Loading...
Please wait, while we are loading the content...
Mapeamento de Requisitos de Segurança à Tecnologia na Internet das Coisas
| Content Provider | Semantic Scholar |
|---|---|
| Author | José, Moser Zeferino Vicente |
| Copyright Year | 2018 |
| Abstract | Due to a very fast paced rythm in technology advancement, security and privacy have been subjects of debate in recent years, both by the industry and scientific community, and by end users. The sharing of information through technological means has been growing in the last decade, also due to the rapid growth and penetration of technology in everyday human life. One of the fastest growing areas is known as Internet of Things (IoT), which encompasses technology that allows one to connect multiple physical and intelligent objects with reduced computing power to the Internet, allowing sharing information with each other. Presently, IoT already plays an important role in many key areas of society (e.g., transport, health, and agriculture), in particular by enabling it to conveniently extract and share information on the state of the environment. However, several security-related problems and challenges have arisen in the last years, clearly demonstrating that IoT lacks a structuring intervention in this dimension, starting from the basics. IoT is in a premature state in terms of security and privacy. There is no general approach (or even concern) to security, and there is no standardized mechanism for protecting data and devices. The hype associated with new IoT systems often degenerates into a reduced time-to-market that benefits functionality and prejudices security engineering. On the other hand, more modest processing and memory specifications for many of the IoT devices create additional challenges in designing and integrating security mechanisms; the fact that many devices are physically accessible without rigid access control as well as the fact that often unencrypted or unsecured wireless technologies are used in the communications of IoT greatly facilitates attacks on such devices by malicious entities. This dissertation begins by analyzing, in a comprehensive manner, some studies already carried out in the field of security for IoT, comparing them and using them as motivation for a study on the performance of security mechanisms in current development platforms for the IoT, specifically in a Raspberry Pi 3, assuming that this knowledge is important for the design of secure IoT systems and software. The dissertation contains the performance results for some OpenSSL library functions, including the most popular hash and cipher functions currently used. These results are compared against the ones obtained for a desktop computer. Also presented is a set of performance tests concerning existing security mechanisms for computational systems (e.g., firewall and intrusion detection system). This dissertation also presents a first approach to the mapping between requirements and security mechanisms in the specific context of IoT, in order to find the requirements that best fit the IoT environment, knowing its limitations, in particular security. In the end, a prototype of a proof-of-concept tool, which shows how this mapping can be useful in practice, is presented. |
| File Format | PDF HTM / HTML |
| Alternate Webpage(s) | https://ubibliorum.ubi.pt/bitstream/10400.6/10019/1/6686_14204.pdf |
| Language | English |
| Access Restriction | Open |
| Content Type | Text |
| Resource Type | Article |
