Executive Summary of Developing Security Framework for Internet of Things (IoT) Layers

In this paper there is discussion about security in internet of things. Due to increase in technology we have seen that internet of things is one of the most emerging technology of the twenty first century. The main aim of this technology is the development of user-specific IoT applications and myriad industry-oriented is facilitated by the IoT. Meanwhile, networks and devices offer the connectivity that is physical. In a robust and reliable manner, the device-to-device connectivity and interactions are enabled by the IoT applications. On the devices, IoT application requires to ensure that messages have been grasped and managed according to the time (Bandyopadhyay, Debasis, & Sen, 2011). The main aim of this internet of things is that they will connect all the embedded devices to everyday objects around us and also to make them smart devices or objects. All those smart devices that are attached to the internet of things are unique and also identifiable. Though the use of these devices we can easily communicate with each other (Botta, Donato, Persico, & Pescapé., 2016). The internet of things provides the users a great chance to achieve their main goals by performing the impossible and complex task that is used for the benefit of the humanity. All these devices who providing the internet of thing services have the ability to collect the right amount of data and also able to process that data and transmit the required information to the customers (Miorandi, Sicari, Pellegrini, & Chlamtac, 2012)

These all these tasks are only possible when there is use of integration of existing technologies that includes smart sensor networks, near field communication, radio frequency identification and also the internet itself. Through integration of all these technologies into a system as the internet of things are made up of vast variety of devices that can able to make more powerful and more complex servers for the system. Due to the heterogeneous nature of the internet of things it can be said that some devices are the constrained devices (Derhamy, Eliasson, Delsing, & Priller, 2015). The constrained devices are those devices that contain low throughput but their probability of packet loss is extremely high. The main reason behind these constrained devices is that these devices processed limited capabilities like they processes high power, low memory and their bandwidth is also limited. By putting all these limitations in mind about the constrained devices we have seen that the traditional solutions for the security problems which are designed for the internet will not able to function it perfectly. The reason behind this solution is that these solutions require a considerable quality of resources and also the energy (Al-Fuqaha, Ala, Mohammadi, Aledhari, & Ayyash, 2015)

The main question for the attention is that why the world is interested in internet of things the main reason is that this is one of the most emerging technologies of the world and also this can able to change the mindset of the world towards emerging new technologies. As many other big organization are attracted to this internet of things because this is emerging technology and then after this many security risks has been increased. As we have seen that emerging technologies like IoT is facing a lot of challenges according to the security issues in this technology. All these security issues regarding the internet of things must have to be overcome so that all the organizations can able to use this technology for their regular use (Liang & Chao, 2011)

The main and most important challenge is according to the security of this technology because internet of things collects data from different servers around the globe so because of this the risk issues arise in a great amount because sensitive information has to be delivered to other people and corporations. When the sensitive information has to be transferred from one point to another through the use of internet of things so that many security issues arise for this the organizations have to develop a system that can able to minimize and end the security issues regarding this system (Alam, Chowdhury, & Noll, 2010)

For example, transportation applications monitor and watch over the status of goods that are transported like the meat and fruits etc. For the IoT applications, it is quite important for them to be produced with the intelligence so that the environment can be monitored, and problems are identified etc

Based on the development, methodologies, and products, this section of the article will discuss the role of the cloud computing in the development of IoT. The adoptive enterprises will suffer many problems with the disruptive innovations. Say, an explosion is produced by the machines of IoT; it will not only damage the server technologies, storage management, consumer privacy, security, and even the networking of data center (Uckelmann, Harrison, & Michahelles, 2011)

Problem Definition of Developing Security Framework for Internet of Things (IoT) Layers

The internet of things is a network of physical based objects that can able to communicate with the other devices and can able to interact with the environment.  Based on the development, methodologies, and products, this section of the article will discuss the role of the cloud computing in the development of IoT. The main aim of this network is that this creates ecosystems that contain many applications and services. The adoptive enterprises will suffer many problems with the disruptive innovations. Say, an explosion is produced by the machines of IoT; it will not only damage the server technologies, storage management, consumer privacy, security, and even the networking of data center. The main problem is that as the internet of things is the emerging technology of the modern era so because of this several security risks increase in a great amount so the organization that are using this technology have to overcome so because of this the sensitive data can be saved.

