Challenges of securing Internet of Things devices: A survey

2.1 Security and privacy issues

Kumar and Patel36 discussed the basic concept of IoT and explored its evolution, covering everything from the beginning of communications between 2 computers in the late 1960s to this era. Most importantly, they critically examined the security concerns in the IoT and studied the possible threats associated with the different layers, which they classified as: front‐end sensors and equipment, network and back‐end of Information Technology (IT) systems. The authors also discussed privacy concerns that need to be addressed, namely: privacy in device, privacy during communication, privacy in storage and privacy at processing.

Zhao and Ge37 proposed a 3‐layer security architecture for the IoT and explained a number of security issues within the context of that architecture. They pointed out the security problems of each of the layers, and highlighted the possible damages that these problems might inflict on the IoT network and services. They particularly elaborated on the security issues of the perception layer, which include key management and algorithm, security routing protocols, data fusion technology and authentication, and access control.

Granjal et al38 observed that security will certainly be a fundamental enabling factor for most IoT applications and services, thus they emphasized the need for measures to be put in place to secure communications across diverse technologies. The authors critically examined several existing protocols and mechanisms for securing communications in the IoT, and analyzed how these approaches meet the fundamental security requirements. They also presented a number of proposals, for example, for key management, security against packet fragmentation attacks and solutions against internal attacks. Furthermore, they pointed out some security challenges that need to be addressed in the near future.

Sicari et al39 extensively reviewed the existing solutions within the IoT security topic, covering integrity, confidentiality, authentication, privacy, and trust issues in the IoT field. They also studied proposals on security middlewares and secure solutions for mobile devices, as well as explored some ongoing projects. The authors observed that IoT services can only gain the trust of users when there is a proper enforcement of security and privacy policies. They further highlighted some open research issues, one of which is the need for a unified vision pertaining to the insurance of security and privacy requirements in heterogeneous environments like IoT.

Grabovica et al40 considered security measures of IoT enabling technologies. The authors explored security protocols of relevant communication technologies that are used in the IoT, including RFID, wireless networks and ZigBee. Their work presents an overview of the security attributes of the given technologies as well as introduce practical implementation and possible intrusions. Furthermore, they presented analysis that provides basic information pertaining to security modes, cryptography possibilities and functional appliance in the IoT that need attention. The authors, finally, identified some issues that can arise in practical applications, and provided comparison and summary of the advantages of the technologies they described.

Granjal et al41 analyzed many existing surveys aimed at addressing different security mechanisms for the WSNs applications. They particularly focused on current investigations from the research community and proposals from the industry pertaining to the integration of these low‐power devices with the Internet. The authors also provided detailed discussions of the analysis of the security requirements for this integration and the corresponding attack and threat models. Finally, they highlighted some challenges regarding the usage of the existing security mechanisms for protecting the Internet‐integrated WSNs.

Benabdessalem et al42 reviewed research progress on IoT security models, techniques and tools. The authors first analyzed a number of security requirements, and then explored the different approaches and mechanisms used for ensuring security and privacy in IoT. They also provided a summary of existing security methods and mechanisms.

Suo et al43 explored the progress of research in the field of IoT. They specifically focused on the security aspects, and provided a concise analysis of the security features and requirements. The authors reviewed some key security techniques, which include cryptographic algorithms, encryption mechanisms, and secure communications. They also considered protection of sensor data, and concluded by pointing out some research challenges.

Oracevic et al44 provided a quick review of IoT security issues and challenges, focusing specifically on recent security solutions. The authors attempted to provide a holistic overview of IoT security rather than focusing on a single layer of the architecture. Their work also identified some open issues that have not been properly addressed.

Yang et al45 presented a survey of recent hardware designs of Ultra‐Low‐Power (ULP) devices in the IoT. Their work focused on optimizing the tradeoffs between power, cost of the ULP devices and security. The authors discussed both cryptography‐based entity authentication and hardware designs for Physical Unclonable Functions (PUFs)‐based entity authentication, and thereafter highlighted the need for better hardware blocks in order to support device authentication and data security. Their work identified open issues and future research directions for security‐focused ULP hardware designs. The authors also showed that it is the type of application that determines which design and protocol are to be employed. For instance, PUFs‐based authentication protocols are best for systems that require encryption engines.

Chen et al46 provided an in‐depth review of threats and solutions associated with Location‐Based Services (LBSs) in the IoT. The authors reviewed both Global Navigation Satellite System (GNSS) and non‐GNSS‐based solutions. After describing certain security and privacy solutions for LBSs based on cryptography, the authors discussed in detail the most recent policies, regulations, and legal implications regarding location data privacy. The authors concluded by highlighting some privacy‐preserving issues in LBSs solutions, and presented some recommendations that will foster the development of more secure LBSs in the future.

Qiu et al47 investigated the heterogeneity and relationship among diverse networks of the IoT, including WSNs, Wireless Fidelity (Wi‐Fi), Wireless Mesh Networks (WMNs), and vehicular networks, which they termed HetIoT. The authors presented a comprehensive review of the state‐of‐the‐art in the HetIoT research area, and proposed a 4‐layer architecture for the HetIoT consisting of sensing, networking, cloud computing and applications layers, and discussed them extensively. For example, the authors analyzed a number of classical application areas in the application layer, such as WeChat, Skype, and smart home. Their survey highlighted some open issues in a few application domains, and also presented open research issues for building large‐scale HetIoT, which include smart hardware design, big data fusion, and security and privacy.

Sezer et al48 presented an extensive and comprehensive survey in context‐aware computing, learning algorithms, and big data in IoT. The authors also reviewed extended IoT research fields, namely Web of Things (WoT) and semantic. They categorized IoT survey papers into 7 categories, including general purpose surveys and open issues, context awareness, machine learning on specific topics, and data mining surveys. Their work identified a number of open issues which include security and privacy in the IoT.

2.2 Applications, trust management and other technical issues

Starting with the vision and motivations for IoT, Miorandi et al49 provided a broad concept of the IoT by defining a smart thing as any object that possess physical features like specific size and shape, some communication functionalities and some basic computing capabilities. They also presented some key system features that should be supported by IoT, namely devices heterogeneity, scalability, energy‐optimized solutions, and so on. The authors outlined some research challenges in some key areas, including computing, communication and identification, distributed systems technology and distributed intelligence. Furthermore, they highlighted the importance of security as a critical component that will enable the widespread adoption of the IoT.

Yan et al50 did an extensive study on trust, its properties and trust management, and concluded that trust management makes people overcome fears and perceptions of uncertainty concerning the risks associated with the adoption of IoT devices, applications and services. They reviewed current researches on trustworthy IoT and pointed out 7 open research issues. They further outlined some challenges facing trust management in the IoT, which include the heterogeneous nature of the IoT and power efficiency. Moreover, they proposed an holistic trust management framework for IoT that is based on both interlayer and cross‐layer trust management, and provides practical and intelligent IoT applications and services.

Al‐Fuqaha et al51 focused on enabling technologies, protocols and applications. After providing a horizontal overview of IoT, the authors discussed the IoT enabling technologies, protocols and applications in detail. Their survey provides a compressive summary of the most relevant protocols and application issues for researchers and developers to work with, without having to begin a thorough search process all over again. They also outlined some key IoT challenges in the recent literature, which include security and privacy. The authors also presented service use‐cases in detail in order to illustrate how the protocols they presented work together to provide the desired IoT services.

Xu et al12 thoroughly reviewed current research works on IoT and the enabling technologies, such as identification and tracking, communication and service management. They also explored the applications of IoT in key industries like healthcare, mining, transportation and logistics. The authors highlighted some research challenges, including technical, standardization and information security and privacy protection related challenges. They concluded by identifying other research trends, which include integrating social networking with IoT solutions, developing green IoT technologies, developing context‐aware IoT middleware solutions and employing artificial intelligence techniques to create intelligent things or smart objects.

Atzori et al52 provided descriptions of IoT and its visions in different contexts. They surveyed the enabling technologies in the literature and explained the impacts and applications of the new paradigm in everyday‐life, which they grouped into the following domains: transportation and logistics, healthcare, smart environment and personal and social domains. The authors further analyzed some open issues, including standardization activity, addressing and networking, and security/privacy issues.

Kraijak and Tuwanut53 surveyed a number of subjects on IoT, namely architecture and protocols, applications, security and privacy concerns as well as implementation and future trends. Their work starts by considering the evolution of IoT and its importance to humanity. The authors then focused on the security and privacy concerns in the IoT. They also presented a real‐world implementation using an Arduino platform and a lightweight communication protocol for IoT. Finally, they highlighted some future trends.

