Abstract
The inclusion of Internet of Things (IoT) for building smart cities, smart health, smart grids, and other smart concepts has driven data-driven decision making by managers and automation in each domain. However, the hyper-connectivity generated by IoT networks coupled with limited default security in IoT devices increases security risks that can jeopardize the operations of cities, hospitals, and organizations. Strengthening the security aspects of IoT devices prior to their use in different systems can contribute to minimize the attack surface. This study aimed to model a sequence of seven steps to minimize the attack surface by executing hardening processes. Conducted a systematic literature review using Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) techniques. In this way, we were able to define a proposed methodology to evaluate the security level of an IoT solution by means of a checklist that considers the security aspects in the three layers of the IoT architecture. A risk matrix adapted to IoT is established to evaluate the attack surface. Finally, a process of hardening and vulnerability analysis is proposed to reduce the attack surface and improve the security level of the IoT solution.
Subject
Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science
Reference61 articles.
1. The Cloud Computing and Internet of Things (IoT)
2. Modern security threats in the Internet of Things (IoT): Attacks and Countermeasures
3. Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks
4. Definitions and Terminology Relating to Building Confidence and Security in the Use of Information and Communicationhttps://www.itu.int/net/itunews/issues/2010/09/pdf/201009_20.pdf
5. The 20 CIS Controls & Resources Pagehttps://www.cisecurity.org/controls/cis-controls-list/
Cited by
17 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献