مقاله انگلیسی بررسی سیستم های اینترنت اشیاء سازمانی (E-IoT): دیدگاه امنیتی
Abstract
Introduction
Section snippets
References (364)
Recommended articles
Abstract
As technology becomes more widely available, millions of users worldwide have installed some form of smart device in their homes or workplaces. These devices are often off-the-shelf commodity systems, such as Google Home or Samsung SmartThings, that are installed by end-users looking to automate a small deployment. In contrast to these ‘‘plug-and-play’’ systems, purpose-built Enterprise Internet-of-Things (E-IoT) systems such as Crestron, Control4, RTI, Savant offer a smart solution for more sophisticated applications (e.g., complete lighting control, A/V management, security). In contrast to commodity systems, E-IoT systems are usually closed source, costly, require certified installers, and are overall more robust for their use cases. Due to this, E-IoT systems are often found in expensive smart homes, government and academic conference rooms, yachts, and smart private offices. However, while there has been plenty of research on the topic of commodity systems, no current study exists that provides a complete picture of E-IoT systems, their components, and relevant threats. As such, lack of knowledge of E-IoT system threats, coupled with the cost of E-IoT systems has led many to assume that E-IoT systems are secure. To address this research gap, raise awareness on E-IoT security, and motivate further research, this work emphasizes E-IoT system components, E-IoT vulnerabilities, solutions, and their security implications. In order to systematically analyze the security of E-IoT systems, we divide EIoT systems into four layers: E-IoT Devices Layer, Communications Layer, Monitoring and Applications Layer, and Business Layer. We survey attacks and defense mechanisms, considering the E-IoT components at each layer and the associated threats. In addition, we present key observations in state-of-the-art E-IoT security and provide a list of open research problems that need further research.
Introduction
The introduction of modern smart consumer electronics has led to the widespread adoption of smart devices, with over 45 million smart home components sold worldwide [1,2]. Most users are familiar with commodity systems, off-the-shelf smart systems that are easily installed by the average end-user without specialized training (e.g., Samsung SmartThings, Google Home) [3,4]. However, in more complex installations, where robust, secure, and reliable smart solutions are needed, Enterprise Internet-of-Things (E-IoT) systems (e.g, Crestron, Control4, Savant, RTI) are accepted solutions. In contrast to commodity systems, E-IoT offers customized deployments, with more use-cases and applications. Offering users a broad set of compatible devices (e.g., sensors, Audio/Video equipment, interfaces), protocols (e.g., Zigbee, Z-wave, IP, proprietary protocols), custom programmed behavior, and system User Interface (UI) customization. As such, E-IoT systems are found in locations such as smart offices, smart buildings, luxury smart homes, yachts, and secure conference rooms (as illustrated in Fig.