Li et al1 reviewed a number of definitions, architectures, applications and basic technologies of IoT, and then proposed a service‐oriented architecture for the heterogeneous network, consisting of 4 layers, namely sensing layer, network layer, service layer, and interface layer. The authors presented some open issues, which include technical challenges, standardization, security and privacy protection and innovation in IoT environment, and thereafter discussed potential solutions to the issues presented.

Razzaque et al54 focused on middleware for the IoT. The authors presented a number of IoT middleware requirements that are grouped into 2 different sets, namely middleware service requirements and architectural requirements. They provided a comprehensive review of existing middleware solutions against the given requirements. They also presented open issues and challenges, which include security and privacy; and finally, outlined some future research directions.

Moness and Moustafa55 reviewed the advances and the state‐of‐the‐art technologies enabling Wind Energy Conversion System (WECS) for the Internet of Energy (IoE), and then highlighted the potentials of Cyber‐Physical System (CPS). The authors then discussed the requirements and challenges of the future WECS and CPS, including abstractions, networking, control, safety, security, sustainability, and social components.

Whitmore et al56 focused on reports on the current research on the IoT by reviewing the literature, which they classified into 6 different categories, viz.: technology, applications, challenges, business models, future directions, and overview/survey. Using their classification scheme, they pointed out distinct trends in the distribution of the published works on IoT, emphasizing, for example, the areas that are not adequately treated. The authors identified security, privacy, and legal/accountability as some of the major challenges preventing its widespread adoption.

2.3 Comparison of previous surveys on the subject

As the IoT threat landscape continues to expand, it is important to explicitly characterize the security of every IoT system in accordance with the modern cryptographic best practices.57 This should involve a definite characterization of the system (system model), clear identification of attacker and his capabilities (threat model) and security goals one is aiming to achieve (security requirements). While this work pays particular attention to these and other aspects of the IoT security, no other previous reviews focused on this essential ingredient of cyber security. Along with the thorough survey on the specialized literature, this comprises one of the major contributions of this work. Table 1 provides comparison of the reviewed works with this survey. The surveys are compared with respect to system model, threat model, protocols and technologies, security requirements, scenario considerations, review of existing solutions, as well as with respect to security and privacy open issues. Four symbols are used to denote how an aspect of the subject matter is covered in a particular survey article. While x is used to denote aspects that are not treated in a survey, ✩, ★ and ✓ show the degree to which a particular aspect is covered. For instance, a ✩ indicates a shallow coverage, a ★ signifies that a given aspect is sufficiently covered, and a ✓denotes an in‐depth coverage. The key contributions of this survey include:

• detailed survey of the specialized literature;
• description of different IoT application domains, and using them to organize the work;
• identification of assets per domain;
• definition of security requirements per domain;
• definition of system and threat models, as well as identification of protocols and technologies for the application domains defined within the scope of the work;
• thorough review of schemes for securing the IoT.

To the best of our knowledge, this survey is the first work that addresses the characterization of IoT security using system model, threat model, protocols/technologies, and security requirements; and at the same time not losing focus on the typical scenario considerations, review of existing solutions, and security/privacy issues.

3.1 IoT architecture

The extremely large variety of connected heterogeneous networks and devices has made building a general architecture for the IoT a very complex task.11 Nonetheless, IoT structure can generally be divided into 3 distinct layers, namely, the perception layer (also referred to as recognition layer), the network layer and the application layer,6 36, 37 as shown in Figure 1.

The perception layer is responsible for gathering all kinds of data/information from the physical world using physical end devices, such as RFID tags and readers, cameras, Global Positioning System (GPS) receivers and all sorts of sensors.43 58 The network layer, which is in the middle, consists of different kinds of communication networks, which serve as access networks.58 This layer is also responsible for assortment of data, initial processing and transmission of data.59 The topmost layer is the application layer, which provides support for business services and different kinds of personalized services to individual users.60 Application layer protocols include Constrained Application Protocol (CoAP), Message Queue Telemetry Transport (MQTT), Extensible Messaging and Presence Protocol (XMPP), Advanced Message Queuing Protocol (AMQP), and Data Distribution Service (DDS). Using the application layer interface, users can access the IoT via personal computers, mobile devices such as smartphones and tablets. Depending on the services, other device like smart refrigerators, smart televisions, etc. can also be used.

The network layer is critical because it serves as the link between the perception and the application layers.59 Long‐range communication can be achieved using IP based Internet, such as 2G, 3G, 4G, LTE or the impending 5G network, while IEEE 802.15.4 (ZigBee), Z‐Wave, Thread, ultra‐wideband (UWB), Bluetooth and NFC are used for short‐distance communications among the IoT devices due to power, computation and storage constraints.61

3.2 Application domains

Presently, IoT might not have widespread visible effects on the society, but its impact is already noticeable in many industrial sectors. This article considers a few among many of the IoT application domains that have emerged in recent years. It focuses mainly on some of the domains that have great potential for exponential growth in the fourth industrial revolution, namely home automation,62 energy,63 developed urban areas,64 transportation,65 healthcare,66 manufacturing,67 supply chain,68 wearables,69 and agriculture,70 as depicted in Figure 2.

3.2.1 Application domains and their associated cyber assets

In cyber security, knowing the assets that need to be protected is fundamental to identifying vulnerabilities, threats, and risks. For the purpose of this study, we define an asset as tangible or intangible resource of value to an individual or a company that is exposed on an IoT network, which is also of interest to an attacker. Such a resource can be hardware, software, or a piece of data that can be found in any of the 3 layers of the IoT architecture. Typical IoT assets include devices, smart or connected equipment, communication channels, communication protocols, and applications. Brief discussions of the application areas shown in Figure 2 are presented below along with the list of identified cyber assets per domain. Figure 3 depicts some of the important assets that can be found on the application domains.

• Smart home: Is a house or living environment where household appliances like toasters, washing machines and other everyday devices can be remotely monitored and controlled71 using smartphones, tablets, or laptop computers from anywhere in the World via the Internet or private network. This might enhance home care and monitoring, access control, energy efficiency, convenience and quality of everyday life. Smart TVs, security cameras, thermostats, refrigerators, door locks, garage door openers, and smart hubs are typical cyber assets in the smart home domain.
• Smart grid: This is an energy delivery concept that promises to optimally and efficiently deliver the highest quality of energy at the lowest cost possible.72 It will provide more accurate monitoring and control adaptation, where consumers can analyze their consumption pattern via the 2‐way communication between their smart meters and the operators.73 Typical smart grid cyber assets are: smart meters, remote power outlets, transformers, Power Line Communication (PLC), data concentrators, load balancing systems, and data centers.
• Smart city: Is the city that employs digital technologies to improve services in key sectors of the economy like healthcare,74 75 water,76 energy,64 77 transport,78 and waste‐water treatment79 for the well‐being of its citizens. A smart city is also expected to be proactive to global challenges.80 Examples of smart city cyber assets include: power‐generation/distribution systems, Intelligent Transportation System (ITS), street lights, Advanced Metering Infrastructure (AMI), water/waste‐water treatment facilities, water distribution systems, WSNs, communication systems, Closed‐Circuit Television (CCTV) cameras, and LBSs.
• Smart transportation: An IoT based ITS is expected to provide a safer,81 cleaner and more efficient transport system82 by using real‐time traffic information and interconnecting vehicles and roadside infrastructures for more efficient data acquisition, processing and decision making.83 Additionally, it will improve quality of life by decreasing congestion, and hence shortening travel time, as well as reducing fuel/electricity usage.84 While smart transportation may sometimes be considered part of smart city, it is actually a distinct application domain.858687Typical cyber assets in smart transportation include: connected cars, traffic lights, parking guidance systems, and dynamic traffic management systems.
• Smart healthcare: Refers to a health care paradigm that allows for remote healthcare monitoring88 and Telehealth,89 where doctors and other medical practitioners can examine, diagnose and treat patients remotely. Smart healthcare services are becoming commonplace, especially in countries like India.88 90 Typical cyber assets in this domain include: glucose monitoring systems, infusion pumps, implantables, pacemakers, insulin pumps, electrocardiograms, medical databases and mobile devices like smartphones.
• Smart manufacturing: Is the fourth revolution of the manufacturing industry (Industry 4.0),91 a technological convergence between the existing manufacturing technologies and other technologies such as IoT, CPS, Internet of Services (IoS), WSNs, cloud computing, Artificial Intelligence (AI) and machine learning, creating a manufacturing paradigm that responds in real‐time to changes in factory conditions, and customer needs. By analyzing massive data collected from smart devices and sensors, early warning of product quality defects, as well as impending machine failures can be predicted in real‐time to guarantee efficiency and quality.92 Typical cyber assets include smart equipment, WSNs, factory databases, computers, web servers, web applications, communication channels, and intellectual property.
• Smart supply chain: Refers to a proactive and customer‐centric monitoring, tracking, and remote asset management system that integrates different technologies to provide information on location, status, environment, and functionality of products and services. Typical technologies used include IoT, WSNs, RFID, CPS, big data, cloud computing, advanced analytics, and semi‐autonomous decisions enabled by AI to build an optimized supply chain that reduces operational costs,68 improves assets identification along the chain,93 and allows for timely responses to unexpected events. Blockchain is another novel technology that will greatly facilitate smart supply chain, and is recently being use in smart supply chain management.94 Smart supply chain uses enormous amount of real‐time data derived from different sources, allowing multiway communication between partners, thus making it is fully transparent to all stakeholders, from suppliers of raw materials to the shippers of the raw materials and the finished products, and finally to the customers. Typical cyber assets include WSNs, RFID devices, databases, computers, web servers, mobile applications, web applications, smartphones or tablets, and communication channels.
• Smart wearables: Are end‐to‐end integrated gadgets embedded with smart sensors and actuators that connect wirelessly to the smartphone or tablet of the user, often using Bluetooth Low Energy (BLE) technology. They are usually worn on the wrist, clipped to the body, or hung around the neck for the purpose of staying fit, being more organized, losing weight, staying active, or for tele‐medicine purposes.95 The applications of smart wearables span across different domains, including sports, healthcare, entertainments, and military.96 Typical cyber assets in smart wearables include wearable devices, smartphone or tablet, mobile applications, WSNs, and communication channels.
• Smart agriculture: Is a sustainable farming practice that employs IT and other relevant technologies to increase the per unit yield of farming land by optimizing water use and preserving other natural resources in order to increase crop yields and financial returns.97 98 Smart farming also enhances precision livestock farming, where farm animals are monitored for prompt disease detection, early treatment and nutrition interventions.99 Examples of cyber assets in this domain include: soil moisture sensors, livestock monitoring sensors, greenhouse sensors, irrigation controllers, atmospheric monitors, and aerial drones.

