See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/335993526

A Security Model for IoT based Systems

Article · December 2017

CITATIONS READS
0 905

4 authors, including:

Zanab Safdar Shahid Farid

University of Sahiwal, Pakistan, Multan Bahauddin Zakariya University
9 PUBLICATIONS 64 CITATIONS 15 PUBLICATIONS 141 CITATIONS

SEE PROFILE SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Outsourcing View project

STEM and Computational Thinking in K-12 View project

All content following this page was uploaded by Shahid Farid on 24 September 2019.

The user has requested enhancement of the downloaded file.

 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

A Security Model for IoT based Systems

Z. Safdar1, S. Farid2, M. Pasha3, K. Safdar4
1,3
Information Technology Department, Bahauddin Zakariya University, Multan, Pakistan
2
Computer Science Department, Bahauddin Zakariya University, Multan, Pakistan
4
Computer Science Department, Air University, Multan Campus, Pakistan
2
shahidfarid@bzu.edu.pk

Abstract-Internet of things is novelemerging Internet through cloud platform services [x]. Collected data is
based system for the exchange of information to transferred from objects to server for the storage and
provide efficient services regardless of time and place. processing so that data would be available for
IoT technology is playing a vital role in the current visualization. IoT data resort towards cloud for the
environment due to its wide spread applications in outsourced processing, storage that has brought a series
every domain of life like industrial, social, health care of emerging challenging of security and privacy [ii, xi-
and domestic applications. IoT directly affects the xiii ].
security and privacy of all its involved entities as IoT is heterogeneous in nature (as shown in Figure
reported in the literature. Therefore, this study aims to 1) that increases complexity of security and privacy
propose a Security Enabled Model to provide secure mechanisms so enhanced security protocols and crypto
end to end communication in IoT environment. system are required [xiv] in order to ensure the secure
Intensive literature review has been conducted to
interaction between the objects. Therefore, security is
identify and investigate various security and privacy
one of the key challenges that must be inhibited in order
challenges encountered by the IoT environment.
to drive IoT in real world. Moreover, security
Proposed model ensures security at each layer of IoT.
incidences that are resulted from bugs are software
These layers includes I) perception layer which
vulnerability that can cause huge damage to the whole
provides authentication process for the identification of
networks. Vulnerability leads to a lot of more backdoor
fake objects ii) network layer that emphasis on data
issues and let hackers attack on the network. Security
security process through cloud platform and iii)
challenges of IoT technology include object
application layer which provides authentication for the
identification for fake objects, authentication, trust
end users. Results show that small sensing devices need
management, data confidentiality, network security
to be highly focused in order to make them more secure
and lightweight encryption techniques need to be and access control [i, ii, vi, xi, xv-xxxi]. The first
developed. Furthermore, sensing devices are required malware issue in IoT was reported in 2013 [xxx] which
to be more secure and protected from unauthorized highlighted the need to create a secure environment for
access. small IoT objects to protect them from malicious
attacks. Traditional symmetric and asymmetric
Keywords-: IoT, Object Identification, Authentication, encryption key distribution schemes cannot be applied
Security Enabled Model to billions of IoT devices. Hence, a novel reliable and
scalable key management scheme is required that leads
I. INTRODUCTION to seamless interoperability between different
networks and is vital for IoT system integration of big-
Internet of Things (IoT) include Smart devices, data in cloud environment [xxiv, xxxii-xxxiv].
sensor networks and wearable devices with the purpose Therefore, this study focused on the identification and
of exchanging information and services whereas sensor analysis of security challenges encountered by each
networks are the key for creating smart environments layer of IoT architecture. Furthermore, this study
[i-v]. IoT systems are growing rapidly due to the rapid contributes to fashion by proposing a novel model in
increment of wireless networks and enhanced range of order to cope with the end to end security challenges
sensing devices. IoT technology deals with millions confronted by the IoT technologies through
and billions of sensing objects, machines and virtual identification of each object.
entities that interact with each other. IoT technology is This study is alienated as section 2 provides
rapidly gaining attention by the practitioners and it is literature review of current security and privacy work
expected to have more than 100 billion interconnected in IoT, section 3 discusses identified challenges and
Section 4 delineates the proposed model. Whereas
IoT devices by 2020 [vi-ix]. In IoT data is collected
Section 5 elaborates future work and Section 6
from sensing objects that contain bulk data of
concludes the paper.
structured or un-structured format that is managed

