Secure IoT Software Application Development Model for Security Requirement Elicitation
Asma Asdayana Ibrahim1* and Massila Kamalrudin2
1Sultan Azlan Shah Polytechnic, Behrang Stesyen, Perak, Malaysia
2Innovative Software System and Service Group, Universiti Teknikal Malaysia Melaka, Malaysia
*Corresponding Author: Asma Asdayana Ibrahim, Sultan Azlan Shah Polytechnic, Behrang Stesyen, Perak, Malaysia.
Received:
September 28, 2022; Published: November 29, 2022
Abstract
The term Internet of Things (IoT) generally refers to situation where network connectivity and computing capability are extended to objects, sensors and common household items that are not typically thoughts as computers, allowing these devices to generate exchange and consume data with few human intervention. We are currently living in the Internet of Things era, in which digitally connected devices are infiltrating every aspect of our lives, including tools, workplaces, transportation, and others. Connecting such a large number of devices will be one of the most difficult challenges of the future of IoT, challenging the very structure of current communication networks and underlying technologies. Currently, it is necessary to rely on the centralized, server/client paradigm to authenticate, authorize, and connect various nodes in a system. Providing requirement for the security for this giant technology is also really challenging, mainly because there is not boundary or limitation on the way that it can go. Therefore, considering eliciting security requirements from early development of IoT application is crucial. To do this, determination of the most important security requirements and IoT technologies need to be done to define correct requirements is produced. In this paper, we discussed our findings of study conducted to analyses the relationship dan correlation between security requirements and IoT technologies for developing secure IoT applications based on perspectives of the users. This study was carried out 101 of respondents from IoT industries in Malaysia. The results indicated most of them were a significant relationship between security requirements and IoT technologies with IoT application. Then, a Secure IoT Application Development (SecIoTA) model is proposed.
Keywords: Internet of Things (IoT); IoT Applications; Security Requirement; IoT Technologies; Reliability Test; Correlation Analysis; IoT Model
References
- E A Fischer. “The Internet of Things: Frequently Asked Questions”. Congressional Research Service (2015).
- K Rose., et al. “The Internet of Things : An Overview”. (2015).
- , et al. “Internet of Things Strategic Research Roadmap”. in Internet of Things: Global Technological and Societal Trends (2011): 9-52.
- S Jaiswal and D Gupta. “Security Requirements for Internet of Things (IoT)”. Proc. Int. Conf. Commun. Networks, Adv. Intell. Syst. Comput. (2017): 419-427.
- AA Ibrahim and M Kamalrudin. “Security Requirements and Technologies for The Internet of Things (IoT) Applications: A Systematic Literature Review”. Journal of Theoretical and Applied Information Technology 17 (2018): 5694-5716.
- M Kamalrudin., et al. “A Security Requirements Library for the Development of Internet of Things (IoT) Applications”. in Requirements Engineering for Internet of Things 809 (2018): 87-96.
- D G Firesmith. “Engineering Security Requirements”. Journal of Object Technology 1 (2003): 53-68.
- S R Oh and Y G Kim. “Security Requirements Analysis for the IoT”. 2017 Int. Conf. Platf. Technol. Serv. PlatCon 2017 - Proc., (2017).
- P Salini and S Kanmani. “A Survey on Security Requirements Engineering”. International Journal of Research and Reviews in Computer Science 8 (2011): 1-10.
- D H Kim., et al. “A Study of Developing Security Requirements for Internet of Things ( IoT )”. Advanced Science and Technology Letters 87 (2015): 94-99.
- Z A Hussien., et al. “Secure and Efficient E-health Scheme Based on the Internet of Things”. (2016).
- S M R Islam., et al. “The Internet of Things for Health Care : A Comprehensive Survey”. IEEE Access 3 (2015): 678-708.
- E Borgia. “The Internet of Things Vision: Key Features, Applications and Open Issues”. Computer Communications 54 (2014): 1-31.
- E Steve. “What is Requirements Engineering?”. (2004): 2-18.
- I Sommerville. Software Engineering Ninth Edition, Ninth. Boston, Massachusetts: Person Education, Inc., Addison-Wesley, (2011).
- P Salini and S Kanmani. “Survey and Analysis on Security Requirements Engineering”. Computers and Electrical Engineering 38 (2012): 1785-1797.
- M Trnka., et al. “Survey of Authentication and Authorization for the Internet of Things”. Security and Communication Networks (2018): 17.
- M Saadeh., et al. “Authentication techniques for the internet of things: A survey”. Proc. - 2016 Cybersecurity Cyberforensics Conf. CCC 2016. (2017): 28-34.