4.1 Security requirements

There exist different security issues to be addressed within the 3 layers of the IoT architecture. For example, the perception layer is vulnerable to all sorts of physical attacks, such as malicious tampering of end devices and their communication links, and Denial‐of‐Service (DoS) attacks. The network layer is exposed to several threats found in the traditional computer networks; it also has some vulnerabilities that are more specific to the IoT, including network protocol issues, privacy disclosure, and compatibility issues. Like any other IT client with Human‐Machine Interface (HMI), the application layer also has some vulnerability issues such as data access, security authentication, and malware.100

Security requirements, which are essentially the basis for measuring security, can be defined as a set of conditions that describe properties of IoT security goal. Security goals such as confidentiality, integrity, availability, and nonreputation are considered as properties to achieve security objectives.101 Considering the diversity in the IoT ecosystem, there is need to effectively specify the security requirements that describe more concretely what measures and controls must be prescribed to assure the security of each of the application domains.

Generally, the primary goals of network security can be described in terms of 3 fundamental security properties: confidentiality, integrity and availability, usually coded by CIA.102 103 However, the aforementioned security properties have been broaden over time to include other security properties like authenticity, authorization, nonrepudiation, accountability, reliability, privacy, and physical security. Below, we provide brief descriptions of these security properties.

• Confidentiality: Is the property that ensures that information is not disclosed or made available to any unauthorized entity. There are growing concerns over the confidentiality of the IoT104 105 since such connected devices are often used for transmitting confidential data.
• Integrity: Is the property of safeguarding the correctness and completeness of assets in an IoT system. Connected devices often store sensitive data locally,106 which include personal user data like credit card numbers and medical records, manufacturers data, and service providers data. They may include data that is critical to the security of the system, such as media decryption keys, business plans, product designs, billing logs, and so on.
• Availability: Refers to the property which ensures that an IoT device or system is accessible and usable upon demand by authorized entities. Availability can be affected by technical issues like device malfunctioning, natural disaster such as storm or flood, or human activities, which may be accidental or deliberate. Availability can be ensured by preventive maintenance and using up‐to‐date software. Redundancy and fail‐over minimize the effects caused by hardware issues.
• Authenticity: Is the assurance that information transaction is from the source it claims to be from. Device authenticity can be verified through authentication, which involves proof of identity. Device authentication enables a device to access a network based on credentials stored in a (presumably) safe location. The device authenticates itself prior to receiving or transmitting any information.
• Authorization: A property that determines whether the user or device has rights/privileges to access a resource, or issue commands.
• Non‐repudiation (NR): NR is the security property that ensures that the transfer of messages or credentials between 2 IoT entities is undeniable. It is often achieved by using a Trusted Third Party (TTP),107 which provides an evidence of the transaction.
• Accountability: Is the property that ensures that every action can be traced back to a single user or device.
• Reliability: Refers to the property that guarantees consistent intended behavior of an IoT system.
• Privacy: In the context of IoT, privacy refers to the control of the user over the disclosure of his data. Privacy is becoming specially relevant in the context of IoT,108 109 where devices monitor and collect data from the life of users.
• Physical security: Refers to the security measures designed to deny unauthorized physical access to IoT devices and equipment,110 and to protect them from damage or harm.

The following are some security services or mechanisms that can be used to achieve security requirements.

• Authentication: Is the security service that verifies the identity of a user or device.
• Access control: In the context of IoT, access control refers to the security mechanism that limits the actions or operations of a legitimate user or device in an IoT system, as well as defining a limit for programs executing on behalf of the legitimate user.
• Encryption: Is the process of translating or encoding an information into a secret code such that only authorized entities can decode it.
• Secure booting: This security feature enables a device to check every software using digital signature or checksums, including the operating system, when the device is first powered on, or whenever it restarts. This will ensure that only authorized software run on the IoT device.
• Secure updates: Ensure that smart devices authenticate security patches from operators using digital signatures so that patches cannot be intercepted, extracted, and modified, thereby preventing updating interfaces from turning into security holes themselves.
• Back‐up: Is copying and archiving of valuable data for the purpose of restoring the original in the event of data loss.
• Securing physical location: Refers to putting obstacles like locks and fencing in the way of people with malicious intention, as well as hardening physical sites against accidents and environmental disasters.
• Device Tampering Detection (DTD): In the context of IoT, DTD refers to the security mechanism that ensures that any attempt to tamper with an IoT device or network (whether logically or physically) is detected.

4.2 System models, threat models and protocols/technologies per domain

System models, threat models, and protocols/technologies are the essential components needed to describe the security status of a system and the associated threats, which can help IoT designers, developers and administrators to identify and deal with threats in the IoT. The following subsections present in detail the description of the system models, threat models, and protocols/technologies for each of the 9 application domains.

4.2.1 System models

A system model is the conceptual model that represents a system and provides the overall description of the functionality or behavior of a system. Abstraction is one of the fundamental concepts in system modeling, which involves hiding certain underlying details in order to focus on the essential features of the system. While there are many other modeling techniques,111 112 we present the system models using simple diagrams (Figure 4) to show clearly the interactions between system components, between actors and a system, as well as the interactions between a system and its environment. This will allow accurate characterization of the systems with respect to their associated security risks and threats.

Smart home system model—The system model in Figure 4a comprised of a controller, which can be any IoT home automation hub, a wireless router, and 8 Wi‐Fi enabled smart home appliances that can interface with a home automation software platform such as OpenHAB and Home Assistant. The software platform allows a user to wirelessly control devices from a smartphone or any computer on the home network. The controller is connected to the home network via the router Ethernet interface. A Raspberry Pi Single‐Board Computer (SBC) can also be configured as the controller. The messaging protocol often employed for communication between the home automation software platform server and the smart devices is the MQTT. A typical lightweight server that implements the MQTT protocol is the Eclipse mosquitto.

