The Internet of Things (IoT) will enable objects to become active participants of everyday activities. Introducing objects into the control processes of complex systems makes IoT security very difficult to address. Indeed, the Internet of Things is a complex paradigm in which people interact with the technological ecosystem based on smart objects through complex processes. The interactions of these four IoT components, person, intelligent object, technological ecosystem, and process, highlight a systemic and cognitive dimension within security of the IoT. The interaction of people with the technological ecosystem requires the protection of their privacy. Similarly, their interaction with control processes requires the guarantee of their safety. Processes must ensure their reliability and realize the objectives for which they are designed. We believe that the move towards a greater autonomy for objects will bring the security of technologies and processes and the privacy of individuals into sharper focus. Furthermore, in parallel with the increasing autonomy of objects to perceive and act on the environment, IoT security should move towards a greater autonomy in perceiving threats and reacting to attacks, based on a cognitive and systemic approach. In this work, we will analyze the role of each of the mentioned actors in IoT security and their relationships, in order to highlight the research challenges and present our approach to these issues based on a holistic vision of IoT security.
Incorporating IoT into our lives introduces many benefits into several domains such as health-care, transportation, safety and business. With the uninterrupted evolution of technology, new opportunities have been created to set up new experiences and practices in our everyday life. Information and intelligence became distributed and passive entities are turning out to be active participants of our lives when connected to the Internet. In this new context, it became possible for objects, services and applications to make decisions and to react according to a given situation in their environment. As the IoT deals with a huge number of things and their relevant data, many security challenges have to be addressed. This is true especially when things need to interact with each other across other set of things, through many security techniques and according to different policy requirements . For example, many attacks can occur such as message modification, traffic analysis, Denial of Service, eavesdropping, Sybilattack and so on. In order to avoid these threats and to permit authorized use only, current research efforts have been focusing on the following areas : protocol and network security, data and privacy, identity management, trust and governance, fault tolerance, dynamic trust, security, and privacy management.
V. DISCUSSION AND CONCLUSION
IoT is a novel concept, that involves different technologies, human and non-human entities. Some recent efforts have been made in the direction of designing and deploying unifying architectures. However, none of these attempts specifically aimed at proposing a holistic vision of IoT security. Also, practical solutions, if they exist, are intended to fulfill precise application needs (RFID, WSN, etc.). In the future, when attempting to realize a wide range of applications and services, it will become impossible to use a unique reference architecture model for real achievements. This openness and diversity require serious reflections concerning security issues. Our systemic and cognitive approach for IoT security remains still applicable even in the presence of the previously mentioned constraints and limitations of the IoT paradigm.