By: Achit Katiyar1
1International Center for AI and Cyber Security Research and Innovations, Asia University, Taiwan. Email: achitktr@gmail.com
Abstract
Internet of Things that has grown enormously over the recent past has also transformed the link as well as application of a number of industries. But because of the large number of IoT devices and due to insufficient access right security remains a problem. This article is based on some of the largest security systems in IoT devices, importance of these systems and challenges connected with them. It also synthesizes new trends and views about the future of Internet of Things security standards.
Introduction
IoT connects thousands of devices, and their smooth collaboration and remote management in several applications are possible [1]. With this benefits, IoT devices prone to various security threats such as hacking and unauthorized access [2]. Safety is rather important in combating risks connected with the decision about information and equilibrium of IoT options [3]. In particular, a record of a certain transaction is kept in a distributed accessed database of a particular format called a blockchain, and it requires a number of a growing list containing records [4].
This article analyses the measures employed in an effort to secure IoT devices while elaborating on problems linked with the process.
Key Security Protocols
- Transport Layer Security (TLS):
TLS (Transport Layer Security) is widely used to ensure the data transmitted between IoT devices and servers to be encrypted [5]. The confidentiality in the communication is maintained by preventing listening and manipulations hence ensure integrity of data in the transmission. Despite its applicability, it is also difficult to incorporate TLS on the IoT devices especially in resource-limited IoT devices because of its computing and memory intensity [6].
- Datagram Transport Layer Security (DTLS):
Datagram Transport Layer Security (DTLS) is considered to give similar levels of assurance to datagram based applications as TLS [7]. This is the case because; DTLS is less expensive than TLS and is optimal on Noisy networks and Internet of Things, a network using the User Datagram Protocol (UDP). The problem is to extend DTLS for low power consumption devices which are thought to be target nodes of the IoT systems [8].
- IPsec (Internet Protocol Security):
IPsec therefore refers to Internet Protocol, which entails deeper levels of protection on every communicated Internet Protocol link, and this protection is greatly enhanced by authentication [8]. It is employed in delivery of enhancing a plethora of secure tunnels for the transfer of data between objects of IoT [9]. But, at the same time, one should recall that for several reasons, it may be rather limited in the restricted IoT systems; the design of the IPsec is rather complicated. The security protocols applied in IoT are presented in the following figure 1.
Challenges in Implementing Security Protocols
- Resource Constraints:
The IoT devices for the most part have reduced computational capacity, a small RAM and low power supply which cannot support complex security measures [3]. Security measures should not, however, a;ect the functionality of the use of the devices and therefore pressure is given on the minimization of the two sides [10].
- Collaboration:
Since there is a growing tendency to adopt internet of things devices and their platforms, there is a need to have compatible and standard security systems to be utilised in the several systems. As to the compatibility with another non-Sharing a user, it is necessary to name here the primary difficulty – to maintain the security level on a suitable mark.
- Scalability:
Because IoT is a vast network, protective measures to address the problem are needed to accommodate a volume of things and data. Ideally, IoT should be expandable without any loss to the endpoint security which will enhance the rate of IoT adoption [1].
Emerging Trends and Future Directions
- Lightweight Cryptography:
Developing efficient probabilities for IoT devices is an important field of research [9]. These methods try to enjoy both good security that is ordered high and limited use of the resource, and this addresses the constraints of IoT scenarios.
- Blockchain Technology:
The enabling of blockchain technology makes IoT networks secured in the future in an autonomous manner through provision of irreversible and public-ledger transaction records [11], [12]. Integrating blockchain with IoT can enhance the security and reliability in such ways that are critical in applications, which require data authenticity and origin [13].
- Machine Learning for Security:
Some of the most active research topics concerning IoT security risk identification and management using machine learning methods are reported in this section [12]. These methods may include analyse of IoT data to seem for pattern and new trends of a possible security breach therefore making it possible to identify the breach in real-time [10].
Conclusion
IoT security is more like a challenging activity, which demands even more elevated levels of the security solution that fits the IoT setting and peculiarities of IoT device constraints and demands. Of the known ones include the TLS, DTLS and the IPsec; other emerging ones include portable cryptography, block chain technology, machine learning and amongst others with high potential of boosting security. The future trends in IoT security will follow the kind of impacts resource restrictions, integration, and flexibility will be modified for.