Smart grid system model—The proposed system model in Figure 4b decomposes the smart grid system into its various subsystems, showing physical/logical relationships between the various components and the necessary information flow among them. The figure illustrates a use case of a typical smart grid that generates electricity using solar and wind renewable technologies. The different components are generation, transmission, distribution, operations, service provider, and customer; and it is assumed that these components interact with each other using a number of communication protocols that will be discussed in the last subsection. Real‐time remote management and control can be achieved using the operations subsystem via the network.

Smart city system model—A typical smart city is usually made up of many components, however, in the proposed system model, we assume only 5 components, namely, citizens, smart buildings, urban infrastructure, economic activities and smart city database management, as depicted in Figure 4c. Each of these components is composed of many subsystems, and it is assumed that these subsystems interact seamlessly, allowing for a smooth flow of information between the various components. For example, a few subsystems in the economic activities component include smart banking system, smart manufacturing and smart supply chain.

Smart transportation system model—The proposed system model shows a robust transportation system that exploits seamless information coordination and exchange across the different components of the network to provide an efficient and safe transportation. The system components include smart traffic lights, cameras, radar, GPS, smart vehicle, smart trains, and smart road infrastructure, as illustrated in Figure 4d. The system utilizes real‐time GPS location data, traffic flow prediction mechanism, location‐based services, smart traffic light scheduling management, and enormous amount of sensor data collected from different areas in the network for making final decisions.

Smart healthcare system model—Figure 4e shows a typical smart healthcare monitoring system. The proposed system model consists of 2 outpatients, a smart hospital, and an emergency team. The 2 outpatients are: a typical patient wearing Electroencephalography (EEG) sensor, Blood Pressure (BP) sensor and Blood Glucose (BG) sensor, and an elderly patient that needs constant monitoring, wearing Electrocardiogram (ECG) sensor and BP sensor. The sensors on the patients bodies continuously collect and send data to their smartphones via Bluetooth, and the smartphones in turn upload the data to the medical server via the Internet. In case patients are in critical condition, these sensors can immediately report the physical condition of the patient to the emergency team and to their doctors for appropriate actions to be taken.

Smart manufacturing system model—As manufacturing industries strive to meet and adapt to the dynamic customer requirements in the current industrial transformation (Industry 4.0), we proposed a system model represented in Figure 4f. It is comprised of smart factory with its various subsystems, distribution center, renewable energy sources, business systems and their associated process management tools like the Enterprise Resource Planning (ERP) software, smart supply chain, customer, and secure enterprise Virtual Private Network (VPN) connection that allows remote workers to securely connect to corporate networks. Sensor data and manufacturing operations across these interconnected manufacturing components can be utilized in order to achieve better business objectives. This represents a paradigm shift from centralized manufacturing towards a more decentralized production empowered by sensor data‐gathering, IoT, CPS, and analytic capabilities, where information from a variety of sources and locations can be leveraged to enhance production and services.

Smart supply chain system model—In Figure 4g we proposed a system model for smart supply chain based on Blockchain comprising production and distribution systems of geographically dispersed enterprises that collaborate in a secure manner to jointly and efficiently produce and deliver end products to customers. In the context of supply chain, IoT security issues will typically revolve around authentication, connection and transaction. However, using the distributed ledger in Blockchain, the enterprises, namely, supplier of raw materials, factory, and distributor can conduct business transactions in a trusted and secure environment. The immutable record of Blockchain enables reliable creation of networks histories, allowing for tracking the actions of network devices.

Smart wearables system model—The proposed smart wearable system model shown in Figure 4h is made up of different components, including an athlete, an elderly outpatient, a coach, an emergency team, a doctor, and a weather forecast server. The athlete is wearing ECG sensor and motion sensors, and the elderly patient is wearing ECG sensor, respiratory rate sensor, and motion sensors. These sensors collect and send data to the smartphones via Bluetooth on regular basis, and the smartphones upload the data to a cloud server via cell phone network. The coach can only access information pertaining to the progress of the athlete; similarly, the doctor can only access information pertaining to the health of his patient. However, in case of emergency condition, the emergency team and the doctor will receive an urgent message from the ECG sensor on the athlete, or from the ECG sensor and/or respiratory rate sensor on the patient.

Smart agriculture system model—Figure 4i shows a diagram representing the proposed smart agriculture system model. Plants normally require specific environmental conditions for optimal growth, health and overall crop yield. Thus, the system model consists of different sensor networks for measuring soil moisture, temperature, sun light, humidity, as well as sensor networks for monitoring the location of farm animals, and for prompt disease detection. Onboard the UAV are a SBC, a flight control system (autopilot) like Pixhawk, sensor and camera. The sensor is used to collect real‐time data from the flight control system every second and sent to a server via 4G LTE dongle attached to the SBC. The autopilot can also receive commands through the server, hence by connecting to the server via the Internet, the farmer can control the drone by viewing the real‐time data and issuing control commands.

4.2.3 Protocols and technologies

In a network, devices need to speak the same language and agree on a set of rules to be able to exchange information with each other. This set of rules is also known as protocol in the computer networking world. Protocols specify how signals are sent from one device to another, or multiple devices, in order to trigger a desired behavior.116 In the IoT, diverse entities communicate over the network using different set of protocols and standards, some of which are depicted in Figure 1 above. Based on their transmission range, IoT communication protocols can be classified into 2 main categories, namely, short‐range and long‐range. Examples of protocols in each category are already given in the previous section. Although there are several application protocols for the IoT as shown in Figure 1, for the purpose of describing the protocols, we employ the CoAP in all application domains as the application protocol, as shown in Figure 5. In the same vein, we use the Datagram Transport Layer Security (DTLS) as the security protocol in all application domains.

Smart home protocols and technologies—A Home Area Network (HAN)117 is a type of computer network that operates within a small area, such as a home or small office, and hence it is a critical enabling technology for smart homes. As a physical layer of a home‐based network, HAN is used to connect devices within the close vicinity of a smart home. HAN is also used to manage communication between the smart meter and other smart devices for smart home energy management.118 Preferred protocols and technologies for HAN have evolved over the years to provide seamless and secure communication among devices. They include ZigBee, Z‐Wave,119 Wi‐Fi/Low Power, Thread, BLE120 121 (wireless technologies), PLC (wired technology), and Ethernet. Typical examples of application and security protocols used in smart homes are CoAP122 and DTLS, respectively, as shown in Figure 5. A brief description of each protocol or standard is given below. Table 3 also provides a comparison of some important parameters of different short‐range communication technologies for IoT.123 124

• ZigBee: Is a low‐power wireless technology that operates in a mesh network, meaning that it uses a device to relay a signal to other devices, thereby expanding the network. It is based on the IEEE 802.15.4 standard for Personal Area Network (PAN) and operates in the 2.4 GHz Industrial, Scientific, and Medical (ISM) band. The application focus of ZigBee includes sensor monitoring and control.124
• Z‐Wave: Similar to ZigBee, Z‐Wave is a low‐power wireless communication protocol that can be used for remote control applications in homes and industries.125 However, Z‐Wave is about 6 times slower, but consumes less energy to cover the same distance as ZigBee.
• Wi‐Fi: Is any wireless networking technology that is based on the IEEE 802.11 standards. It provides highspeed Internet and network connections, and operates in the 2.4 and 5 GHz bands. Additionally, Wi‐Fi has less implementation complexity. The newer Wi‐Fi technologies are the 802.11n and 802.11ac standards ratified in 2009 and 2013, respectively. While the 802.11n introduced the optional use of the 5 Gb/s, the 802.11ac enhanced the speed of data transfers, such that data rate of up to 1 Gb/s is attainable.124
• Thread: First introduced in July 2014, Thread is a wireless networking protocol that supports a variety of IoT devices.124 Unlike ZigBee and Z‐Wave that are not IP‐based, Thread is based on the IPv6 over Low Power Wireless Personal Area Networks (6LoWPAN) wireless technology, and hence natively handles IPv6 address standard, however, it does not handles IPv4 Internet address standard. Like ZigBee, it is also based on the IEEE 802.15.4 standard.
• BLE: Is a short‐range wireless protocol based on the IEEE 802.15.1 and used for data sharing among devices. It significantly reduces power consumption of devices, potentially allowing for longer battery life.126
• PLC: Refers to a communication technology that enables the use of existing electrical power cables for transmitting and receiving information. Over the years, PLC has proved to be a viable technology for HAN applications due its low cost installations and broad coverage. Today, it is used for remote meter reading and other home automation.117
• Ethernet: Is the most widely used Local Area Network (LAN) technology that describes how devices can be networked for data sharing using cables. Ethernet is specified in the IEEE 802.3 family of standards.
• CoAP: Is an application layer protocol that allows constrained devices of the IoT to interact in an IP‐based HTTP‐like manner with little or no overhead. CoAP is based on User Datagram Protocol (UDP)/IP in order to enable low‐power devices to use RESTful services while meeting the energy constraints requirements.127
• DTLS: Is a form of Transport Layer Security (TLS) designed to provide security for applications and services that are built on top of UDP.128 Such applications like IoT are usually delay‐sensitive.