74
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

Internet
of Things

Fig. 1. Fundamental elements of IoT

II. LITERATURE REVIEW improve the performance as well as increase cost of

network maintenance. Fog computing is a new
The term IoT was coined by Kevin Ashton [ii, xii, emerging trend which aims to reduce persuading
xxxv-xxxvii] in late nineties. According to another service through moving the cloud services towards
definition [v] IoT is“A world where physical objects are edge of the network. In recent years fog computing
seamlessly integrated into the information network, vision and key qualities have been outlined by many
and where the physical objects can become active researchers. Fog computing is a stage to convey a rich
participants in business processes. Services are portfolio of new applications and services at the edge of
available to interact with these 'smart objects' over the the system [xlii, xliii]. Generally, IoT structure is
Internet, query their state and any information separated in three type of layers that include
associated with them, taking into account security and Application, Network or Transmission and Perception
privacy issues”. To Extend IoT include various layer [xxxi]. Perception Layer intends to acquire,
technologies and sensors by which it facilitates collect, process and store data from different wired or
exchange of things, such as goods, information and wireless objects [xli]. Data is collected from physical
services between machines and human beings in more world that include different sensing devices, networks,
reliable and secure way. IoT sensor objects have simple RFID tags, wearable devices etc. Moreover, these
structure, processors and high heterogeneity. IoT devices monitor state of the physical environment and
system collects real time data from Radio Frequency
store it continuously [xii]. Perception layer is the initial
Identification Devices (RFID), public security, Laser
source of IoT system that includes different
Printer and Scanners, Global positioning Systems
technologies for the collection of data including short
(GPS), logistics, intelligent building, healthcare
range radio technologies, device identity, signal
including sensors such as body sensors, infrared
detection, and connection with devices. The collected
sensors, Smart Meter, environmental monitoring and
data is transferred through the network/transmission
other embedded sensing devices etc. [ii, viii, xv, xvii, layer using Bluetooth, 2G, 3G and other technologies.
xxvii, xxxi, xxxviii-xl]. Then collected data is Data is transferred from one place to another based on
processed for identification, control of objects and traditional communication networks for the integration
management. IoT technology must have three
of perception and communication networks [xli].
characteristics that include reliable transmission of
Network/transmission layer transfer data to the
data over the network, intelligently processing the data
application layer that intends to process data and
before storing in data centers and comprehensive
management of services [xli]. Application layer
perception of store data from everywhere [xxxi].The
provide various services to all kinds of its users.
cost of sensor objects effect all the working, if cost is
Requirement of privacy and security in IoT
too low it reduce the performance of overall network
technology is most important concern for its
and make it less secure. High cost sensor objects

75
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

stakeholders. IoT structure must support its difficult and requires different technologies to meet
characteristics for protecting data from unauthorized security and privacy goals. The challenges that IoT
access. Each layer of IoT structure face challenges for structure is facing at each layer have been identified
providing security and privacy. These issues of IoT are and depicted in Fig. 2. Identified issues/challenges
directly related to its wide spread systems and must be resolved for providing a secure and protected
applications. Fulfillment of these requirements is quite IoT system.

Identity Data Access

Physical Wifi LAN Internet Monitoring Logistics Platform
verification Protection control
Security Security Security Security Security Security Security
Security Security Security

Sensor nodes
CCTV
Application Laptop
and
Protocols
Data collection
protocols Internet
Bus Communication E-healthcare
(GPS, Zigbee,
RFID, Blutooth Network(2G,3G,
etc ) PSTN, Wifi)
IOT Gateway
Oven

Virtual Server

GPS

WSN(n)

HDTV Management

Perception Layer Network Layer Application Layer

Fig. 2. IoT Architecture concerning Security and privacy

Many researches have proposed Architecture of this Elliptic curve cryptography (ECC) algorithm has also
masive foundation of fog computing and storage and it been used to encrypt data by using digital signature and
also manage administration of the Fog objects. It is key transport in the network. Diffie Hellman (DH) and
predicted that in coming years Internet of Everything Secure Hash Algorithm (SHA-1/SHA-256) are used to
(IoE) gadgets will be furnished. IoE will have wireless maintain the integrity in the network. The importance
network interface cards for each heterogeneous device of security and privacy related requirements have been
that include remote system interface cards through addressed [xxix, xliv] for enterprises which have
which energy efficient transport protocols will be adopted IoT technologies. Furthermore, technologies
designed [xliii]. for enhancing privacy, legal courses of action and state
law scenarios have also been discussed. An other effort
TABLE I
COMPARISON OF IoT SECURITY ALGORITHMS has been made [xxiii] in furnishing diverse levels of IoT
security. Whereas a model for the perception layer have
Algorithm Function Reference been placed forward for attacks. Later on [xxxi] a
AES Confidentiality [i, ii] description was provided about IoT security
ECC Digital signatures [i] architectures with their features and state problems
related to diverse layers of IoT. Moreover, eachIoT
RSA Digital signatures [i]
layers' security measures have been discussed to
DH Key agreement [i] provide better mechanism for security. Afterward each
SHA Integrality [i] IoT layer security problems with solution have been
So far there is a notable and generally trusted suite outlined [xx]while security architecture was proposed
of cryptographic algorithm connected to web security and various security issues of IoT at various platforms
conventions as shown in Table I. Advance Encyption were addressed [xxx]. A concise description of major
Standard (AES) has been used to maintain the challenges was proposed for full expansion of IoT
confidentiality. Rivestshamiradelman (RSA) and devices and access control mechanisms for distributed

