Security Evaluation of Authentication Requirements in IoT Gateways

In the Internet of Things (IoT) context, gateways are devices that play a strategic role in the communication of things with the external environment. Gateways help with the problem of heterogeneity, acting to carry out the communication of the devices even if they use different protocols. Their cen...

Full description

Saved in:
Bibliographic Details
Published in:Journal of network and systems management 2023-10, Vol.31 (4), p.67, Article 67
Main Authors: Gomes, Diego R., Lins, Fernando A. Aires, Nóbrega, Obionor O., Felix, Eduardo F., Jesus, Bruno A., Vieira, Marco
Format: Article
Language:English
Subjects:
Authentication
Automation
Communication
Communications Engineering
Computer Communication Networks
Computer forensics
Computer networks
Computer Science
Computer Systems Organization and Communication Networks
Cybersecurity
Data encryption
Heterogeneity
Information Systems and Communication Service
Inspection
Internet of Things
Networks
Operations Research/Decision Theory
Organizations
Quality standards
Security in Next-Generation Communication Networks
Security systems
Software
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In the Internet of Things (IoT) context, gateways are devices that play a strategic role in the communication of things with the external environment. Gateways help with the problem of heterogeneity, acting to carry out the communication of the devices even if they use different protocols. Their centralized and strategic position in an IoT network makes security a key concern, as an attack on this device may leave the entire system vulnerable. Considering the security requirements in IoT, authentication is essential since devices should be authenticated before being inserted into the environment. The main contribution of this paper is the evaluation of the authentication compliance levels of currently used IoT gateways. A methodology is proposed to assess authentication requirements in IoT gateways, making it possible to analyze and select various authentication requirements published by recognized technical organizations such as IoTSF and OWASP. Several gateways currently used were chosen, installed, and configured, and a requirements inspection process was performed. In terms of results, it is possible to observe that, in their default configuration, the current gateways can only meet approximately 66% of the authentication requirements proposed by technical organizations.
ISSN:1064-7570
1573-7705
DOI:10.1007/s10922-023-09754-z