Internet of things iot security

Purpose of the Study 6 1. Thesis Objectives and Research Questions. The scope of the Thesis and Limitations of this Thesis 8 1. Theoretical Framework 9 1. Importance of the Study 10 1. Internet of Things Introduction Internet of things can be thought of as a network system encompassing wired and wireless connections and devices which may be consisting of both the hardware and software entities for example e-commerce, manufacturing management, agriculture irrigation, energy management, medical and healthcare systems among others (Vermesan, O. Friess, P. Eds. IoT is aimed at ensuring that conventional products utilize communication and exchange of data over the internet to remain connected in order to monitor and control their objectives. Ideally, Internet of Things purpose is to turn ordinary objects, together with utilization of sensors and communication links, be made ‘smart’.

Also, looking at recent research studies, these claims are easily backed up with instances such as the “European standard for smart grids using a home built and insecure cryptography” while major companies such as BMW had not adopted any cryptography forms in any of their vehicles. With the increased number of IoT devices being interconnected worldwide (Federal Trade Commission, 2015), IoT security will be affecting a lot of people in the near future. Problem Statement Technically, IoT presents a large number of interconnected global objects- devices, sensors and actuators which have different roles over the internet. The security issues continue to arise with the development of the IoT. As already mentioned, the IoT architecture is a complex one having different applications, domains and layers and therefore attackers may exploit, using different methods and techniques within different layers, the IoT network.

In order to provide an effective, efficient, and cost-effective computer-controlled network, there is need to come up with IoT security management system (IoTSMS) to allow flawless integration of new devices that may require their relevant applications, software or sensors. The security management system must be able to, therefore, deal with a large network infrastructure consisting of a lot of devices, systems that are connected, their respective data transmission and processing. As of present, there are no presented IoTSMS for advancing an integrated framework for bringing together new applications to provide effective and sufficient IoT security in its networked surrounding. To bridge this void, this study advanced a multi-layered security operating structure for a formidable IoTSMS. As to the IoT this study paper will have to address the following challenges in order to come up with a robust structure 1) the IoT extends the conventional network and mobile environment 2) everything will be linked over the internet and 3) the objects over the internet will communicate with each other.

Another area that will not be covered in this research study are the security risks that might arise because of short-range communication within the IoT features which may include Bluetooth and other features. The major limitation harbored by this paper in proposing a robust IoTSMS is that of complexity and complications. As we already know, the IoT architecture consists of four layers, there can arise circumstances, for instance, multitasking or multi-user, where the working load for the IOTSMS may become complicated. Also, a minor or little problem that can arise in the hardware or software components might cause a serious and severe system failure, therefore, having a common standard in the hardware and software design of components must be employed in this study.

The manufactures, consequently, should take care of compatibility issues in the hardware or software components of IoT. For example, RFID and Smart sensors are some of the components of the element layer, network layer has protocols (IEEE 802. and 6LoWPAN protocols) while the application layer and service layer has software applications. However, the service layer infrastructure tends to be more extensive as it is needed to manage objects and smart sensors contained by the network and background services. But most importantly, in designing of the security management system it should be noted that each of these layers has different security issues, for instance, the element layer, which has smart devices remain susceptible to unauthorized access, spoofing and eavesdropping attacks (Farooq et al, 2015).

Therefore, the security requirements in IoTSMS ranges widely from authentication to Denial-of-Service attacks. Since the devices that are found In IoT infrastructure have a direct impact on the users, security must remain a top priority and a new system with a well-developed infrastructure must be conceptualized which can limit the threats related to availability, scalability and the security of IoT (Roman, R. Najera, P. Lopez, J. Future of IoT Security Projections by Gartner (2017) are that there would be more than 20 billion connected IoT devices by the year 2020. However, there is a possibility that this number could be rising because of the development of new IoT technologies which will lead to the development of new appliances. Therefore the methodology, as well as the methods of research utilized in this paper, will be reviewed.

Also, data sources and the collection techniques, the scope, and the theoretical description is encompassed in this chapter. Since we cannot present the results in just numerical values, we utilized a qualitative strategy. A case study is used so as the researcher is given a clear understanding of the context of the topic and the processes being enacted (Saunders et al, 2009). Several wireless technologies that encompass the IoT security have been used as selected cases for this thesis. This phenomenon has been known for its appropriateness and suitability in the development of IS prototype and artifacts and establishes a framework on which it is used in performing the identified tasks (Vaishnavi & Kuechler 2007). Takeda et al (1990) described a model known as the General Design Cycle (GDC) remains in the center of DSR and can be used in the development of the structure process.

