TY - GEN
T1 - Assessing the Feasibility of Adaptive Security Models for the Internet of Things
AU - Aman, Waqas
N1 - Publisher Copyright:
© Springer International Publishing Switzerland 2016.
PY - 2016
Y1 - 2016
N2 - Internet of Things (IoT) is a heterogeneous and dynamic space as it connects a variety of sensing, mobile and other physical objects. Traditional security controls and mechanisms tend to enforce pre-defined and manual risk mitigation approaches that manage security in a particular context. They seem to be insufficient in IoT scenarios that have a diverse and evolving technology outlook and threat spectrum. Adaptive security can be a suitable candidate for IoT security as it can observe and respond to threats dynamically. However, it is challenging to identify how practical are the existing adaptive security solutions in IoTdriven ecosystem. In this paper, we present an evaluation framework that assesses the feasibility of adaptive security models in IoT settings. The framework evaluates a given model from an adaptive risk management perspective and assesses the extent to which it is aware of its ecosystem. Moreover, it captures the essential features of a given model, such as adaptation aptitude and architectural aspects. Therefore, the framework determines the security as well as the architectural capabilities of a model. We have evaluated various models and have identified major trends and gaps in their modeling approaches.
AB - Internet of Things (IoT) is a heterogeneous and dynamic space as it connects a variety of sensing, mobile and other physical objects. Traditional security controls and mechanisms tend to enforce pre-defined and manual risk mitigation approaches that manage security in a particular context. They seem to be insufficient in IoT scenarios that have a diverse and evolving technology outlook and threat spectrum. Adaptive security can be a suitable candidate for IoT security as it can observe and respond to threats dynamically. However, it is challenging to identify how practical are the existing adaptive security solutions in IoTdriven ecosystem. In this paper, we present an evaluation framework that assesses the feasibility of adaptive security models in IoT settings. The framework evaluates a given model from an adaptive risk management perspective and assesses the extent to which it is aware of its ecosystem. Moreover, it captures the essential features of a given model, such as adaptation aptitude and architectural aspects. Therefore, the framework determines the security as well as the architectural capabilities of a model. We have evaluated various models and have identified major trends and gaps in their modeling approaches.
KW - Adaptive security
KW - Feasibility
KW - Internet of things
KW - Risk management
UR - http://www.scopus.com/inward/record.url?scp=84978880713&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84978880713&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-39381-018
DO - 10.1007/978-3-319-39381-018
M3 - Conference contribution
SN - 9783319393803
VL - 9750
T3 - Lecture Notes in Computer Science
SP - 201
EP - 211
BT - Human Aspects of Information Security, Privacy, and Trust - 4th International Conference, HAS 2016, Held as Part of HCI International 2016, Toronto, ON, Canada, July 17-22, 2016, Proceedings
A2 - Tryfonas, Theo
PB - Springer
T2 - 4th International Conference on Human Aspects of Information Security, Privacy, and Trust, HAS 2016 and Held as Part of 18th International Conference on Human-Computer Interaction, HCI International 2016
Y2 - 17 July 2016 through 22 July 2016
ER -