دانلود مقاله مدل های احراز هویت، کنترل دسترسی و مقیاس پذیری در امنیت IoT
خلاصه
1. معرفی
2. فناوری پشت اینترنت اشیا
3. امنیت در اینترنت اشیا
4. طرح های احراز هویت
5. مدل های کنترل دسترسی و حریم خصوصی داده ها
6. مدل های مقیاس پذیری
7. نتیجه گیری و جهت گیری های آتی
منابع مالی
در دسترس بودن داده ها و مواد
بیانیه مشارکت نویسنده CRediT
اعلامیه منافع رقابتی
تصدیق
منابع
Abstract
1. Introduction
2. Technology behind IoT
3. Security in IoT
4. Authentication schemes
5. Access control and data privacy models
6. Scalability models
7. Conclusion and future directions
Funding
Availability of data and materials
CRediT authorship contribution statement
Declaration of competing interest
Acknowledgment
References
چکیده:
اینترنت اشیا (IoT) به مرحله بعدی تعامل انسان با فناوری منجر می شود. با کمک اینترنت اشیا، می توان به اشیاء فیزیکی توانایی تولید، دریافت و تجارت یکپارچه داده ها را با یکدیگر داد. اینترنت اشیا شامل طیف گستردهای از برنامههای کاربردی است که هر یک بر خودکار کردن یک کار خاص تمرکز دارند و به اشیاء بیجان توانایی عمل مستقل از مداخله انسان را میدهند. برنامه های کاربردی اینترنت اشیا در حال حاضر در دسترس و آینده، نوید زیادی برای افزایش سطح راحتی، بهره وری و اتوماسیون مورد استفاده کاربران دارند. سطوح بالایی از امنیت، حریم خصوصی، احراز هویت و توانایی بازیابی از حملات برای اجرای چنین دنیایی به شیوه ای که دائما در حال گسترش است مورد نیاز است. در این راستا، لازم است تنظیمات لازم را در معماری برنامههای اینترنت اشیا انجام دهیم تا امنیت end-to-end در محیطهای IoT محقق شود. در این مقاله، بررسی جامعی از چالش های مرتبط با امنیت و منابع بالقوه خطر ناشی از برنامه های کاربردی اینترنت اشیا ارائه شده است. پس از بحث در مورد نگرانیهای امنیتی، انواع فنآوریهای جدید و تثبیتشده که بر دستیابی به درجه بالایی از اعتماد در کاربردهای اینترنت اشیا متمرکز شدهاند، پوشش داده میشوند. یادگیری ماشینی، محاسبات مه، محاسبات لبهای و بلاک چین تنها تعدادی از فناوریهایی هستند که به اینترنت اشیاء کمک میکنند امنیت بیشتری را فراهم کند.
Abstract
The Internet of Things (IoT) leads to the next phase of human interaction with technology. With the help of the IoT, physical objects can be given the ability to generate, receive, and seamlessly trade data with one another. The IoT includes a wide variety of applications, each of which focuses on automating a specific task and works to give inanimate objects the ability to act independently of human intervention. The currently available and upcoming IoT applications hold a great deal of promise for enhancing the level of convenience, productivity, and automation enjoyed by users. High levels of security, privacy, authentication, and the ability to recover from attacks are required for the implementation of such a world in a manner that is constantly expanding. In this light, it is necessary to make the necessary adjustments to the architecture of IoT applications to accomplish end-to-end security in IoT environments. In this article, a comprehensive review of the security-related challenges and potential sources of danger posed by IoT applications is provided. Following a discussion of security concerns, a variety of new and established technologies that are focused on achieving a high degree of trust in the applications of the IoT are covered. Machine learning, fog computing, edge computing, and blockchain are just a few of the technologies that help the IoT provide greater security.
Introduction
The Internet of Things (IoT) is one of the disruptive technologies of the 21st century that has revolutionized every business dimension across the globe. The Internet has become an essential component in daily activities such as e-commerce, e-learning, e-conferences, etc. According to [1], the number of IoT devices deployed may exceed 21.3 billion by 2022. Intelligent interfaces connect IoT devices in order to collaborate, gather, communicate, and store data. Deploying IoT devices enhances business productivity by optimizing operational procedures and maximizing the utilization of available resources. IoT brings innovation in the way things are monitored and managed remotely with the help of real-time data acquired from the sensors. With the unrestrained volumes of data generated by billions of connected devices, storage, management, and security are arduous. Security aspects such as authentication, authorization, privacy, confidentiality, availability, and integrity form the basis for information exchange in a trusted environment. Authentication is the process of identifying the genuineness of an entity. The authorization process allows only authenticated users to access the resources. The protection of privacy prevents hackers from accessing the user's private information. Data confidentiality is an outcome of authentication and authorization. It prevents sensitive data from being reclaimed and exploited. A device's availability confirms that IoT devices and services are resilient to attacks and are accessible all the time. Data integrity is the process of providing a tamper-proof platform for information communication, exchange, and storage.
Conclusion and future directions
In this paper, the methods that are currently available in the literature are discussed, and this paper also presents the methods that are currently available. The subsequent step is an in-depth discussion of the numerous security risks and the importance of threat modeling. The subsequent topic is a discussion of the various IoT applications’ necessary security precautions. It reviews the prior research on the numerous security issues and the solutions put forth by various researchers. The holes that were found while conducting this literature review served as inspiration for the current research work.
7.1. Research challenges
The billions of IoT devices deployed across the globe collect personal and sensitive data and exchange it with other networks using intelligent interfaces. Providing device authentication, authorization, data privacy, and security in such an un trusted environment is a challenge. Centralized trusted infrastructure cannot scale to the dynamic and ever intensifying traffic and, thus, leading to bottlenecks in the network. Distributed authentication can scale to the increasing demands of the IoT networks, but requires distributed trusted systems. The majority of the work in the IoT security domain focuses on embracing the security mechanisms of WSNs and conventional Internet-based applications. However, these mechanisms are far from being implemented in real-time scenarios due to the specific challenges of IoT, such as