Trust and Risk Assessment in IoT Networks
DOI:
https://doi.org/10.37256/cnc.1120232667Keywords:
Internet of Things, IoT security, risk, trust, trust models, device characterization, device fingerprinting, device profiling, access controlAbstract
The Internet of Things (IoT) is a large-scale, heterogeneous ecosystem of connected devices encompassing a range of purposes and computing capabilities. As IoT systems grow ubiquitous, new approaches to security are needed. This work proposes a method of risk assessment for devices that combines the use of trust models based on dynamic behaviors with static capability profiles drawn from immutable device characteristics to determine the level of risk each device poses to network security. A risk-based approach allows security mechanisms and monitoring activities to be more efficiently allocated across IoT networks. Simultaneously, devices can be allowed a greater degree of functionality while ensuring system availability and security. This paper presents a methodology and architecture to integrate risk assessment into IoT networks. This allows additional tailoring of security control application and provides higher-level, more human-readable information for security analysts.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2023 Jeffrey Hemmes, et al.
This work is licensed under a Creative Commons Attribution 4.0 International License.