References
- J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Future Gener. Comput. Syst., vol. 29, no. 7, pp. 1645–1660, Sep. 2013, doi: 10.1016/j.future.2013.01.010.
- R. H. Weber, “Internet of Things – New security and privacy challenges,” Comput. Law Secur. Rev., vol. 26, no. 1, pp. 23–30, Jan. 2010, doi: 10.1016/j.clsr.2009.11.008.
- R. Roman, J. Zhou, and J. Lopez, “On the features and challenges of security and privacy in distributed internet of things,” Comput. Netw., vol. 57, no. 10, pp. 2266–2279, Jul. 2013, doi: 10.1016/j.comnet.2012.12.018.
- M. Rahaman, F. Tabassum, V. Arya, and R. Bansal, “Secure and sustainable food processing supply chain framework based on Hyperledger Fabric technology,” Cyber Secur. Appl., vol. 2, p. 100045, Jan. 2024, doi: 10.1016/j.csa.2024.100045.
- E. Rescorla and T. Dierks, “The Transport Layer Security (TLS) Protocol Version 1.2,” Internet Engineering Task Force, Request for Comments RFC 5246, Aug. 2008. doi: 10.17487/RFC5246.
- T. Kothmayr, C. Schmitt, W. Hu, M. Brünig, and G. Carle, “DTLS based security and two-way authentication for the Internet of Things,” Ad Hoc Netw., vol. 11, no. 8, pp. 2710–2723, Nov. 2013, doi: 10.1016/j.adhoc.2013.05.003.
- E. Rescorla and N. Modadugu, “Datagram Transport Layer Security Version 1.2,” Internet Engineering Task Force, Request for Comments RFC 6347, Jan. 2012. doi: 10.17487/RFC6347.
- R. Atkinson and S. Kent, “Security Architecture for the Internet Protocol,” Internet Engineering Task Force, Request for Comments RFC 2401, Nov. 1998. doi: 10.17487/RFC2401.
- S. Deshmukh and S. S. Sonavane, “Security protocols for Internet of Things: A survey,” 2017 Int. Conf. Nextgen Electron. Technol. Silicon Softw. ICNETS2, pp. 71–74, Mar. 2017, doi: 10.1109/ICNETS2.2017.8067900.
- S. Sicari, A. Rizzardi, L. A. Grieco, and A. Coen-Porisini, “Security, privacy and trust in Internet of Things: The road ahead,” Comput. Netw., vol. 76, pp. 146–164, Jan. 2015, doi: 10.1016/j.comnet.2014.11.008.
- A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain for IoT security and privacy: The case study of a smart home,” in 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), Mar. 2017, pp. 618–623. doi: 10.1109/PERCOMW.2017.7917634.
- A. M. Widodo et al., “Port-to-Port Expedition Security Monitoring System Based on a Geographic Information System,” Int. J. Digit. Strategy Gov. Bus. Transform. IJDSGBT, vol. 13, no. 1, pp. 1–20, Jan. 2024, doi: 10.4018/IJDSGBT.335897.
- M. Conoscenti, A. Vetrò, and J. C. De Martin, “Blockchain for the Internet of Things: A systematic literature review,” in 2016 IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA), Nov. 2016, pp. 1–6. doi: 10.1109/AICCSA.2016.7945805.
- Sedik, A., Maleh, Y., El Banby, G. M., Khalaf, A. A., Abd El-Samie, F. E., Gupta, B. B., … & Abd El-Latif, A. A. (2022). AI-enabled digital forgery analysis and crucial interactions monitoring in smart communities. Technological Forecasting and Social Change, 177, 121555.
- Mourelle, L. M. (2022). Robotics and AI for Cybersecurity and Critical Infrastructure in Smart Cities. N. Nedjah, A. A. Abd El-Latif, & B. B. Gupta (Eds.). Springer.
Cite As
Katiyar A. (2024) Security Protocols in IoT Devices, Insights2Techinfo, pp.1