76
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

devices werealso proposed for capable distributed Another challenge was to avoid user's privacy misuse
devices [vi]. Subsequently, [xv] literature highlighted [xxvi, xliv]. According to the review, Smart phones
diverse aspects of IoT including existing security issues were sensor based devices that contain GPS, embedded
and open research challenges were included. Later on, sensors, proximity sensor, and gyroscope that are prone
[xiv] research provides an impetus for designing and to security flaws. These devises lack data security and
developing security techniques for IoT Computer- privacy in many cases [xvi, xli]. The critical areas of
Aided Design through highlighting different physical IoT include providing users personal data security, its
IoT devices challenges and opportunities. Additionally, availability, and query privacy, providing security at
privacy and trust relationship have been analyzed the vast collection of data and then protecting against
[xviii] while a formal model was proposed to link legitimates is the critical challenge of IoT. Since IoT
privacy with trust and it maps their relationship to formed by the smart objects with autonomous facility
maintain privacy relation in IoT systems. A confined in real time and spread the services all over the world, it
solution to the security challenges of IoT had been required suitable solutions for ensuring the security
proposed [xxvii] which focuses industries only. On the goals of confidentiality, integrity and availability [xiv].
other hand, [xxvi] researchers proposed a trust To ensure the availability to right people, strong access
management system considering the unsolved IoT control and authentication systems with footprint
security challenges. An efficient and scalable supported by smart devices was highly required.
encryption protocol and protection techniques for B. Privacy
heterogeneous devices was also proposed [xvi]. Privacy includes personal information about
Whereas social aspect of implication of IoT in society identifiable participants. In IoT, increasing amount of
was addressed including confidentiality and participants, data, and communicating devices led to
authentication etc. [xxii]. However, issues associated the need of privacy preservation mechanisms.
with secure packet forwarding includes privacy Providing privacy of data were critical topics in sensing
protection, authentication, cloud-based IoT cell phone devices [x, xiv, xxvi, xlvii]. Technical approaches were
technologies, their architectures and their requirement required for the protection of participants' data. Next, in
for security and privacy were also identified [xi]. IoT main challenge was to provide application data
Various challenges and solution of security, privacy, protection, identity and access management, firewall,
trust and robustness in location based devices have also data encryption, privacy enhancing interaction, Radio
been tackled [xvii] further it emphasized a wide range Frequency Identifiers (RFIDs), Global Positioning
System (GPS) and Near Field Communicators (NFC)
of policy regulations, privacy features in localization
which contain important characteristics associated
base devices for providing more secure and robust
services. with participants location[xxi, xxvi, xlviii-l].
Current literatures have only discussed the Sometimes participants want to hide their personal
security and privacy challenges being faced by the information regarding location etc., but In IoT
diverse layers of IoT environment. Different security environment it becomes difficult to hide location on
and privacy challenges of IoT system have only been participants demand. So, as per the researcher, a
discussed. Moreover, the existing models are confined trustable system was one that has analyzed all the risks
to highlight the challenges without providing any and whose security and privacy issues had been settled
mechanism to solve them. To the best of review and [xxvi, li]. Trust look upon to the users 'faith',
knowledge, there is no such security model that cover 'expectation', 'anticipation', 'confidence' and belief on
each layer's challenges [xxiii]. Therefore, the model the consistency and reliability of all the services
proposed in this study ensures security at the diverse provided by service providers. A trustable system must
layers of IoT that has never been done before. insure its users that their data would be with authorized
service provider [xviii, lii].New Privacy Enhancing
A. Security technologies (PET) had been developed for achieving
Current research in IoT does not properly these goals such as Virtual Private Networks (VPN)
investigate security and privacy requirements for that is established by groups business partners,
maintaining users trust. The main focus was to outline Transport Layer Security (TLS) TLS connection was
the challenges encountered by research community but required for providing confidentiality and integrity,
no significant mechanism was devised to deal with DNS Security Extensions (DNSSEC) use shared public
problem [xx, xxvi, xlv, xlvi]. Existing IoT environment and private keys for providing integrity and
devices have no prior knowledge about one another so authentication, onion routing encrypts data in multiple
it is a big challenge to identify fake objects. Hackers layers and wrapped it with covers of encrypted data and
and intruders have bad intensions for accessing devices Private Information Retrieval (PIR).But providing
data and changing information and software in IoT that security to all objects had become difficult in IoT
can affect operational behavior of connected devices. environment [xxix, liii].