Table 3. Comparison of different short‐range communication technologies for IoT

	Technology
Parameter	ZigBee	Z‐Wave	Wi‐Fi	Thread	Bluetooth LE	PLC
Nominal range	100 m	30 m	150 m	30 m	10 m	10‐10,000 m
Data rate	250 kbps	40‐100 kbps	54 Mbps‐1 Gbps	250 kbps	1 Mbps	0.256‐200 Mbps
Operating frequency	868/915 MHz, 2.4 GHz	908.47 MHz (US), 868.42 MHz (Europe)	2.4, 5 GHz	2.4 GHz	2.402‐2.481 GHz	2‐100 MHz
Number of nodes per network	65,000	232	250/access point	300	one‐to‐many	N/A
Peak current consumption	30 mA	17 mA	116 mA	12.3 mA	12.5 mA	N/A
Power consumption per bit	185.9 μW/bit	0.71 μW/bit	0.00525 μW/bit	11.7 μW/bit	0.153 μW/bit	N/A
Power consumption	3.3 μW‐63 mW	∼5 mW	31.6‐100 mW	∼10 mW	1‐10 mW	N/A
Security	128‐bit AES	128‐bit AES	WPA2 ‐ AES	128‐bit AES	128‐bit AES	N/A
Network topology	Star, cluster, mesh	Mesh	Star, mesh	Mesh	Point‐to‐point, mesh	Star, mesh
IEEE standard	802.15.4	N/A	802.11n, 802.11ac	802.15.4	802.15.1	1901‐2010

Smart grid protocols and technologies—As shown in Figure 5, a smart grid consists of a suite of technologies that improve reliability, controllability and performance of the electrical grid. There exist a variety of protocols and standards for smart grid applications, including Device Language Message Specification/Companion Specification for Energy Metering (DLMS/COSEM)129 130; International Electrotechnical Commission (IEC) 62056 standards131; the Open Smart Grid Protocol (OSGP)132; Wireless Metering Bus (WM‐Bus)133; IEEE 2030; 6LoWPAN; ZigBee; Z‐Wave; Thread; PLC; CoAP, DTLS and Ethernet. Below we briefly describe the smart grid protocols and standards:

• DLMS/COSEM is the specification that describes communication protocols and an interface model for data communication with metering equipment.
• IEC 62056 is a set of standards for electricity metering data exchange that represents the international versions of the DLMS/COSEM standards.
• OSGP is a power‐line communication protocol for smart meters, published by the European Telecommunications Standards Institute (ETSI). It defines a high‐performance narrow band communication channel for data exchange between Smart meters and the data concentrator.
• WM‐Bus is a wireless protocol for smart metering that specifies communication between utility meters and concentrators, smart meter gateways and data loggers. The protocol is widely used across Europe.
• IEEE 2030 specifies how interoperability can be achieved in smart grid.
• 6LoWPAN is a low‐power adaptation layer protocol that allows wireless transmission of IPv6 packets over the IEEE 802.15.4 networks. It allows constrained wearable sensors used for health monitoring of patients to connect to the Internet using IPv6.

Smart city protocols and technologies—Smart city protocols have advanced over the years to ensure happier, efficient and safer life for citizens. They include: 6LoWPAN, Mobile Ad hoc Network (MANET),134 Unmanned Ariel Vehicle Ad hoc Network (UAANET),135 Vehicular Ad hoc Network (VANET), IEC 62056,131 Multiprotocol Label Switching‐Transport Profile (MPLS‐TP),136 137 Ethernet, ZigBee and other protocols within the IEEE 802.15.4 standard, CoAP, DTLS, and Wi‐Fi, as depicted in Figure 5. A brief description of some of the protocols or standards are given below.

• MANET is a temporary and dynamic network that configures itself on the fly without the aid of any centralized administration or standard support services.
• UAANET is a variant of MANET for unmanned aerial vehicles (UAVs) and Ground Control Stations (GCS). Through collaboration, it enables relaying data among UAVs and between UAVs and GCS.
• MPLS‐TP is a type of MPLS protocols (used in packet switched data networks for speeding up network traffic flow) defined by Internet Engineering Task Force (IETF). Being a simplified version for transport networks, non-relevant functions have been turned off.
• VANET is a form of MANET that enables vehicles to communicate with each other, vehicle‐to‐vehicle (V2V), and with roadside equipment over the Internet, Vehicle‐to‐Infrastructure (V2I).

Smart transportation protocols and technologies—As depicted in Figure 5, typical examples of smart transportation standards and protocols include IEEE P2030.1,138 IEEE 1609,139 VANET, UAANET, 6LoWPAN, ZigBee and other protocols within the IEEE 802.15.4 standard, Bluetooth LE (BLE), MPLS‐TP, Wi‐Fi,140 CoAP, DTLS, and Ethernet. Some of the protocols are briefly described below:

• IEEE P2030.1 is the standard that specifies the electrification of the transportation infrastructure.
• IEEE 1609 is a set of standards for Wireless Access in Vehicular Environments (WAVE) that specifies an architecture, as well as a set of services and interfaces that will allow secure V2V and V2I wireless communications.

Smart healthcare protocols and technologies—The protocols and standards that govern smart healthcare include IEEE 802.15.6,141 Wi‐Fi, BLE,142 6LoWPAN, ZigBee,143 Z‐Wave,144 Ethernet, CoAP145 and DTLS, as shown in Figure 5. The following are brief descriptions of some of the protocols or standards:

• IEEE 802.15.6 is a radio communication standard for WBANs. The protocol supports a wide range of applications for short‐range, low‐power, and reliable communication that can provide real‐time diagnosing and health monitoring of patients and the elderly. WBANs operate on the surface or inside the human body.146

Smart manufacturing protocols and technologies—The communication protocols and standards used in smart manufacturing include the Open Platform Communications‐Unified Architecture (OPC‐UA), DDS, MQTT, and Production Performance Management Protocol (PPMP),147 as shown in Figure 5.

• OPC‐UA is a M2M communication protocol for industrial manufacturing based on client‐server model, which is not limited to a specific data encoding. It provides a very good scalability in data modeling. OPC‐UA has been widely implemented in various domains such as smart grids and building automation.148
• DDS is a real‐time publish/subscribe M2M communication technology for efficient,149 ubiquitous and secure data sharing introduced in 2004 by the Object Management Group (OMG). The absence of brokers and servers in this standard, also known as middleware, simplifies deployment, maximizes scalability, increases reliability, reduces complexity and cost, as well as minimizes latency. DDS has been applied in many application areas like smart grid management and air‐traffic control.
• MQTT is a low power communication protocol for constrained devices, and arguably the most widely used protocol in the IoT application layer. It is also based on the publish/subscribe model, however, devices do not communicate directly with each other. They publish messages on a broker based on topics, and clients interested in such topics can retrieve the messages by signing in to the broker.150
• PPMP is a protocol proposed by Bosch, which specifies a format for capturing data needed for the monitoring of production process and data analytics.147 The protocol facilitates communication between machines and sensors, and Industry 4.0 software solutions. PPMP is easy to implement in a plant by users, and it can be freely used without licence fees.

Smart supply chain protocols and technologies—A promising driving technology for smart supply chain is the Blockchain, a transparent and secure technology with decentralized operations. Blockchain has innovative possibilities that can be used to automate various business processes.94 151 Considering the different technologies involved in smart supply chain, there will be many protocols and standards, including the tradition IPs, IoT protocols, and RFID protocols like the Ownership Transfer Protocols (OTPs), as depicted in Figure 5.

