SIoT Framework: Towards an Approach for Early Identification of Security Requirements for Internet-of-things Applications
| Autor: | Ronald Jabangwe, Anh Nguyen-Duc |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2020 |
| Předmět: | |
| Zdroj: | e-Informatica Software Engineering Journal, Vol 14, Iss 1, Pp 77-95 (2020) |
| Druh dokumentu: | article |
| ISSN: | 2084-4840 1897-7979 |
| DOI: | 10.37190/e-Inf200103 |
| Popis: | Background: Security has become more of a concern with the wide deployment of Internet-of-things (IoT) devices. The importance of addressing security risks early in the development lifecycle before pushing to market cannot be over emphasized. Aim: To this end, we propose a conceptual framework to help with identifying security concerns early in the product development lifecycle for Internet-of-things, that we refer to as SIoT (Security for Internet-of-Things). Method: The framework adopts well known security engineering approaches and best practices, and systematically builds on existing research work on IoT architecture. Results: Practitioners at a Norwegian start-up company evaluated the framework and found it useful as a foundation for addressing critical security concerns for IoT applications early in the development lifecycle. The output from using the framework can be a checklist that can be used as input during security requirements engineering activities for IoT applications. Conclusions: However, security is a multi-faced concept; therefore, users of the SIoT framework should not view the framework as a panacea to all security threats. The framework may need to be refined in the future, particularly to improve its completeness to cover various IoT contexts. |
| Databáze: | Directory of Open Access Journals |
| Externí odkaz: |
|