77
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

Hence, a novel reliable and scalable security identify objects uniquely [xxviii, xxx].A proper object
model is required to authenticate each and every object identification method is required to identify objects as
that become a part of IoT environment that leads to well as reflecting all the important properties of the
seamless interoperability between different networks. object. For these interconnecting objects identification
Therefore, this study focused on the identification and of fake objects is most important. Many IoT devices
analysis of security challenges encountered by each don't have suitable user interfaces for communication
layer of IoT architecture. Furthermore, this study to connect with each other [xxvii]. Therefore, a new
contributes in such a manner that proposes a Security device is needed with appropriate user interfaces for
Enabled Model in order to deal with the security providing suitable communication between entities.
challenges confronted by the IoT system through
identification of each object. Proposed model includes B. Authentication and Authorization
security at each layer. How to achieve authentication and authorization
of objects? For unique identification of objects
III. IDENTIFIED SECURITY AND PRIVACY authentication and authorization can be achieved
CHALLENGES through ID passwords, cryptography and database
based access control [xxx, xxxi, lvi, lvii].
Currently billions of people daily use internet but Authentication can be achieved by cryptography
there are only few people who have knowledge of its algorithm. To provide secure communication between
working. Internet of things (IoT) connects various objects the interconnected devices need to verify
heterogeneous devices through internet that capacitate themselves through trustable services. Many open
IoT devices with new capabilities. The amount of these research issues have been discussed for IoT objects'
heterogeneous devices is increasing every day that lead secure identification but a deeper research and analysis
towards less reliability, adaptability, security and trust is necessity of the time. To uniquely identify all the
[xi, xxii, liii].Traditionally, the security mechanisms “things” in IoTa more secure identity management is
can't be devised to IoT technologies, because of its required.
diverse communication standards and protocols. So C. Privacy
these devices may not be protected under these Due to the heterogeneity nature of the
mechanisms. These devices can be attacked and interconnected devices it has become difficult to
analyzed to reveal personal information. Security and
privacy of users data needs to be ensured to stop access accomplish user's privacy requirements [xxi, xxxi,
of illegitimate users along with access control, xlviii, xlix]. Privacy is absolute human right which
integrity, validation and verification mechanisms. includes the control over personal information as well
Security challenges include object identification, as what can be done with this information. It depends
authentication, authorization, privacy, security on the stakeholder to whom they want to share their
protocols, software vulnerability, privacy, malware in personal information or not want to share at all. In IoT
IoT etc. To provide most secure and reliable networks at privacy is one of the most dominant challenges [xv].
a low cost there are many more challenges to overcome. Privacy Enhancing Technologies (PET) including VPN
Mostly security and privacy challenges are categorized that provide better data integrity and confidentiality are
on the basis of their need, to overcome as quickly as new technologies for IoT devices [xxii, xxviii, xxx].
possible. The most important challenges are as follows: The privacy requirements for cloud coverage with IoT
devices should also be considered. Input privacy: The
A. Object Identification input that users put should be kept private from
Objects are the building blocks of IoT that need to everyone even from authorized receivers. The user data
be identified physically or in the network [liv-lvi]. should be protected from the adversaries and attackers
Sensor networks cover a huge area so adversaries can [xi]. Output privacy: The authorized receivers should
monitor the transmission between objects and gain be the only one that deciphered computation output and
access to the overall network. Without data integrity the it should only give access to its authorized user.
overall naming structure of objects is insecure [xxx]. Function privacy: The underlying functions should be
DNS cache positioning attacks can harm the overall private and protected from attacker and unauthorized
working of the network. Object identification is users. Location Privacy: Location privacy is the most
important so each object can be uniquely identified. critical as if it is disclosed it will disclose all the
Fake objects should be identified as soon as possible as information of the user including user's personal living
each object signifies potential spot of attack. The habits [xi, xvii, xviii]. The Pseudonyms technique is
network must be protected from physical or logical adopted here to hide user's location. However the
attacks on devices and their data. Identity location is not directly protected. The adversary can
Management: The complex relation between physically search most visited places of the user and
interconnecting things possess security challenge to can get access to information [xvii].

78
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

D. Network Security backward security in the network. The heterogeneous

Network security of interconnected things split nature of IoT make it necessary to provide security and
into object confidentiality, object authenticity, object privacy for social formulated groups of users [xi]. It is
integrity, and object availability [xxviii, l, lviii]. Object necessary to provide backward and forward security for
confidentiality must be provided as it prevents sensitive these users. The newly joined users must not have
information leakage on internet. Providing security to access to the mails before they join the network. Same
each layer increases complexity. Therefore, new goes for the users who left the network must not have
Privacy Enhancing technologies (PET) have been access to the mails.
developed for achieving these goals such as Virtual
Private Networks (VPN), IPSec and Transport Layer I. Lightweight Devices
Security (TLS). TLS connection is required for Lightweight devices are another challenge as
providing confidentiality and integrity. Authenticity sensing objects are very small and contain lightweight
provides proof of validity that claimed entity is the one processors that decrease the performance of network.
that it claims to be. It provides secure connection with Lightweight symmetric and asymmetric key
an authenticated entity. Integrity ensures that no data is management systems need to provide trustable services
lost or modified. to the user [xv, lix]. Lightweight encryption and
decryption algorithms should be used to provide
E. Identity Privacy security authentication [vi]. Designing lightweight
The fact of being the real user or claimed users security algorithms, protocols and their
refer to the identity privacy that should be well implementation is the key to tackle uncontrolled
protected from public/attackers [xvii, xviii]. surrounding conditions of IoT network.
Sometimes, in emergency cases when some dispute
occurs the privacy of information can also effect the J. Object Compromise
scenario [xi]. Pseudonyms technique has been adopted Object compromise attack occur when some
to overcome this problem. The periodic updating of adversary attack the sensing device and extracts all the
pseudonyms leads towards unbearable computational necessary and private information of the user as well as
cost for IoT. secret key [xi, xxxiv]. By gaining all the information
they can reprogram or replace sensing IoT devices with
F. Trust malicious one that are under control of adversary. The
Trust is another crucial requirement of IoT due to adversary can select any object to attack and can
its distributed nature. Maintaining trust in IoT is very damage the whole network.
important for its users. IoT must ensure sensing
device's trust, entity trust, and data trust [xviii, xxx, IV. PROPOSED MODEL
xxxi]. Maintaining trust in the system for secure
interaction between objects is important. IoT structure Numerous sensors contribute from various
is facing challenges for providing trustable system to its hardware platforms for the exchange of information.
users. IoT system must have decentralized models, IoT sensors engage people and communities in
implementation of new trust mechanisms and new collecting data but managing data security and privacy
applications maintaining trust for its users [xv]. with traditional techniques is a hard job. Current IoT
Reputation management mechanisms will help to devices are protected using traditional techniques that
maintain the trust of objects in the network. are prone to error. Many industries are using small
sensing devices that are vulnerable to security theft and
G. Removing or Adding Layers misuse of private data. Large scale implementation of
To maximize rewarded credits sometimes social sensing systems increases new challenges of privacy
groups of IoT users remove the layers connecting them and security. Upon intensive review, it has been found
for forwarding this help them to reduce transmitters that there is lack of any such model which can provide
that are sharing the reward is called removing layer [xi]. finest security system for small sensing devices of IoT.
To increase credits sometimes IoT users maliciously In this section, a model has been proposed (as shown in
bypass the path of forwarding packets between them by Fig. 3) namely Security Enabled Model (SEM) to
increasing total obtainable utility and it is called adding overcome security and privacy challenges in IoT
layer [xi]. These attacks are dangerous for networks and systems. Our proposed model detailed how small
can lead towards huge loss of the private information. sensing devices can improve their applicability in real
We need better way of dealing with these attacks and world scenario and eradicate the limitation of power
provide quick solutions if something bad happen. consumption factor.
To illustrate the performance of the proposed
H. Forward and Backward Security model, it is assumed when the sensing devices generate
Another challenge is to provide forward and data from diverse places then that data has to be