• Blockchain is a distributed ledger technology, an encrypted and shared database that serves as an incorruptible and irreversible repository of information, providing trust without the need for any trusted third party.152 It is the technology underlying Bitcoin. Applications of Blockchain in smart supply chain include automating purchase processes, security, and executing smart contracts.153
• OTPs are security and privacy protocols that allow the secure and seamless transfer of ownership of RFID-tagged objects from a current owner to a new owner.154 155 In a supply chain, change of ownership usually occurs when a distributor delivers tagged products to a retailer. Hence, 3 entities are involved, the original owner, the new owner, and the tag.156

Smart wearables protocols and technologies—The most common technologies that allow smart wearable devices to transfer data to other devices, and to talk to each other are BLE and ANT+, as shown in Figure 5. Although ANT+ has a longer battery life,157 BLE is currently the protocol of choice in the smart wearable industry because of its simplicity and low energy consumption.158 BLE is poised to continue to play an important role in the future low‐power smart wearable IoT devices. In an effort to diversify its applications, the Bluetooth Special Interest Group (SIG) has recently introduced Internet Protocol Support Profiles (IPSP), and HTTP Proxy Service (HPS) to facilitate Internet accessibility for Bluetooth smart devices through a BLE gateway.159

• ANT+ is a wireless protocol that allows collecting, tracking, and transferring sensor data among devices with the ANT+ technology. It uses the 2.4 GHz license‐free band, which provides high‐quality communication at low‐power using low‐cost transceivers. ANT+ networks can be configured into peer‐to‐peer, star, tree, and mesh topologies.160

Smart agriculture protocols and technologies—Wireless connectivity is usually employed in smart agriculture using the following or other protocols, as shown in Figure 5: ZigBee161 and other protocols within the IEEE 802.15.4 standard, 6LoWPAN, CoAP, DTLS, Wi‐Fi, MANET, UAANET, and Micro Air Vehicle Communication Protocol (MAVLink).

• MAVLink is a very lightweight and header‐only communication protocol for controlling micro aerial vehicles. The protocol is used for communication between the control station on the vehicle, also called autopilot like Pixhawk, and the GCS.162163164

5.1 Solutions based on cryptographic primitives

Key management protocols are central in securing communication among smart devices, and many researchers are working intensively in this area. Eldefrawy et al165 propose a key distribution protocol for constrained WSNs devices. Their key agreement algorithm is based on public key cryptography, Rivest‐Shamir‐Adleman (RSA) and Diffie‐Hellman Elliptic Curve Cryptography (DHECC), in which pair‐wise keys between nodes are only established after deployment, contrary to the idea of equipping each node with full pair‐wise keys. A node shares keys only with nodes within a given routing path, thereby enhancing storing efficiency and reducing the risks of node capture. The authors claimed that their scheme enhances the re‐keying property of nodes and offers better scalability.

Adiga et al166 present their own secure M2M communication scheme as a promising solution that will ensure security and privacy in the IoT. The scheme is based on Identity‐Based Encryption (IBE) using elliptic curve cryptography, which requires no use of certificates. The authors employed the use of Tate Pairing schemes for encryption and decryption, which involves 4 steps, namely setup, extract (registration), encrypt and decrypt. Only public key generation center acts in the setup mode, and a party interacts with the center once during the extract phase (generation), while only concerned parties are involved in the encrypt and decrypt processes. The encryption and decryption schemes were implemented in Java and MATLAB, and performance analysis was carried out using a machine with Microsoft Windows XP professional operating system (OS) and Pentium 4 CPU, 2.80 GHz with 2 GB RAM processor, which shows that the scheme is not suitable for constrained devices.

Another key management scheme based on IBE that allows nodes with limited resources to delegate expensive computations to non‐constrained proxy nodes is proposed by Papanikolaou et al in.167 Unlike other Publickey cryptography schemes that need Public Key Infrastructure (PKI) to map keys to identities via digitally signed certificates, which incur heavy overhead in managing the certificates, in IBE, the public‐key is some arbitrary string of information associated uniquely with the user, such as e‐mail address, date of birth, and so on. Nonetheless, the high computational cost of IBE cannot be borne by most resource‐constrained IoT devices. To overcome this problem, the authors used IBE on elliptic curve cryptography, which is supported by embedded systems with limited resources. The proposed scheme allows a constrained node to share a secret with a remote node outside the network, which is usually non‐constrained, and hence can undertake extensive computations. This scheme promises to provide more secure communications among embedded devices for IoT applications.

A different scheme, combining IBE techniques with PKI is suggested by Li and Xiong in.168 Their scheme essentially consists of a Heterogeneous Online and Offline Signcryption (HOOSC) approach to practically secure communication between WSNs and an Internet host. The authors designate sensor nodes to be senders using IBE, while the Internet host a receiver using PKI. The HOOSC scheme uses the following algorithms: setup, IBE‐KG (key generation algorithm for IBE users), PKI‐KG (key generation algorithm for PKI users), Off‐Signcrypt, OnSigncrypt, and Unsigncrypt. A sensor node can send a message to the host by running the Onsigncrypt algorithm, which is a light computation like exclusive OR, and the Internet host recovers the message from the ciphertext by running Unsigncrypt. In this manner, the proposed scheme reduces the computational overhead of sensor nodes. The authors claimed that their scheme provides end‐to‐end confidentiality, integrity, authentication, and NR services. However, security is only guaranteed when sensor nodes send message to an Internet host, and not the other way around.

Saied et al169 propose a lightweight collaborative approach for key establishment scheme to make the existing security protocols suitable for these devices. Instead of reducing the cost of cryptographic algorithms, the proposed collaborative scheme relieves the resource constrained devices of the computational and communication overhead incurred during key exchange by assigning these burdens to the less constrained neighboring nodes, also known as proxies, which assist in carrying out the tasks. The authors argue that using this scheme, constrained nodes can save up to 35% of their energy during key transport of TLS handshake, when compared to other schemes.

Garcia‐Morchon et al170 propose 2 different security architectures based on 2 standardized IP protocols. The first architecture is based on Host Identity Protocol (HIP), while the second uses DTLS. The authors claim that these architectures will ensure that all interactions of IP‐based IoT devices, including those with limited resources, are protected from cyber attacks. The proposed architectures promise to address secure network access, secure communication and key management issues associated with these IoT devices. The authors implemented these architectures in C and tested them on Cooja simulator. They were also installed on Redbee Econotag hardware running Contiki OS 2.5 (an open source OS that is used on resource‐constrained IoT devices). After comparing the 2 approaches, results show that the HIP based approach performs better than the DTLS based solution in terms of memory footprint (the HIP based mechanism uses less memory), communication cost and resilience to packet loss.

Petroulakis et al171 present a lightweight framework for ensuring security, privacy and trustworthy life‐logging in smart environments. Although there is no specific or concise definition of the proposed lightweight framework in the paper, the authors used an experimental test‐bed for investigating energy consumption for the secure lifelogging to describe the framework, which consists of 2 users (represented by Digi XBee Pro 802.15.4 devices) and one adversary whose aim is to overcome the security barrier on the communication between the 2 users. A radio peripheral (USRP2) with a XCBVR2450 dual‐band transceiver is used as the adversary. The experiments were conducted for 3 different scenarios: when there was no encryption, with Advanced Encryption Standard (AES) encryption and with AES encryption and there are 10 dropped packets on the devices. Results reveal that there is about 15‐30% increase in energy consumption when securing the communication.

Sciancalepore et al172 suggest a Key Management Protocol (KMP) for mobile and industrial IoT devices, which is integrated at the layer‐2 of the protocol stack based on IEEE 802.15.4 technology. The authors leverage the fact that Elliptic Curve Qu‐Vanstone (ECQV) can be used to generate lightweight implicit certificates. They also exploit the secret sharing mechanism of Elliptic Curve Diffie Hellman (ECDH) to develop the KMP algorithm, such that ECQV and ECDH collectively provide the needed authentication and key agreement services. The proposed scheme was implemented on a platform that is based on TelosB, and results show that the scheme provides fast re‐keying, protection against replay attacks, robust key negotiation and lightweight node authentication.

5.2 Solutions based on authentication and access control protocols

Authentication and access control play essential roles in ensuring security and privacy of IoT devices. Authentication prevents unauthorized entities from gaining access to assets by assuring that the communicating entities are the ones they claim to be, while access control prevents unauthorized use of a resource. Designing and implementing authentication and access control for constrained devices is a serious research challenge facing the IoT research community, and thus there are several works on this subject. For example, Liu et al173 propose an authentication and access control protocol for IoT using Public Key Cryptography (PKC). The authors employed the use of Elliptic Curve Cryptography (ECC) for key establishment between 2 entities, which happens in 3 steps. They adopted Role‐Based Access Control (RBAC) for access control policy. The authors suggest that handling of enormous resources can be achieved by preregistration on nearby trustworthy access point called Registration Authority (RA). Also, all users are registered using the Home Registration Authority (HRA). The proposed protocol uses a 7‐step procedure for accessing a thing, which involves the entities: User, thing, RA and HRA. Since central authentication is possible using OpenID technology, where users with a single account are allowed to log on to several sites by authenticating only one identity provider, the authors used the OpenID for authenticating users. The authors carried out a security analysis, and their results show that the proposed approach can provide protection against eavesdropping, MitM, key control and replay attacks.

