J. Hemmes, Steven Fulton, Judson C. Dressler, Stephen Kirkman
{"title":"Trust and Risk Assessment in IoT Networks","authors":"J. Hemmes, Steven Fulton, Judson C. Dressler, Stephen Kirkman","doi":"10.37256/cnc.1120232667","DOIUrl":null,"url":null,"abstract":"The Internet of Things (IoT) is a large-scale, heterogeneous ecosystem of connected devices encompassing a range of purposes and computing capabilities. As IoT systems grow ubiquitous, new approaches to security are needed. This work proposes a method of risk assessment for devices that combines the use of trust models based on dynamic behaviors with static capability profiles drawn from immutable device characteristics to determine the level of risk each device poses to network security. A risk-based approach allows security mechanisms and monitoring activities to be more efficiently allocated across IoT networks. Simultaneously, devices can be allowed a greater degree of functionality while ensuring system availability and security. This paper presents a methodology and architecture to integrate risk assessment into IoT networks. This allows additional tailoring of security control application and provides higher-level, more human-readable information for security analysts.","PeriodicalId":45621,"journal":{"name":"Journal of Computer Networks and Communications","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Computer Networks and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.37256/cnc.1120232667","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
引用次数: 0
Abstract
The Internet of Things (IoT) is a large-scale, heterogeneous ecosystem of connected devices encompassing a range of purposes and computing capabilities. As IoT systems grow ubiquitous, new approaches to security are needed. This work proposes a method of risk assessment for devices that combines the use of trust models based on dynamic behaviors with static capability profiles drawn from immutable device characteristics to determine the level of risk each device poses to network security. A risk-based approach allows security mechanisms and monitoring activities to be more efficiently allocated across IoT networks. Simultaneously, devices can be allowed a greater degree of functionality while ensuring system availability and security. This paper presents a methodology and architecture to integrate risk assessment into IoT networks. This allows additional tailoring of security control application and provides higher-level, more human-readable information for security analysts.
期刊介绍:
The Journal of Computer Networks and Communications publishes articles, both theoretical and practical, investigating computer networks and communications. Articles explore the architectures, protocols, and applications for networks across the full spectrum of sizes (LAN, PAN, MAN, WAN…) and uses (SAN, EPN, VPN…). Investigations related to topical areas of research are especially encouraged, including mobile and wireless networks, cloud and fog computing, the Internet of Things, and next generation technologies. Submission of original research, and focused review articles, is welcomed from both academic and commercial communities.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
