez, "On the features and challenges of security and privacy in distributed internet of things," Computer Networks, vol. 57, 2266-2279, 2013.
  9. Q. Wen, X. Dong, and R. Zhang, "Application of dynamic variable cipher security certificate in internet of things," in Int'l Conference on Cloud Computing and Intelligent Systems (CCIS), 1062-1066, 2012.
  10. G. Zhao, X. Si, J. Wang, X. Long, and T. Hu, "A novel mutual authentication scheme for Internet of Things," in Int'l Conference on Modelling, Identification and Control (ICMIC), 563-566, 2011.
  11. N. Koblitz, "Elliptic curve cryptosystems," Mathematics of computation, vol. 48, 203-209, 1987.
  12. J.-Y. Lee, W.-C. Lin, and Y.-H. Huang, "A lightweight authentication protocol for internet of things," in Int'l Symposium on Next-Generation Electronics (ISNE), 1-2, 2014.
  13. Y. Xie and D. Wang, "An Item-Level Access Control Framework for Inter-System Security in the Internet of Things," in Applied Mechanics and Materials, 1430-1432, 2014.
  14. B. Anggorojati, P. N. Mahalle, N. R. Prasad, and R. Prasad, "Capabilitybased access control delegation model on the federated IoT network," in Int'l Symposium on Wireless Personal Multimedia Communications (WPMC), 604-608, 2012.
  15. M. Castrucci, A. Neri, F. Caldeira, J. Aubert, D. Khadraoui, M. Aubigny, et al., "Design and implementation of a mediation system enabling secure communication among Critical Infrastructures," Int'l Journal of Critical Infrastructure Protection, vol. 5, 86-97, 2012.
  16. R. Neisse, G. Steri, and G. Baldini, "Enforcement of security policy rules for the internet of things," in Int'l Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), 165-172, 2014.
  17. M. Patton, E. Gross, R. Chinn, S. Forbis, L. Walker, and H. Chen, "Uninvited Connections: A Study of Vulnerable Devices on the Internetof Things (IoT)," in Joint Intelligence and Security Informatics Conference (JISIC), 232-235, 2014.
  18. I. Mashal, O. Alsaryrah, T.-Y. Chung, C.-Z. Yang, W.-H. Kuo, and D. P. Agrawal, "Choices for Interaction with Things on Internet and
  19. S. Sicari, A. Rizzardi, L. Grieco, and A. Coen-Porisini, "Security, privacy and trust in Internet of Things: The road ahead," Computer Networks, vol. 76, 146-164, 2015.
  20. W. H. Chin, Z. Fan, and R. Haines, "Emerging technologies and research challenges for 5G wireless networks," Wireless Communications, vol. 21, 106-112, 2014.
  21. X. Duan and X. Wang, "Authentication handover and privacy protection in 5G hetnets using software-defined networking," Communications Magazine, vol. 53, 28-35, 2015.