Author Identifier
Nickson M. Karie
ORCID : 0000-0001-5173-9268
Wencheng Yang
ORCID : 0000-0001-7800-2215
Craig Valli
ORCID : 0000-0002-2298-9791
Document Type
Journal Article
Publication Title
IEEE Access
Publisher
IEEE
School
ECU Security Research Institute / School of Science /
RAS ID
36946
Funders
Cyber Security Research Centre Ltd Australian Government's Cooperative Research Centres Programme
Abstract
Assessing the security of IoT-based smart environments such as smart homes and smart cities is becoming fundamentally essential to implementing the correct control measures and effectively reducing security threats and risks brought about by deploying IoT-based smart technologies. The problem, however, is in finding security standards and assessment frameworks that best meets the security requirements as well as comprehensively assesses and exposes the security posture of IoT-based smart environments. To explore this gap, this paper presents a review of existing security standards and assessment frameworks which also includes several NIST special publications on security techniques highlighting their primary areas of focus to uncover those that can potentially address some of the security needs of IoT-based smart environments. Cumulatively a total of 80 ISO/IEC security standards, 32 ETSI standards and 37 different conventional security assessment frameworks which included seven NIST special publications on security techniques were reviewed. To present an all-inclusive and up-to-date state-of-the-art research, the review process considered both published security standards and assessment frameworks as well as those under development. The findings show that most of the conventional security standards and assessment frameworks do not directly address the security needs of IoT-based smart environments but have the potential to be adapted into IoT-based smart environments. With this insight into the state-of-the-art research on security standards and assessment frameworks, this study helps advance the IoT field by opening new research directions as well as opportunities for developing new security standards and assessment frameworks that will address future IoT-based smart environments security concerns. This paper also discusses open problems and challenges related to IoT-based smart environments security issues. As a new contribution, a taxonomy of challenges for IoT-based smart environment security concerns drawn from the extensive literature examined during this study is proposed in this paper which also maps the identified challenges to potential proposed solutions.
DOI
10.1109/ACCESS.2021.3109886
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Comments
Karie, N. M., Sahri, N. M., Yang, W., Valli, C., & Kebande, V. R. (2021). A review of security standards and frameworks for IoT-based smart environments. IEEE Access, 9, 121975-121995. https://doi.org/10.1109/ACCESS.2021.3109886