Some improvements to the protocol proposed by Liu et al are suggested by Ndibanje et al.174 The authors carried out a cryptanalysis of the protocol, where they discovered that the scheme proposed by Liu et al is vulnerable to compromised device attacks and replay attacks. Additionally, they found that message exchange in that protocol incurs unnecessary overhead. In the quest to solve these problems, they propose some improvements based on 5 assumptions. They categorized the improvements into 2 phases, namely registration and authentication. Registration phase: in order for users and gateway nodes to share the secret key for authentication, initial registration with HRA server is a prerequisite for users, but the RA functions as in the scheme of Liu et al. The authentication is further divided into 2 phases, namely login phase and verification phase. The login phase is used to access IoT network, while the verification phase is used to authenticate a user. The authors also included an additional function that allows for password change or recovery. After analyzing the enhanced protocol, results show that it satisfies the primary security goals in the IoT, and also reduces the cost of communication.

Another authentication and access control scheme that is based on CoAP is presented by Pereira et al.175 The proposed framework for CoAP‐based IoT leverages the advantages of Kerberos and Remote Authentication Dial In User Service (RADIUS) schemes to come up with a new proposal that can provide fine‐grained and energy efficient Authentication, Access control and Accounting (AAA) solution for resource‐starved IoT devices on a per service basis. The authentication and access control process comprises 2 steps. Authentication is the first step, which involves determining the legitimacy of a user. The CoAP‐Network‐attached Storage (NAS) checks information about a user in terms of permissions, group, ticket time out, etc., and the CoAP‐NAS sends a valid ticket if the user is successfully authenticated. Access control is the second step, in which a valid ticket accompanies every client request specifying the access rights of a user, and the server responds with an error message to any client request without a valid ticket. The proposed access control mechanism was tested on many services with diverse permission types, and results show that the scheme responds to requests according to clients permissions.

Jan et al176 suggest an alternative approach, which is a lightweight mutual authentication scheme that verifies the identities of the devices (clients and servers) that are to take part in communication for resource observation in a CoAP‐based IoT environment; the scheme also allows the verified clients to have access to various resources based on their respective requests. The authors clearly pointed out that their scheme is basically an enhancement of the security features of the CoAP protocol in order to make it more robust, efficient, and able to defend against a number of threats. Hence they suggest a robust, easy to implement and less computationally expensive authentication algorithm as an alternative to the DTLS. The proposed authentication process uses 4 handshake messages and incurs less than 1024 bits as connection cost, and it completes using the 128‐bit AES. Although the proposed scheme is able to defend against eavesdropping, key fabrication, resource exhaustion and DoS attacks, the authors acknowledge that the scheme is not an effective solution against Sybil attacks. They further highlighted some other threats that have not yet been explored in an IoT domain, which include wormhole, sinkhole and selective forwarding.

Kothmayr et al177 present a 2‐way authentication architecture for IoT that is based on the DTLS protocol. Their security scheme, which is based on RSA, works on top of the UDP/IP networking technology for 6LoWPAN. In this scheme, authentication is carried out during verified DTLS handshake that is based on exchange of certificates containing RSA keys. As a proof of concept, the authors implemented the architecture on a constrained device, and results show that with minimum energy consumption, the proposed scheme provides integrity, confidentiality and authenticity.

Turkanović et al178 propose a user authentication and key agreement scheme for heterogeneous ad hoc WSNs for IoT applications. The proposed scheme allows a user to securely access a particular node of interest from a WSN without directly going through the gateway node by using a rare 4‐step authentication model. There is also a provision for a user to dynamically increase the number of sensor nodes he can access. The authors use a lightweight key agreement protocol in order to ensure mutual authentication between participating entities (user, sensor node and gateway node). In order to ensure that the scheme is suitable for a resource constrained device in the IoT, the authors avoided the use of expensive computations by using simple hash and Exclusive‐OR (XOR) computations instead. After 2 phases of registration, a user logs in using a smart card, and for the authentication, the user sends authentication message directly to a sensor node of interest, and a secure communication can start after a successful session key negotiation. Results of the security evaluation show that the proposed scheme can protect against replay, privileged‐insider, stolen verifier, stolen smart card and smart card breach, impersonation and many logged‐in users with the same login‐ID attacks.

A different idea is introduced by Lee et al ,179 who propose a lightweight authentication protocol for RFID in the IoT. Although their paper does not clearly explain their architecture, the authors argue that their method, based on XOR manipulation can replace complex encryption process based on hash functions. The authors run the operation procedure of the proposed protocol on a finite state machine they built, and based on the simulation results, they claimed that mutual authentication for RFID in IoT is achievable using their proposed protocol.

Considering the significant growth of wearable IoT devices and the new trends in electronic payments, Yohan et al180 propose a secure BLE based authentication protocol for micropayment with IoT Wearable Devices (WD). The proposed scheme is based on mutual authentication between the WD and the Wearable Payment Counter (WP counter). Thus, communication is only between these 2 entities without the help of any intermediary device like smart phone. This protocol generates unique session key that is used for each communication process along with secret string stored in both WD and WP counter. The proposed protocol consists of 3 stages: the initialization stage, the authentication stage, and the payment stage. The authors described in 4 steps the process of authentication. They claimed that the proposed protocol can protect against 5 major attacks, namely session hijacking, bogus payment counter, passive eavesdropping, replay, and MitM attacks.

5.3 Hardware‐based solutions

Software‐based security schemes remain vulnerable to certain types of attacks. For example, if a smart device can be accessed, it will not be too difficult for a malicious entity to clone or change its behavior by infecting it with rogue code. The effect is maximized if the device is infected with a bootkit malware that corrupts the boot‐up sequence, which can consequently cause the device to load and run malicious code. It is difficult to prevent such attacks by using software‐based security alone. Hence, many researchers argue that embedded and hardware security approaches can provide the underlying support to address the security and privacy issues related with IoT devices.

One possible approach for addressing these issues is the use of PUFs, proposed by Kanuparthi et al .181 Essentially, PUFs are circuit primitives that can derive secrets from physical characteristics of Integrated Circuits (ICs), instead of storing secrets in digital memory. PUFs can be used to provide low cost authentication by generating secret keys that can be used for cryptographic computations. They show that by combining sensing and cryptography, sensor PUFs can provide data provenance and integrity. They describe how PUFs can be used by selecting challenge response pairs at random, to address forge identity threats. The authors also show that effective trust management can be achieved using PUFs and hardware performance counters; and finally, they describe how confidentiality and privacy of users can be guaranteed by using lightweight encryption algorithms.

Xu et al182 discuss the use of digital PUFs for hardware security in optimizing intensive computer‐aided design (CAD) for the design of more secure IoT devices. The authors observed that the analog key hardware‐based security PUFs are cumbersome to integrate into digital designs, hence they advocate the use of digital PUFs also known as Public Physical Unclonable Functions (PPUFs), which enable the creation of public key protocols. The authors believe that hardware‐based security solutions based on optimized CAD will show more resilience against side‐channel and physical attacks, and they will also serve as good platforms for the implementation IoT protocols, because of their energy efficiency.

In the same vein, Aman et al183 present a preliminary PUFs based mutual authentication protocol in IoT systems. The authors argue that the unique characteristics of PUFs can be exploited to provide security in IoT devices without the need to store secrets in such devices. The authentication process has 4 steps, consisting of 3 messages each. In step 1, an IoT device starts the authentication process by sending its ID to a server, and after some computations, the server verifies the message using a MAC in step 4. If the server verifies the MAC of message 3, it means the authentication is successful. However, if MAC verification fails at any step, the authentication fails. The authors claimed that the proposed protocol is secure against many attacks, including cloning or impersonation, replay, eavesdropping, MitM, spoofing, interleaving and physical attacks.