There are some key issues that has been identified are as follows regarding the internet of things like the authentication, authorization, confidentiality, integrity, privacy, self configuration, software authenticity, availability, hardware anti-tempering, trust management and the key management.

Hypothesis of Developing Security Framework for Internet of Things (IoT) Layers

H0: what is the future challenge regarding the internet of things

H1: what kind of research has been done to overcome the security issues regarding internet of things

H2: how to transfer the data through the use of internet of things by minimizing the risks.

Objectives of Developing Security Framework for Internet of Things (IoT) Layers

The main objective of this paper is that to manage the security issues regarding the internet of things. Through the use of internet of things the different users can able to communicate with the other users easily. The security risk issues were discussed in detail.

Significance of Research of Developing Security Framework for Internet of Things (IoT) Layers

The adoptive enterprises will suffer many problems with the disruptive innovations in the technology so that a system is required that can able to overcome all the security issues regarding internet of things.

Literature Review of Developing Security Framework for Internet of Things (IoT) Layers

According to Muhammad Umar Farooq (2015), the IoT has a very secure future and has backup plans made for security threats. However, it is always important to build a precise solution for the unseen attacks which may be poised on the company. The possibility of a company being exposed to a hacker is also present. That is why companies need to make sure that their products and services are completely safe. The same thing goes for the IoT as well. Muhammad Wasim (2015) tells that there are different security threats at different layers of the security system. At the perception layer, there might be an invalid access or entrance to the tags while at the network layer; there can be sinkhole and Sybil attacks. At the middle-ware, there can be a DoS attack and at the application layer, there can be a Malicious Code Injection along with a Spear-Phishing Attack.

According to Anjum Khairi, the development is advancing at very high speeds and the only hurdle is the security. The security threats to the operating of IoT are quite expository. In order to make sure that there are no security threats risking the confidentiality, modifications should be made to architectural layer along with the implementation of a infrastructure concerning the security using previous and further IT techniques as well (Farooq, Waseem, Khairi, & Mazhar, 2015).

According to Gubbi (2013), the challenges that IoT faces despite the advanced networking and high quality services include Cloud computing, visualization on the basis of GIS, data analytics, participatory sensing, and privacy. Meanwhile, the normal WSN issues and challenges include quality of service, protocols, security, energy efficiency, and architecture. All the while Marusic (2013) tells that the goal is to ensure the implementation of smart and efficiency objects which can be programmed and used anywhere in the system to blend in the environment and start producing some efficient results.

Palaniswami (2013) tells that encryption plays a major role in securing the system against different types of security threats and making the system secure. With the use of encryption, data confidentiality is strengthened while codes of message authentication ensure the data authenticity and integrity. However, it doesn’t mean that encryption protects against all the types of attack. When it comes to inside attacks which are particularly malicious, it fails to protect the system. That is non-cryptographic means are needed for the development of a strong security layer. Generally, such means refer to nothing but WSNs. Moreover, the installation of new applications concerning the sensors is also required. If resources are not capable of that then existing ones can also be updated (Gubbi, Buyya, Marusic, & Palaniswami, 2013).

According to Rodrigo (2011), virtualization of everything real takes place. It means that every single thing and a person have a significant signature on the internet. There is definitely a code imprinted in the internet which can be assessed using different methods. There are different hurdles which are present in the path of IoT. Although their vision is very broad and promising, there are still some issues such as security which threaten to produce some inefficient outcomes. The users of internet are always at a very strong risk of penetration from the outside which can expose the confidential files and take the advantage of vulnerability. IoT cannot just stand and watch as their networking system is exploited. There is no way that a virus or something malicious can just enter the framework and leave a full impact. It is very important for IoT to ensure that security frameworks among layers are always strong and ready to tackle different malwares and malfunctions all the time.

Lopez (2011) tells that only enhancing privacy assurance, secure protocols, cryptography, and protection mechanisms are not enough to block. It is very important for researchers to explore the risks properly and measure just how the obstacles work. In order to make the security framework strong, the present security protocols must be properly analyzed. After the evaluation, it must be decided whether such protocols and security practices are enough to be implemented in the existing technologies or not. It should be analyzed whether new technologies can enhance the overall security layer or not. A proper, technical, and a legal framework are quite important. In order to establish such a system, the risks concerning with different scenarios of IoT (Roman, Najera, & Lopez., 2011).

