A Review of Security Standards and Frameworks for IoT-Based Smart EnvironmentsShow others and affiliations
2021 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 9, p. 121975-121995Article, review/survey (Refereed) Published
Abstract [en]
Assessing the security of IoT-based smart environments such as smart homes and smart citiesis becoming fundamentally essential to implementing the correct control measures and effectively reducingsecurity threats and risks brought about by deploying IoT-based smart technologies. The problem, however,is in finding security standards and assessment frameworks that best meets the security requirements as wellas comprehensively assesses and exposes the security posture of IoT-based smart environments. To explorethis gap, this paper presents a review of existing security standards and assessment frameworks which alsoincludes several NIST special publications on security techniques highlighting their primary areas of focusto uncover those that can potentially address some of the security needs of IoT-based smart environments.Cumulatively a total of 80 ISO/IEC security standards, 32 ETSI standards and 37 different conventionalsecurity assessment frameworks which included 7 NIST special publications on security techniques werereviewed. To present an all-inclusive and up-to-date state-of-the-art research, the review process consideredboth published security standards and assessment frameworks as well as those under development. Thefindings show that most of the conventional security standards and assessment frameworks do not directlyaddress the security needs of IoT-based smart environments but have the potential to be adapted intoIoT-based smart environments. With this insight into the state-of-the-art research on security standards andassessment frameworks, this study helps advance the IoT field by opening new research directions as wellas opportunities for developing new security standards and assessment frameworks that will address futureIoT-based smart environments security concerns. This paper also discusses open problems and challengesrelated to IoT-based smart environments security issues. As a new contribution, a taxonomy of challengesfor IoT-based smart environment security concerns drawn from the extensive literature examined during thisstudy is proposed in this paper which also maps the identified challenges to potential proposed solutions.
Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2021. Vol. 9, p. 121975-121995
Keywords [en]
Control measures, IoT-based smart environments, risks, security assessment frameworks, security standards, taxonomy, threats.
National Category
Computer Sciences Information Systems
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:bth-22139DOI: 10.1109/ACCESS.2021.3109886ISI: 000694691200001Scopus ID: 2-s2.0-85114742040OAI: oai:DiVA.org:bth-22139DiVA, id: diva2:1594973
Note
open access
2021-09-162021-09-162021-09-24Bibliographically approved