79
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

visualized by end users. Hereafter, many end users comprised of three layers where each layer aims to
request to view reports at the same time from server. provide security and privacy solutions and it also
These objects are concerned about three aspects of illustrates the sensing objects authentication and
data: 1) Security and privacy mechanism 2) quick principles that IoT system should support.
response and 3) data quality. The proposed model is

Application Gateway Application Gateway

Device Authorization
Device Authentication
Confidential Identity
Device identification
ACL
Data Security
Certificate Checking
Firewall
Privacy Enhancing
Sensor nodes Load Balancer Application Interaction
and Certificate Distribution Protocols
Data collection
CCTV Internet
protocols
Communication
(GPS, Zigbee, Network(2G,3G,
Laptop
RFID, Blutooth PSTN, Wifi)IOT Gateway Server
Bus
etc )
Database Reference Monitoring
Data Protection
Big Data Access Management
Secure Channel Processing
Analytics
ACL Management
Oven ACL Processing Certificate Management E-healthcare
Access Management Data Mining
Logistics Security & Privacy
Cleans Management
Querying
GPS
WSN(n)

Management
HDTV
Services
Sensor Access
Devices Perception Layer Network Layer Application Layer

Fig. 3. Proposed Security Enabled Model (SEM) for IoT System

A. Perception Layer them more secure and smart.

Sensing devices collect data that is transmitted by
using protocols e.g. Zigb towards the server system. B. Network Layer
The signals that carry data travel through public places When large number of objects sends data at the
so we need effective protection of data from being same time including fake objects, it can lead towards
monitored and intercepted. Most sensing devices are DoS attack in the network. Network layer security
installed in places where it can be easily accessed and challenges include: reducing compatibility problems
monitored. The attacker can easily gain access to the by providing data integrity and confidentiality,
equipment and can physically harm these devices. protecting privacy of user's, protection against DoS and
Currently, the most important security challenges of Man in The Middle Attacks etc. [xxxi]. Existing
perception layer includes securing objects from being internet security architecture is appropriate for the
captured by unauthorized user, being secure from fake humans but IoT environment includes machines and
objects, protection from Denial of Service (DoS) humans so a new way of securing these devices is
attacks, protection from routing threats, timing and highly required. A new way of identifying objects is
replay attack [xli]. We propose an authentication necessary as current IP technology cannot be applied on
process through which sensing devices must be IoT. IoT system is facing challenges in the transmission
identified to make part of the network. Authentication of data that can be retrieved later. The data can be
process includes application Gateway for the checking attacked during its transmission and at the time of
of data sending sensors. Identification of fake object retrieval. In this model, network layer transfers data to
will become easy through checking the contents of the cloud servers to process data where data is
sensing devices which they are sending. Firewall transferred by establishing secure channel to follow
provides secure packet filtering that will enhance proposed authentication process through which each
protection of data from internal and external networks. object is identified and their data contents are checked
Load balancer and certificate distribution will enhance within the network. Furthermore, this layer includes
security as each device must have the certificate of cloud gateway that provides data driven Application
being authorize and becoming part of the network. Programming Interface (API) for collecting data from
Through proposed authentication process the small objects and route data to the servers for analysis. Cloud
sensors will be secure from unauthorized access to the gateway safely transmits data from objects to servers
device information. Further, this model will enhance for storage and data analytics that includes Access
the power of small sensing devices in order to make Control List (ACL) management. Server is the