According to Weber (2010), when it comes to the internet and its connections among different devices and functions, risks automatically reach there. No matter what designs is implicated, there are always some potential risks that threaten to break the firewalls and trespass the boundary to steal the important information or to ruin altogether. Data being lost is much more risky that it being exposed. The exposed information can be recovered and generated again. However, the lost one is very important because it has all the leads that a specific organization is going to follow in all of the upcoming plans. That is why building a strong framework against the security threats is very important.

Weber (2010) tells that measures concerning the privacy of client, access control, data validation and authentication, and resilience of the architecture to attacks and different types of risks are very meaningful and significant for IoT. Such measures are also very important for other companies as risks are present regardless of the industries (Weber, 2010).

Sicari (2015) demonstrates that heterogeneous technologies make the innovative solutions and services which IoT provides to different industries and domains. They are capable of fitting every environment and drive the best results from it. The security of such technologies and applications is always important and it cannot be denied that satisfaction comes by knowing that the information is safe without a threat. Within the network of IoT, it is very important for the access control, data authentication, and data confidentiality to be strong no matter what. With a strong framework of security, IoT will be able to develop not only the trust but also the satisfaction (Sicari, Rizzardi, Grieco, & Coen-Porisini., 2015).

According to Jing (2014), IoT has never actually stopped getting popular. With every passing day, the fame is rising but it doesn’t mean that the path ahead is easy for it. Almost the opposite can be said with the emergence of different and stronger security issues for the system of IoT. In order to make the framework stronger and repel viruses, only the solutions and adjustments from each of the sub layers are not required. The required criterion is not only stricter but difficult as well.  Some common applications of IoT are: Smart Grid, Smart Green, Intelligent Medical, Intelligent Urban Management, Smart Home, and Intelligent Transportation. All of them have their own requirements for security and they vary according to different risks. For example, it can be said that data privacy’s security is important for the Intelligent Medical and Intelligent Transportation. However for Smart Green and Intelligent Urban Management, the importance of data authenticity is considerable.

In order to produce the best framework, the study of each application and its threats is very important. There are some security requirements which just cannot be improved using a application layer which is weak. In a weak layer, a hacker will be able to access the information without much of a difficulty regardless of the efforts done to keep it powerful. Therefore for the usage of cross layers, corresponding technologies must be designed by us (Jing & Athanasios V. Vasilakos, 2014).

According to Atzori (2010), the IoT has many reasons for being vulnerable to different types of attacks. Mostly, the components are unattended and the communications are utilized without wires which makes taking information without being noticed quite easy. In the security of IoT, the major concerns are the data integrity and the authentication. They are the ones which make it very difficult for the security to be strong. Authentication is mostly tough due to the valid authentic infrastructure for the achievement of goals.

Although, different initiatives have been taken for the strengthening of the security infrastructure but they have made no progress. After all, basics ought to be addressed first before moving on to the difficult parts. In order to make the infrastructure strong in such a way that no risk is able to penetrate, elements such as authenticity must be made stronger no matter what happens. A solution concerning previous techniques and the upcoming ones must be devised (Atzori, Iera, & Morabito, 2010).

IoT has introduced a completely new face with the use of RFID to the industry. A lot of development has been made just on the basis of it. In recent years, many wireless devices have been developed and implemented as well. They have been adjusted in such a way that the whole network is benefitted and is able to produce efficient results. However, the security issue still is there. It must be addressed properly to ensure the satisfaction and trust in IoT devices. After all, the privacy and confidentiality of the data is very important. It is significant to erase all types of possibilities of risks (Xu, He, & Li, 2014).

