A Systematic Review for Evaluating IoT Security: A Focus on Authentication, Protocols and Enabling Technologies

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS IEEE Internet of Things Journal Pub Date : 2025-02-25 DOI:10.1109/JIOT.2025.3545737

Jameel Shehu Yalli;Mohd Hilmi Hasan;Low Tang Jung;Abdulrasheed Ibrahim Yerima;Dahiru Adamu Aliyu;Umar Danjuma Maiwada;Safwan Mahmood Al-Selwi;Mujeeb Ur Rehman Shaikh

{"title":"A Systematic Review for Evaluating IoT Security: A Focus on Authentication, Protocols and Enabling Technologies","authors":"Jameel Shehu Yalli;Mohd Hilmi Hasan;Low Tang Jung;Abdulrasheed Ibrahim Yerima;Dahiru Adamu Aliyu;Umar Danjuma Maiwada;Safwan Mahmood Al-Selwi;Mujeeb Ur Rehman Shaikh","doi":"10.1109/JIOT.2025.3545737","DOIUrl":null,"url":null,"abstract":"The idea of the Internet of Things (IoT) is to connect objects and smart devices with any digital element seamlessly at anytime, anywhere, with anything. These devices or objects are characterized by low power consumption, lower bandwidth usage, limited processing power, and limited memory capacity. This article presents a systematic literature review (SLR) of the state-of-the-art security challenges of IoT systems designed for authentication. It reports the strengths, weaknesses, threats, and attacks associated with the proposed authentication models. In addition, a comprehensive analysis of IoT-compatible protocols, enabling technologies, and countermeasures to mitigate risk in IoT is investigated. This study uses the PRISMA methodology to review peer-reviewed articles published from 2014 to 2023, studying 100+ papers by selecting approximately 10 papers each year. It provides a detailed overview that contrasts and compares the advances in securing IoT devices to date while identifying remaining open research questions for IoT security designs. This article highlights the need for a survey integrating authentication models with compatible protocols and other lightweight technologies. The examination and analysis in this work contribute to the body of knowledge and serve as a roadmap for researchers and practitioners to improve their work while designing IoT security models.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 12","pages":"18908-18928"},"PeriodicalIF":8.9000,"publicationDate":"2025-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10904108","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10904108/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The idea of the Internet of Things (IoT) is to connect objects and smart devices with any digital element seamlessly at anytime, anywhere, with anything. These devices or objects are characterized by low power consumption, lower bandwidth usage, limited processing power, and limited memory capacity. This article presents a systematic literature review (SLR) of the state-of-the-art security challenges of IoT systems designed for authentication. It reports the strengths, weaknesses, threats, and attacks associated with the proposed authentication models. In addition, a comprehensive analysis of IoT-compatible protocols, enabling technologies, and countermeasures to mitigate risk in IoT is investigated. This study uses the PRISMA methodology to review peer-reviewed articles published from 2014 to 2023, studying 100+ papers by selecting approximately 10 papers each year. It provides a detailed overview that contrasts and compares the advances in securing IoT devices to date while identifying remaining open research questions for IoT security designs. This article highlights the need for a survey integrating authentication models with compatible protocols and other lightweight technologies. The examination and analysis in this work contribute to the body of knowledge and serve as a roadmap for researchers and practitioners to improve their work while designing IoT security models.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

评估物联网安全的系统综述：关注身份验证、协议和使能技术

物联网（IoT）的理念是将物体和智能设备与任何数字元素在任何时间、任何地点无缝连接起来。这些设备或对象的特点是低功耗、低带宽使用、有限的处理能力和有限的内存容量。本文介绍了用于身份验证的物联网系统的最新安全挑战的系统文献综述（SLR）。它报告了与提议的身份验证模型相关的优点、缺点、威胁和攻击。此外，还对物联网兼容协议、使能技术和降低物联网风险的对策进行了全面分析。本研究采用PRISMA方法，对2014年至2023年发表的同行评议文章进行评审，每年选取约10篇论文，共研究100多篇论文。它提供了一个详细的概述，对比和比较了迄今为止保护物联网设备的进展，同时确定了物联网安全设计的剩余开放研究问题。本文强调了将身份验证模型与兼容协议和其他轻量级技术集成在一起的调查的必要性。本工作中的检查和分析有助于知识体系，并作为研究人员和从业者在设计物联网安全模型时改进工作的路线图。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.