80
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

processing data center that will provide secure analytic its physical environment so significant solution for the
services and server is also responsible for managing security issues are required. The proposed model will
and evaluating reports, visualization, and querying protect physical and logical environment from any kind
data. Server maintains data and manages the ACL of of theft and attacks. The smart devices that have
each object's previous contributions. New analytical embedded sensors will be identified for secure
techniques support querying of data according to user communication. However, new security technologies
requirements. Server maintains the status of each for the identification and data protection will be helpful
object and check the ACL for granting services to the in this regard. Designing new interfaces and security
users. Servers perform data mining techniques for protocols for lightweight sensor devices in IoT network
knowledge discovery and real time analytics [xxxiv]. would be favorable and beneficial. Participants should
Data collected from diverse sources may be structured, also have knowledge and security privileges of the
unstructured or semi structured. We suggest a process system. Future work also includes the deployment of
for authentic access of database so that data may be proposed model in IoT based smart university and new
accessed by authorized administrator and users only. security mechanism for lightweight IoT devices will
For prevention of fraud in databases data mining also be targeted.
techniques are implemented for fraud recognition.
Preprocessing techniques of data are used for fraud VI. CONCLUSION
recognition, validation, error modification and access
control. Logistic regression is performed for managing IoT vision allows humans and machines to be
the concurrency in the database. Managing data connected with anything, anyone, anywhere and
integrity constraints is the main challenge for anytime. IoT devices can be part of any wireless sensor
specifying the uniqueness of data in database and it is networks or wired networks simultaneously. Anyhow
well tackled in this proposed model. main concern of IoT is to create smart spaces like smart
home, smart grid, smart transportation, smart traffic,
C. Application Layer smart cities and smart health for users. IoT concept is
Visualization is requested from end users to view increasing speedily while facing different challenges;
reports of analysis and to get response of their queries. such as assuring availability and reliability, creating
Data is managed from the start their will be no issue business models for interconnection of devices,
regarding processing of data. By using data delivery security and privacy challenges for providing secure
techniques and principles end users can visualize data communication between devices. Intensive literature
that is authentic, secure, protected and according to the review has been conducted to identify and investigate
users standard. Data delivery techniques minimize various security and privacy challenges encountered by
latency, increase throughput of the system and provide the IoT environment. Hence, security architecture has
faster retrieval of the data. The proposed model been designed to elaborate the current security and
provides ACL for managing the access rights of each privacy challenges faced by IoT technology. Different
user. Only those who have certificate including the challenges being faced by IoT layers have been
access list for interaction can gain access to services. identified in the current investigation. Moreover
Different applications have many complex security important security and privacy challenges were
issues e.g giving reports to unauthorized person. In IoT outlined like object identification, authentication,
environment it has become difficult to capture fake authorization, privacy, network security etc.
objects consequently new technologies are required for Identification is the most important challenge as
overcoming these situations. Application Layer verifying fake objects for secure communication. This
Security challenges include authentication and study proposed a Security Enabled Model (SEM) to
restricting data access, dealing with large amount of cope with the outlined challenges and make IoT
data, providing data recovery and identity environment more secure and efficient. SEM ensures
authentication. Sensing devices are sending data security at each layer of IoT moreover perception layer
continuously so it becomes difficult to store massive includes authentication process for the secure
amount of data. Therefore, protection of this massive communication between sensors and Application
amount of data is difficult. By following this process Programming Interfaces (APIs). A part of
each object can have better privacy enhancing authentication process is identification of objects and
interaction and can gain services in a more secure way. managing ACL for access rights, further it will provide
better protection from malicious objects and
V. FUTURE DIRECTION\ manipulation of confidential data. Network layer that
emphasis on data security so that data will be
As security and privacy issues are very serious transferred from authentic objects through secure
concern that should be considered immediately. Since channel, moreover it will become easy for server to
IoT technology deals with vast amount of personal and maintain security. Server also includes security process
private data with the power of insure abilities to control to manage unauthorized access through reference