Resign Design Methods – Solution Approach of Developing Security Framework for Internet of Things (IoT) Layers

Security testing should be performed at highest possible scale. The sheer volume of technology in IoT makes it necessary for every design and security consideration to be taken into account. Simple bootstrapping into an ecosystem can create a self-denial of service condition at IoT scale. Automated systems are capable of complex, monotonous, and tedious operations that are extremely difficult and time consuming for humans to perform. IoT systems should seek to exploit this advantage for security. Data encryption only protects encrypted pathways. Data transmitted over an encrypted link is still exposed - prior to encryption, after decryption, and along any communication pathways that do not enforce encryption. The entire data lifecycle should be carefully scrutinized to ensure that encryption is applied uniformly and appropriately. Make sure that all IoT components are stripped down to the minimum viable feature set to reduce attack surface. Unused ports and protocols should be disabled, and unnecessary supporting software should be uninstalled or turned off. Be sure to track third party components and update them regularly. Ensure every line of code provided by third parties is audited. IoT systems are not very powerful. They have multiple nodes even in cases of minimal computing. Always account for communication and processing issues. IoT systems should have capabilities to respond to compromises, hostile participants, malware and other adversities.

Another study the research concerning the cloud computing security. In today's era the problems that faced by the cloud computing is that the executable side of the relevant development. The effectiveness of the tools enhances the practices of our integrity and suitableness effects. This field faces several challenges, which will need to resolve. The author quoted that, there are the argument and typically effective learning improvement that assess the protection conspiracies in an exceedingly correct method. The subject of analysis might argument the talents and effective thinking’s within the method. Typically their space heap things to figure and being within the credibleness of the items that are concerned within the security method. If we tend to be sure of the protection problems with our learning atmosphere it will build things higher in an exceedingly correct method. Technology talks concerning the protection domains and also the affected problems with the web connected cooperative issue which will enhance the talents of our technical field. The problems might enhance the mistrust chance towards the shoppers and also the public, as a result of in our business life we tend to accommodate security clouds of knowledge and technologies might face several issues and consequences. We want to search out some effective thanks to enhance our info technological areas. This work might take it slow to induct the items that are enclosed within the cloud computing atmosphere of knowledge and technology (Jayakumar, et al., 2014).

Methodology of Developing Security Framework for Internet of Things (IoT) Layers

To identify which area desires additional analysis and effective, in cloud computing security problems do the literature review. In an exceedingly literature review, we embody all the information in keeping with our analysis study. We will use the strategy of snowball sampling.

Collecting information from the literature of Developing Security Framework for Internet of Things (IoT) Layers

It has been decided to take the info from literature review. Through this we will be able to take the articles written by the researchers relevant to the subject. These items of data embrace the within the snowball sampling for collection the knowledge to satisfy the necessities of RQ1 and RQ2, this methodology can facilitate in gathering the references that if incomprehensible through the snowball sampling. This literature review can facilitate to seek out the results. Some steps which will be conducted in gathering data are as follows;

List of attainable terms

Establish the keywords

Modify the list terms

Collecting the Data Using Qualitative Approach of Developing Security Framework for Internet of Things (IoT) Layers

After gathering the information from literature review, we will be able to conduct some interviews with the relevant persons. In the interview qualitative questions will be asked from the individuals. The interview is the best way to collect in-depth information. The interview would be unstructured and the individuals will be allowed to provide detail information. Along with interview qualitative survey will also be done to gather data in abundance.

Contribution of the Research of Developing Security Framework for Internet of Things (IoT) Layers

In the past the researchers have conducted various studies to provide brief information regarding the privacy & security of the internet of things. However over time due to increase in various security related issues and advancement in technology the need for a better and more secure approaches has increased. The hackers today are come up with more advance ways to breach the security protocols therefore research is required for providing more information regarding security of devices which are connect with each other. This research will try to fill the research gap which previous studies have regarding security and privacy in the internet of things (IOT) framework.

SWOT Analysis and Strengths of Developing Security Framework for Internet of Things (IoT) Layers

In this project, the strengths are there due to resources with lot of available information. It is important to have enough information, resources to set a road map for the research project. The processes and systems are already there and other researchers have also looked at various security issues for internet of things (IoT), which would allow this research project to keep things on right track. It also means that resource availability and research data are integral for this research.

Weaknesses of Developing Security Framework for Internet of Things (IoT) Layers

It is important for the research project to identify any gaps in knowledge and those gaps can be considered weakness for this research project. Moreover, lack of expertise and skills can also be a weakness for this research project as research methods cannot be tested without proper knowledge. It is also important to ensure that given time frame of the project is good enough to complete all relevant steps otherwise time will be gone without completing the project in given time frame.

