Articles Data Breaches and Identity Theft | Page 19

82 M. Abomhara and G. M. Køien
readily available IoT devices and services, security and privacy challenges
need to be addressed. The discussion also focused upon the cyber threats
comprising actors, motivation, and capability fuelled by the unique charac-
teristics of cyberspace. It was demonstrated that threats from intelligence
agencies and criminal groups are likely to be more difficult to defeat than
those from individual hackers. The reason is that their targets may be much
less predictable while the impact of an individual attack is expected to be
less severe.
It was concluded that much work remains to be done in the area of IoT secu-
rity, by both vendors and end-users. It is important for upcoming standards to
address the shortcomings of current IoT security mechanisms. As future work,
the aim is to gain deeper understanding of the threats facing IoT infrastructure
as well as identify the likelihood and consequences of threats against IoT.
Definitions of suitable security mechanisms for access control, authentication,
identity management, and a flexible trust management framework should
be considered early in product development. We hope this survey will be
useful to researchers in the security field by helping identify the major issues
in IoT security and providing better understanding of the threats and their
attributes originating from various intruders like organizations and intelligence
agencies.
References
[1] L. Atzori, A. Iera, and G. Morabito, “The internet of things: A survey,”
Computer networks, vol. 54, no. 15, pp. 2787–2805, 2010.
[2] S. Andreev and Y. Koucheryavy, “Internet of things, smart spaces, and
next generation networking,” Springer, LNCS, vol. 7469, p. 464, 2012.
[3] J. S. Kumar and D. R. Patel, “A survey on internet of things: Security and
privacy issues,” International Journal of Computer Applications, vol. 90,
no. 11, pp. 20–26, March 2014, published by Foundation of Computer
Science, New York, USA.
[4] A. Stango, N. R. Prasad, and D. M. Kyriazanos, “A threat analy-
sis methodology for security evaluation and enhancement planning,”
in Emerging Security Information, Systems and Technologies, 2009.
SECURWARE’09. Third International Conference on. IEEE, 2009,
pp. 262–267.
[5] D. Jiang and C. ShiWei, “A study of information security for m2m of
iot,” in Advanced Computer Theory and Engineering (ICACTE), 2010
3rd International Conference on, vol. 3. IEEE, 2010, pp. V3–576.