81
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

monitor. At the end application layer includes [x] M. Aazam, I. Khan, A. A. Alsaffar and E. N.
visualization of data to provide services to its intended Hu,"Cloud of Things: Integrating Internet of
users. To sum up, it was identified that data will be Things and cloud computing and the issues
collected from secure objects which lead towards a i n v o l v e d ". 11 t h I n t e r n a t i o n a l B h u r b a n
secure network communication by using firewall and Conference on Applied Sciences and
load balancer. Transferring data from secure objects Technology (IBCAST), 2014. 2014. IEEE.
towards server that includes secure database for the [xi] J. Zhou, Z. Cao, X. Dong and A. V. Vasilakos,
storage and analytics is another feature of this model. "Security and privacy for cloud-based IoT:
Server manages reference monitors and certifies challenges". IEEE Communications Magazine,
authorities. Eventually, passing from secure server 2017. 55(1): p. 26-33.
towards end users, data will be protected by [xii] D. Bandyopadhyay, and J. Sen, "Internet of
implementing this model. Besides, in order to create things: Applications and challenges in
most secure IoT environment we need more encryption technology and standardization". Wireless
algorithms and their implementation. Only authorized Personal Communications, 2011.58(1):
users can get the desired services through the proposed p. 49-69.
model. [xiii] B. Dorsemaine, J. P. Gaulier, J. P. Wary, N. Khier
and P. Urien,"Internet of Things: a definition &
REFERENCES taxonomy". 9th International Conference on Next
[i] H. Chan and A. Perrig, "Security and Privacy in Generation Mobile Applications, Services and
Sensors Networks". Computers, 36(10): p. 103- Technologies, 2015. 2015. IEEE.
105. 2003. [xiv] T. Xu, J. B. Wendtand M. Potkonjak,"Security of
[ii] J. B. Gubbi, R. Marusic, S. Palaniswami and IoT systems: Design challenges and
Marimuthu, "Internet of Things (IoT): A vision, opportunities". Proceedings of the 2014
architectural elements, and future directions". IEEE/ACM International Conference on
Future generation computer systems, 2013. Computer-Aided Design. 2014. IEEE Press.
29(7): p. 1645-1660. [xv] M. Abomhara, and G. M. Køien, "Security and
[iii] R. Roman, J. Zhou and J. Lopez, "On the privacy in the Internet of Things: Current status
features and challenges of security and privacy and open issues". International Conference on
in distributed internet of things". Computer Privacy and Security in Mobile Systems
Networks, 2013. 57(10): p. 2266-2279. (PRISMS), 2014. 2014. IEEE.
[iv] R. Roman, P. Najera and J. Lopez, "Securing the [xvi] E. Bertino, "Data Security and Privacy in the
internet of things". Computer, 2011. 44(9): IoT". EDBT. 2016.
p. 51-58. [xvii] L. Chen, S. Thombre, K. Jarvinen, E. S. Lohan,
[v] S. Haller, S. Karnouskos and C. Schroth, "The A. A. Savikko, H. Leppakoski, M. Z. H.
internet of things in an enterprise context". Bhuiyan, S. B. Pasha, G. N. Ferrara, S. Honkala,
Future Internet Symposium. 2008. Springer. J. Lindqvist, L. Ruotsalainen, P. Korpisaari and
[vi] A. F. Skarmeta, J. L. H. Ramos and M. V. H. Kuusniemi, "Robustness, Security and
Moreno, "A decentralized approach for security Privacy in Location-Based Services for Future
and privacy challenges in the internet of things". IoT: A Survey". IEEE Access, 2017.
Internet of Things (WF-IoT), 2014 IEEE World [xviii] J. Daubert, A. Wiesmaier and P. Kikiras, "A view
Forum on. 2014. IEEE. on privacy & trust in IoT".IEEE International
[vii] F. Tao, Y. Zuo, L. D. Xu and L. Zhang, "IoT- Conference on Communication Workshop
based intelligent perception and access of (ICCW), 2015. 2015. IEEE.
manufacturing resource toward cloud [xix] J. P. Hubaux, S. Capkun and J. Luo, "The
manufacturing".IEEE Transactions on Industrial security and privacy of smart vehicles". IEEE
Informatics, 2014. 10(2): p. 1547-1557. Security & Privacy, 2004. 2(3): p. 49-55.
[viii] S. D. T. Kelly, N.K. Suryadevara and S. C. [xx] Q. Jing, A. V. Vasilakos, J. Wan, J. Lu and D.
Mukhopadhyay, "Towards the implementation Qiu, "Security of the internet of things:
of IoT for environmental condition monitoring Perspectives and challenges". Wireless
in homes". IEEE Sensors Journal, 2013. 13(10): Networks, 2014. 20(8): p. 2481-2501.
p. 3846-3853. [xxi] P. McDaniel, and S. McLaughlin, "Security and
[ix] K. D. Chang, C. Y. Chang, H. M. Liao, J. L. privacy challenges in the smart grid". IEEE
Chen and H. C. Chao, "A Framework for IoT Security & Privacy, 2009. 7(3).
objects management based on future internet [xxii] S. Nath, and S. Som, "Security and Privacy
IoT-IMS communication platform". Seventh Challenges: Internet of Things". Indian Journal
International Conference on Innovative Mobile of Science and Technology, 2017. 10(3).
and Internet Services in Ubiquitous Computing [xxiii] C. C. Niu, K. C. Zou, Y. L. O. Yang, G. J. Tang
(IMIS), 2013. IEEE. and Y. Zou,"Security and Privacy Issues of the