- S Patel., et al. “IoT based Smart Hospital for Secure Healthcare System”. International Journal on Recent and Innovation Trends in Computing and Communication 5 (2017): 404-408.
- K Dempsey., et al. “Supplemental Guidance on Ongoing Authorization”. (2014).
- V Suryani., et al. “Trust-based Privacy for Internet of Things”. International Journal of Electrical and Computer Engineering 5 (2016): 2396-2402.
- Z Yan., et al. “A Survey on Trust Management for Internet of Things”. Journal of Network and Computer Applications 42 (2014): 120-134.
- K Dhariwal and A Mehta. “Architecture and Plan of Smart hospital based on Internet of Things (IoT)”. International Research Journal of Engineering and Technology 4 (2017): 1976-1980.
- D Kiritsis. “Closed-loop PLM for Intelligent Products in the Area of The Internet of Things”. Computer-Aided Design (2010): 1-23.
- W Lee., et al. “A Gateway Based Fog Computing Architecture for Wireless Sensors and Actuator Networks”. in 2016 18th International Conference on Advanced Communication Technology (ICACT), (2016): 210-213.
- M Souppaya and K Scarfone. “Guidelines for Managing the Security of Mobile Devices in the Enterprise”. NIST Spec. Publ. 800-124, Revis. 1 (2015): 1-30.
- S Quirolgico., et al. “NIST Special Publication 800-163: Vetting the Security of Mobile Applications”. NIST Spec. 800-163 (2015): 800-163.
- E de O e Silva., et al. “Authentication and the Internet of Things: A Survey Based on a Systematic Mapping”. ICSEA 2017 twelfth Int. Conf. Softw. Eng. Adv. (2017): 34-40.
- T Karygiannis., et al. “Guidelines for Securing Radio Frequency Identification (RFID) Systems Recommendations of the National Institute of Standards and Technology”. NIST Spec. Publ. 800-98, (2007).
- T Karygiannis., et al. “NIST Special Publication 800-98: Guidelines for Securing Radio Frequency Identification (RFID) Systems”. NIST Spec. Publ. 800-98, (2007).
- Homeland Security. “A Guide to Securing Networks for Wi-Fi (IEEE 802.11 Family)”. (2017).
- K Scarfone., et al. “Guide to Bluetooth Security”. NIST Spec. Publ. 800-121 Revis. 2 (2017): 63.
- J Gubbi., et al. “Internet of Things (IoT): A Vision, Architectural Elements, and Future Directions”. Future Generation Computer Systems 1 (2013): 1-19.
- I Bouij-pasquier., et al. “SmartOrBAC Security and Privacy in The Internet of Things”. 2015.
- S Ravidas., et al. “Access Control in Internet of Things: A survey”. Journal of Network and Computer Applications 144 (2019): 79-101.
- N Gershenfeld., et al. “The Internet of Things: Converging Technologies for Smart Environment and Integrated Ecosystems” 291.4 (2004).
- V Scuotto., et al. “Internet of Things: Applications and Challenges in Smart Cities: A Case Study of IBM Smart City Projects”. Business Process Management Journal 2 (2016): 357-367.
- MM Hossain., et al. “Towards an Analysis of Security Issues, Challenges, and Open Problems in the Internet of Things”. Proc. - 2015 IEEE World Congr. Serv. Serv. (2015): 21-28.
- R Roman., et al. “Securing The Internet of Things”. IEEE Computer Society, Spain (2011): 51-58.
- K Kishore and S Sharma. “Evolution of Wireless Sensor Networks as the framework of Internet of Things- A Review”. 5.12 (2016): 49-52.
- M Bilal and S G Kang. “An authentication protocol for future sensor networks”. Sensors (Switzerland)5 (2017): 1-29.
- X Jia., et al. “RFID technology and its applications in Internet of Things (IoT)”. 2012 2nd Conf. Consum. Electron. Commun. Networks, CECNet 2012 - Proc. (2012): 1282-1285.
- R Aggarwal and M Lal Das. “RFID Security in the Context of ‘Internet of Things”. in Proceedings of the First International Conference on Security of Internet of Things (SecurIT’ 12 ) (2012): 51-56.
- S Raza., et al. “Bluetooth smart: An Enabling Technology for the Internet of Things”. 2015 IEEE 11th Int. Conf. Wirel. Mob. Comput. Netw. Commun. WiMob (2015): 155-162.
- Q Zhu., et al. “IOT gateway: Bridging wireless sensor networks into Internet of Things”. Proc. - IEEE/IFIP Int. Conf. Embed. Ubiquitous Comput. EUC (2010): 347-352.
- Journal of Physical Mathematics1 (2016).
Citation
Copyright