This model which is cyclic encompasses five steps. The research or the design under this process commences with the identification of the problem. In this first step, the problem awareness is done whether intentionally or not. The next step will of the GDC process is the evaluation step. Already, the developed prototype usually already has evaluation criteria with it. The aim of the evaluation is to assess the prototype’s performance together with its capabilities in terms of problem-solving. Now the three later stages, that is, the suggestion stage, development stage and finally the evaluation phase is normally repeated several times with the results gained from each development and evaluation phase being used as inputs for the next cycle to further improve the prototype.

The end of the DSR process encompasses the conclusion phase. This pattern has been known to be suitable to the new researchers venturing in a new field since it presents the researcher with an unbiased perspective of the field being investigated however the researcher must have knowledge on related research areas as well as the adjacent technologies from related fields. The second and third steps, the suggestion and development phases correspond to the theory development and the problem space patterns also presented by Vaishnavi & Kuechler 2007. When a researcher needs to draw theory for his work, then the theory development pattern is suitable. As this thesis paper intends to come up with an IoT security architecture based on the already existing frameworks to provide an in-depth understanding of various layers and components, this pattern can drive towards the development of such theory.

The IoT reference model used in this thesis has been divided into four parts, the application layer, the network layer, and service and element layers as presented in the diagram below. The axioms contexts that the researcher must stick to when using this approach include the independence axiom which covers the area of functionalities in design and states that the requirements needed for different functions must not interfere with other functional requirements belonging to other parameters. In a particular design, the different design parameters can be categorized to either being coupled, uncoupled or decoupled design. However, the uncoupled design has been described by Park (2007) as the best design. Design parameters, as well as the functional requirements in different parameters, can be displayed by mapping it out in the design matrix proposed by Suh (2000).

In his study, Suh further describes how to design software infrastructures utilizing axiomatic design. Repetition of steps one to three is repeated until each design parameter and its respective functional requirement has been assigned and the implementation of both can be done without a further breakdown of the functional requirements (Park, 2007). The approach above makes sure that the design that will be set up will be highly standardized, flexible, interchangeable and compatible. Considering that this thesis is aimed at building a holistic architecture or framework, it is imperative that the desirable architecture is highly flexible, standardized and compatible. By answering the research questions, the objective is to give a comprehensive and detailed description of all the components making up the architecture.

The utilization of the axiom based design approach in the development phase of the GDC process, the components of the IoT security system will hence be considered summarized rather than components that can be further epitomized. Identity Management system provides various security services such as authorization, authentication to users of the system. The three constructs identified above is at the center of the IDM. It is important to know that users/ identities are not limited to being real-life persons alone but can include companies or enterprises. Also, there is an aspect of a shared entity where we have more than one individual or people in a company acting as one entity or sharing the same identifier. Entities are identified with identifiers which can be issued by authorities such as usernames and social security numbers (SSN).

The literature research was aimed at studying the articles that encompassed IoT architectures, the related security concerns, various components of security systems and services. Sampling In this thesis paper, a theoretical sampling design has been applied and utilized. This implies that at first, the initial data collected were consequently analyzed in order to form the initial concepts to be used in the analysis of data. Thereafter, the new data collected were used to refine the already established concepts. This aids in interrelating between data collection and analysis instead of treating them as different entities. This study paper utilized a qualitative approach and although it seemed like an appropriate way of getting a deep understanding, the data gotten may have not been sufficient therefore a quantitative design should have supplemented the qualitative design.

Also because of IoT overlap with other automation, it is also possible that some cases have not been taken into account. Finally, since this research utilized a theoretical approach of collecting and analyzing data, the analyzed data might not be a factual representation providing full statements in the field of IoT. References Bryman, A. Of methods and methodology. A critical analysis of the security concerns of the internet of things (IoT).  International Journal of Computer Applications, 111(7). Federal Trade Commission. Internet of Things: Privacy & security in a connected world.  Washington, DC: Federal Trade Commission. February). IoT based smart home design using power and security management. In Innovation and Challenges in Cyber Security (ICICCS-INBUSH), 2016 International Conference on (pp. IEEE. Gregor, S. Vaishnavi, V.

Kuechler Sr, W. L. May). Design [science] research in IS a work in progress. Saunders, M. Lewis, P. Thornhill, A.  Research methods for business students. Pearson education.  AI Magazine, 11(4), 37. Vermesan, O. Friess, P. Eds.  Internet of things: converging technologies for smart environments and integrated ecosystems.