Approaching the subject matter from a different perspective, Rose184 suggests the use of nanoelectronic hardware technologies like metal‐oxide memristors for implementing security primitives and protocols in emerging IoT devices. The rationale being that nanoscale security primitives would provide the required levels of security with a very small form factor, while consuming negligible amount of energy. The author used memristive Crossbar PUF (XbarPUF) that is based on Write‐Time Memristive PUF (WTMPUF) as a case example. Although XbarPUF does not depend on precise write‐time, the author discovered that it performs in the same way as the WTMPUF. Moreover, the performance of XbarPUF is similar to circuits implemented using Complementary Metal‐Oxide Semiconductor (CMOS) like Arbiter PUF (APUF), while decreasing transistor count. Additionally, the amount of power consumed by XbarPUF during the study was considerably smaller in comparison with WTMPUF and APUF.

Babar et al185 propose an embedded security framework for IoT based on hardware/software methodology. The authors observed that balancing the trade‐offs between cost of security and performance in the IoT is not an easy task, and hence they asserted that, in order to realize a cost effective and well established design that will meet the fundamental security goals, there is a need to combine both hardware and software implementations of security mechanisms. Therefore, the architecture consists of hardware and software levels supported at the physical and MAC layer by lightweight standardized protocols. Their security framework (which has the following features: lightweight cryptography, physical security, standardized security protocols, secure operating systems and secure storage) suggests that security should be built into the device itself. The proposed architecture promises flexible and rigorous detection, diagnosis, isolation, and quick intervention against successful breaches.

In another contribution focusing on the use of digital fingerprints for things authentication (similar to biometrics for human authentication), Aysu et al186 propose the generation of digital fingerprints using popular MEMS sensors (eg, accelerometer) for low‐cost platforms. In order to generate device unique electronic signatures, the authors exploited the random process variations at the time of manufacturing the ICs, and for MEMS accelerometers, the process variations produce a static offset sensor data. These unique values can be obtained by applying electrostatic impulse to the accelerometer and measuring its response. The proposed technique was demonstrated on ADXL345 accelerometer, and results reveal that it is possible to use MEMS sensors for digital fingerprints for run‐time things authentication applications.

5.4 Solutions for specific application domains

This subsection presents some lightweight security and privacy solutions for resource constrained devices that have been tailored for some specific application areas of the IoT.

Yan et al187 propose an efficient Integrated Authentication and Confidentiality (IAC) security protocol for securing AMI communications in smart grid, which is based on a communication architecture that has a hop‐by‐hop data collection and forwarding mechanism. Their protocol consists of the following processes: initialization for authentication, meter reading collection for user data confidentiality and control message distribution for control message confidentiality. The authors used mutual authentication so as to establish secure key pairs between an authentication remote server and a smart meter for secure data communications. Security analysis reveals that the proposed protocol can offer more efficient and secure data collection as well as better message delivery between smart meters and a local collector.

For solutions in smart healthcare, Lee et al188 propose a secure key management scheme based on ECC for protecting medical information of patients, which consists of 3 phases: setup, registration and verification and key exchange. The authors employed ECC due to its small key size and low computational cost, they also used SIM card numbers of the smart phone of patients as the identification code, while patients are allowed to compute their full private keys instead of depending on a third party. The proposed scheme also uses hashed counter number in the process of authenticated message exchange so as to protect against replay attacks. However, the authors did not present any experimental results.

In the same vein, Picazo‐Sanchez et al189 propose an architecture based on Publish‐Subscribe protocols for heterogeneous medical WBANs that are used as wearable and implantable sensors and devices. Due to the possibility that medical sensors may coexist with other sensors and devices, the authors used these 2 protocols that are based on the Ciphertext Policy Attribute‐Based Encryption (CP‐ABE) scheme, a lightweight paradigm proposed recently, since the CP‐ABE primitives allow sensors to subscribe to the data published by different devices and sensors using a constant size decryption key. The proposed scheme provides a fine‐grained access control by using Lattice‐Based Access Control (LBAC) policies that utilizes only AND operations; and experimental results show that the proposed scheme can be used on most of the sensors in use today.

Liu et al190 present a scalable, regular and highly optimized ECC library that achieves high performance for scalar multiplications on both AVR‐based and MSP430‐based sensor nodes, such as MICAz and Tmote Sky with different levels of security. The authors also define a new family of lightweight elliptic curves (MoTe curve) for resource‐constrained sensor nodes. Their parametrized implementation of elliptic curve group arithmetic, which has 2 different versions of designs, supports pseudo‐Mersenne prime fields. First, the high‐speed version (which aims at setting a new speed record) achieves high performance, while the memory‐efficient version (aims at saving memory space) requires only half of the code size of current best implementation. The authors also developed a model for evaluating the energy consumption of cryptographic schemes. Both versions can defend against timing and Simple Power Analysis (SPA) attacks.

5.5 Current IoT security mechanisms

Although addressing IoT security issues from a holistic point of view remains a bottleneck, there are quite a few lightweight security mechanisms currently in use, which are based on a number of security techniques and cryptographic algorithms, including hash functions, XOR encryption, access control, and lightweight public‐key cryptographic schemes based on ECC.

1. In IoT, hash functions and Cryptographically Secure Pseudo Random Number Generators (CSPRNGs) can be used to implement security solutions for IoT devices and embedded systems. For example, a hash function and a pseudo random number generator (PRNG) based on AES (in this specific case) have been used to implement a security for embedded microprocessors that uses less memory and consumes less energy.191 Similarly, a hash algorithm is used to ensure integrity in smart home systems.192
2. XOR encryption is lightweight, and hence it is employed in many IoT security mechanisms.193 For instance, a lightweight authentication protocol for IoT was developed based on XOR manipulation.179 In the same vein, a secure tag search scheme based on XOR and PRNGs for RFID that protects against tracking of tags was proposed in.194
3. Access control: A robust IoT security policy should specify who or what has access to what, and to which extent. This is particularly important for accessing information contained in or generated by edge devices in the perception layer of the IoT. Access control is the technology that is currently being used to achieve this objective. A number of lightweight security mechanisms have been proposed over the years to efficiently inhibit improper access to information in the IoT while considering the inherent restrictions imposed by IoT edge devices. A few security solutions based on authentication and access control have been examined in section 5.2, however, 2 solutions mainly based on access control are considered herein. Fotiou et al195 proposed a lightweight solution aimed at addressing the access control problem in the IoT. In this scheme, complex access control decisions are delegated to trusted third parties, which impose minimal overhead on the resource‐constrained devices. Their results show that the solution is secure and enhances end‐user privacy. Beltran et al196 presented SMARTIE, a user‐centric access control integrating platform for efficient security in smart cities. The authors claimed that their platform can ensure security, access control and user privacy for citizens sensitive information.
4. ECC is a type of public‐key cryptography based on manipulation of points on elliptic curves as well as number theory. Today, ECC is one of the most widely used public‐key cryptosystems to achieve security objectives, such as confidentiality, integrity, nonrepudiation, and availability. The primary advantages of ECC over the earlier cryptosystems like RSA are smaller key size and speed. With reduced key size, ECC based algorithms can provide the same cryptographic strength as their RSA‐based counterparts. For example, a 384‐bit ECC key is equivalent to 7680 bit RSA key. Consequently, ECC is emerging as an attractive cryptosystem for constrained environments such as IoT and embedded systems. For instance, Haripriya and Kulothungan197 proposed a mutual authentication scheme based on ECC self‐certified key management, where the public key of the highly constrained nodes in the IoT system is generated by the less constrained systems. A lightweight ECC for the Contiki OS was also implementation by Pinol et al,198 and it is released under the Berkeley Software Distribution license.

Researchers are still working on different aspects of IoT security and privacy. The most recently proposed IoT security mechanisms include the work of Zhu et al,199 who proposed an automatic identity framework for the IoT. The authors used Blockchain‐based Identity Framework to achieve identity self‐management by end users for a smart home scenario. The proposed framework can autonomously extract appliances signatures, and then create blockchain‐based identities for their appliance owners.

Another framework for enabling risk management for smart infrastructures with an anomaly behavior analysis intrusion detection system was presented by Pacheco et al.200 Their work is based on an anomaly behavior analysis method that allows the autonomic computing paradigm and an intrusion detection system to detect any threat capable of compromising IoT infrastructures.

In order to protect physical IoT devices from intruders, Nakagawa and Shimojo201 also proposed an IoT agent platform mechanism with transparent cloud computing framework for improving IoT security. Their mechanism is based on a transparent programming framework for IoT devices called Dripcast, which allows vendors to easily develop physical IoT devices.