Biblio

Nowadays, Internet of Things (IoT) has gained considerable significance and concern, consequently, and in particular with widespread usage and adoption of the IoT applications and projects in various industries, the consideration of the IoT Security has increased dramatically too. Therefore, this paper presents a concise and a precise review for the current state of the IoT security models and frameworks. The paper also proposes a new unified criteria and characteristics, namely Formal, Inclusive, Future, Agile, and Compliant with the standards (FIFAC), in order to assure modularity, reliability, and trust for future IoT security models, as well as, to provide an assortment of adaptable controls for protecting the data consistently across all IoT layers.

Security within the IoT is currently below par. Common security issues include IoT device vendors not following security best practices and/or omitting crucial security controls and features within their devices, lack of defined and mandated IoT security standards, default IoT device configurations, missing secure update mechanisms to rectify security flaws discovered in IoT devices and the overall unintended consequence of complexity - the attack surface of networks comprising IoT devices can increase exponentially with the addition of each new device. In this paper we set out an approach using graphs and graph databases to understand IoT network complexity and the impact that different devices and their profiles have on the overall security of the underlying network and its associated data.