Articles Data Breaches and Identity Theft | Page 6

Cyber security and the Internet of Things 69
2.1 Understanding IoT Devices and Services
In this section, the main IoT domain concepts that are important from a
business process perspective are defined and classified, and the relationships
between IoT components (IoT devices and IoT services) are described.
2.1.1 IoT device
This is a hardware component that allows the entity to be a part of the digital
world [12]. It is also referred to as a smart thing, which can be a home appliance,
healthcare device, vehicle, building, factory and almost anything networked
and fitted with sensors providing information about the physical environment
(e.g., temperature, humidity, presence detectors, and pollution), actuators (e.g.,
light switches, displays, motor-assisted shutters, or any other action that a
device can perform) and embedded computers [24, 25].
An IoT device is capable of communicating with other IoT devices and ICT
systems. These devices communicate via different means including cellular
(3G or LTE), WLAN, wireless or other technologies [8]. IoT device classifi-
cation depends on size, i.e., small or normal; mobility, i.e., mobile or fixed;
external or internal power source; whether they are connected intermittently
or always-on; automated or non-automated; logical or physical objects; and
lastly, whether they are IP-enabled objects or non IP objects.
The characteristics of IoT devices are their ability to actuate and/or
sense, the capability of limiting power/energy, connection to the physical
world, intermittent connectivity and mobility [23]. Some must be fast and
reliable and provide credible security and privacy, while others might not
[9]. A number of these devices have physical protection whereas others are
unattended.
In fact, in IoT environments, devices should be protected against any
threats that can affect their functionality. However, most IoT devices are
vulnerable to external and internal attacks due to their characteristics [16].
It is challenging to implement and use a strong security mechanism due to
resource constraints in terms of IoT computational capabilities, memory, and
battery power [26].
2.1.2 IoT services
IoT services facilitate the easy integration of IoT entities into the service-
oriented architecture (SOA) world as well as service science [27]. According
to Thoma [28], an IoT service is a transaction between two parties: the service
provider and service consumer. It causes a prescribed function, enabling