82
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

Internet of Things". Applied Mechanics and [xxxvi]H. Kopetz, "Internet of things, in Real-time
Materials. 2013. Trans Tech Publ. systems". 2011, Springer. p. 307-323.
[xxiv] H. K. Patil, and R. Seshadri, "Big data security [xxxvii]F. Wortmann and K. Flüchter, "Internet of
and privacy issues in healthcare". Big Data things". Business & Information Systems
(BigData Congress), 2014 IEEE International Engineering, 2015. 57(3): p. 221-224.
Congress on. 2014. IEEE. [xxxviii]L. Atzori, A. Iera, and G. Morabito, "The
[xxv] H. C. Pöhls, V. Angelakis, S. Suppan, K. Fischer, internet of things: A survey".Computer networks,
G. Oikonomou, E. Z. Tragos, R. D. Rodriguez, 2010. 54(15): p. 2787-2805.
and T. Mouroutis,"RERUM: Building a reliable [xxxix]S. H. Yang, "Internet of things".Wireless Sensor
IoT upon privacy-and security-enabled smart Networks". 2014, Springer. p. 247-261.
objects". IEEE. Wireless Communications and [xl] G. M. Lee, N. Crespi, J. K. Choi and M.
N e t w o r k i n g C o n f e r e n c e Wo r k s h o p s Boussard, "Internet of things". Evolution of
(WCNCW), IEEE. 2014. Telecommunication Services. 2013, Springer. p.
[xxvi] K. A. Rafidha Rehiman and D. S.Veni, 257-282.
"Security, Privacy and Trust for Smart Mobile [xli] Q. Zhu, R. Wang, Q. Chen, Y. Liu and W.
devicesin Internet of Things – A Literature Qin,"Iot gateway: Bridging Wireless sensor
Study". International Journal of Advanced networks into internet of things". 2010 IEEE/IFIP
Research in Computer Engineering & 8th International Conference onEmbedded and
Technology (IJARCET)2015. 4. Ubiquitous Computing (EUC), 2010. IEEE.
[xxvii]A. R. Sadeghi, C. Wachsmann, and M. Waidner, [xlii] F. Bonomi, R. Milito, J. Zhu, S. Addepalli"Fog
"Security and privacy challenges in industrial computing and its role in the internet of things".
internet of things". Design Automation Proceedings of the first edition of the MCC
Conference (DAC), 2015 52nd ACM/EDAC/ workshop on Mobile cloud computing. 2012.
IEEE. 2015. IEEE. ACM.
[xxviii]E. Vasilomanolakis, J. Daubert, M. Luthra, V. [xliii] E. Baccarelli, P. G. V. Naranjo, M. Scarpiniti, M.
Gazis, A. Wiesmaier and P. Kikiras,"On the Shojafar and J. H. Abawajy,"Fog of Everything:
Security and Privacy of Internet of Things Energy-efficient Networked Computing
Architectures and Systems". International Architectures, Research Challenges, and a Case
Workshop onSecure Internet of Things (SIoT), Study".IEEE Access, 2017.
2015. IEEE. [xliv] H. Suo, J. Wan, C. Zou and J. Liu"Security in the
[xxix] R. H. Weber, "Internet of Things–New security internet of things: a review". International
and privacy challenges". Computer law & Conference onComputer Science and
security review, 2010. 26(1): p. 23-30. Electronics Engineering (ICCSEE), 2012.
[xxx] Z. K. Zhang, M. C. Y. Cho, C. W. Wang, C. W. IEEE.
Hsu, C. K. Chen and S. Shieh,"IoT security: [xlv] D. Miorandi, S. Sicari, F. D. Pellegrini and I.
ongoing challenges and research opportunities". Chlamtac, "Internet of things: Vision,
IEEE 7th International Conference on Service- applications and research challenges". Ad Hoc
Oriented Computing and Applications (SOCA), Networks, 2012. 10(7): p. 1497-1516.
2014. IEEE. [xlvi] Y. K. Chen, "Challenges and opportunities of
[xxxi] K. Zhao and L. Ge, "A survey on the internet of internet of things". 17th Asia and South Pacific,
things security". International Conference on Design Automation Conference (ASP-DAC),
Computational Intelligence and Security (CIS), 2012 2012. IEEE.
2013 9th. 2013. IEEE. [xlvii] J. Schrammel, C. Hochleitner and M. Tscheligi,
[xxxii]M. Dabbagh, and A. Rayes, "Internet of Things "Privacy, trust and interaction in the internet of
Security and Privacy. Internet of Things From things". International Joint Conference on
Hype to Reality. 2017, Springer. p. 195-223. Ambient Intelligence. 2011. Springer.
[xxxiii]L. Tan, and N. Wang, "Future internet: The [xlviii]A. S. Ukil, S. Bandyopadhyay and A. Pal, "Iot-
internet of things".3rd International Conference privacy: To be private or not to be private". IEEE
onAdvanced Computer Theory and Engineering Conference on Computer Communications
(ICACTE). 2010. IEEE. Workshops (INFOCOM WKSHPS),2014.
[xxxiv]A. Karim, A. Siddiqa, Z. Safdar, M. Razzaq, S. IEEE.
A. Gillani, H. Tahir, S. Kiran, E. Ahmad and M. [xlix] C. Perera, R. Ranjan, L. Wang, S. U. Khan and
Imran, "Big data management in participatory A. Y. Zomaya, "Privacy of big data in the
sensing: Issues, trends and future directions". internet of things era". IEEE IT Special Issue
Future Generation Computer Systems, 2017. Internet of Anything, 2015. 6.
[xxxv]F. Xia, L. T. Yang, L. Wang and A. Vinel, [l] C. M. Medaglia, and A. Serbanati, "An overview
"Internet of things". International Journal of of privacy and security issues in the internet of
Communication Systems, 2012. 25(9): p. 1101. things". The Internet of Things. 2010, Springer.

83
 Technical Journal, University of Engineering and Technology (UET) Taxila, Pakistan Vol. 22 No. 4-2017
ISSN:1813-1786 (Print) 2313-7770 (Online)

p. 389-395. technology and its applications in Internet of

[li] J. H. Ziegeldorf, O. G. Morchon and K. Wehrle, Things (IoT)". 2nd International Conference on
"Privacy in the Internet of Things: threats and Consumer Electronics, Communications and
challenges". Security and Communication Networks (CECNet), 2012. IEEE.
Networks, 2014. 7(12): p. 2728-2742. [lvii] J. Liu, Y. Xiao and C.P. Chen, "Authentication
[lii] F. T. Commission, "Internet of Things: Privacy and access control in the internet of things". 32nd
& security in a connected world". Washington, International Conference on Distributed
DC: Federal Trade Commission, 2015. Computing Systems Workshops (ICDCSW),
[liii] P. Porambage, C. Schmitt, P. Kumar, A. Gurtov, 2012. IEEE.
M. Ylianttila and A. Vasilakos, "The quest for [lviii] L. Atzori, A. Iera, G. Morabito and M. nitti, "The
privacy in the internet of things". IEEE Cloud social internet of things (siot)–when social
Computing, 2016. 3(2): p. 36-45. networks meet the internet of things: Concept,
[liv] D. Uckelmann, M. Harrison and F. Michahelles, architecture and network characterization".
"An architectural approach towards the future Computer networks, 2012. 56(16):
internet of things". Architecting the internet of p. 3594-3608.
things. 2011, Springer. p. 1-24. [lix] J. Y. Lee, W.C. Lin, and Y. H. Huang, "A
[lv] M. Kranz, P. Holleis and A. Schmidt, lightweight authentication protocol for internet
"Embedded interaction: Interacting with the of things". International Symposium on Next-
internet of things". IEEE internet computing, Generation Electronics (ISNE), 2014. 2014.
2010. 14(2): p. 46-53. IEEE.
[lvi] X. Jia, Q. Feng, T. Fan and Q. Lei,"RFID

84

View publication stats