Opportunities of Developing Security Framework for Internet of Things (IoT) Layers

This research project has great opportunities for the future research and for the field of internet of things (IoT). The market and technology are evolving, so they need more ways to integrate processes with better security and privacy for the users. The research would allow researchers to look at the security issues in more detailed manner and try to find ways, which would allow bringing in innovation, and keeping internet of things (IoT) as secure as possible with improved security methods.

Threats of Developing Security Framework for Internet of Things (IoT) Layers

The technology has so many aspects and it is always hard to keep them streamlined in the research project. So, if proper expertise will not be used with proper strategy, the research can face various threats and problems. For instance, the lack of resources may stop the project from its completion in time or it may not give desired results for the research project.

Conclusion of Developing Security Framework for Internet of Things (IoT) Layers

Summing up the discussion it can be said that cloud computing and IoT are inseparable. The IoT and cloud computing are quite a recent development, there is still a need of studies concerning the economic, managerial, social, and behavioral aspects. That is what makes this challenging for the companies to make decisions concerning the cloud computing role in IoT. The innovation of IoT really is exceptional. However, there are some challenges involved as well. For the journey ahead, use of cloud computing in IoT needs to cover the threats and offer the reliability.

References of Developing Security Framework for Internet of Things (IoT) Layers

Alam, S., Chowdhury, M. M., & Noll, J. (2010). "Senaas: An event-driven sensor virtualization approach for internet of things cloud.". NESEA, 1-6.

Al-Fuqaha, Ala, M. G., Mohammadi, M., Aledhari, M., & Ayyash, M. (2015). "Internet of things: A survey on enabling technologies, protocols, and applications." . IEEE Communications Surveys & Tutorials 17, 2347-2376.

Atzori, L., Iera, A., & Morabito, G. (2010). "The internet of things: A survey." . Computer networks 54, 2787-2805.

Bandyopadhyay, Debasis, & Sen, J. (2011). "Internet of things: Applications and challenges in technology and standardization.". Wireless Personal Communications 58, 49-69.

Botta, A., Donato, W. D., Persico, V., & Pescapé., A. (2016). Integration of cloud computing and internet of things: a survey. Future Generation Computer Systems 56 , 684-700.

Derhamy, H., Eliasson, J., Delsing, J., & Priller, P. (2015). "A survey of commercial frameworks for the internet of things.". IEEE Communications Society.

Farooq, M. U., Waseem, M., Khairi, A., & Mazhar, S. (2015). A critical analysis on the security concerns of internet of things (IoT). International Journal of Computer Applications, 111(7).

Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future generation computer systems 29, 1645-1660.

Jayakumar, H., Lee, K., Lee, W. S., Raha, A., Kim, Y., & Raghunathan, V. (2014). Powering the Internet of Things. 375-380.

Jing, Q., & Athanasios V. Vasilakos, J. W. (2014). Security of the Internet of Things: perspectives and challenges.". Wireless Networks 20, 2481-2501.

Liang, Z., & Chao, H.-C. (2011). "Multimedia traffic security architecture for the internet of things." . IEEE Network 25, 3.

Miorandi, D., Sicari, S., Pellegrini, F. D., & Chlamtac, I. (2012). "Internet of things: Vision, applications and research challenges.". Ad hoc networks 10, 1497-1516.

Roman, R., Najera, P., & Lopez., J. (2011). Securing the internet of things. Computer 44, 51-58.

Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini., A. (2015). "Security, privacy and trust in Internet of Things: The road ahead. Computer networks 76, 146-164.

Uckelmann, D., Harrison, M., & Michahelles, F. (2011). An architectural approach towards the future internet of things. In Architecting the internet of things, pp. 1-24. Springer, Berlin, Heidelberg,.

Weber, R. H. (2010). Internet of Things–New security and privacy challenges. Computer law & security review 26, 1.

Xu, L. D., He, W., & Li, S. (2014). "Internet of things in industries: A survey.". IEEE Transactions on industrial informatics, 2233-2243.