Lack of Systematic Approach to Security of IoT Context Sharing Platforms

Mohammad Goudarzi; Arash Shaghaghi; Simon Finn; Sanjay Jha

arXiv:2407.05290·cs.CR·July 9, 2024

Lack of Systematic Approach to Security of IoT Context Sharing Platforms

Mohammad Goudarzi, Arash Shaghaghi, Simon Finn, Sanjay Jha

PDF

Open Access

TL;DR

This paper highlights the absence of a systematic security approach for IoT context-sharing platforms and advocates for a structured, threat-based methodology to improve their security design.

Contribution

It identifies key components of IoT context-sharing platforms and proposes using MITRE ATT&CK for threat modeling to enhance security evaluation and design.

Findings

01

Lack of systematic security approaches identified.

02

Proposes using MITRE ATT&CK for threat modeling.

03

Highlights need for secure-by-design solutions.

Abstract

IoT context-sharing platforms are an essential component of today's interconnected IoT deployments with their security affecting the entire deployment and the critical infrastructure adopting IoT. We report on a lack of systematic approach to the security of IoT context-sharing platforms and propose the need for a methodological and systematic alternative to evaluate the existing solutions and develop `secure-by-design' solutions. We have identified the key components of a generic IoT context-sharing platform and propose using MITRE ATT&CK for threat modelling of such platforms.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsIoT and Edge/Fog Computing