University of Benghazi

Faculty of Information Technology

Department of Computer Networks and Communications

A Zero Trust Framework to Secure IoT

Devices

Aya Issa El-Zughaid

Dr. Younis A. Younis

Thesis Was Submitted in Partial Fulfillment of the Requirements

for The Degree of Master in Computer Networks
01/05/2023
 University of Benghazi
Faculty of Information Technology
Department of Computer Networks and Communications

A Zero Trust Framework to Secure IoT

Devices

Aya Issa El-Zughaid

Dr. Younis A. Younis

Thesis Was Submitted in Partial Fulfillment of the Requirements

for The Degree of Master in Computer Networks
01/05/2023
 Declaration

I ……………………………………. confirm that the work contained in this thesis, unless

otherwise referenced is the researcher's own work, and has not been previously submitted to
meet requirements of an award at this University or any other higher education or research
institution, I furthermore, cede copyright of this thesis in favour of University of Benghazi.

Student name: AYA ISSA EL-ZUGHAID

Signature: .................................

Date: ......... / ........./ 20

 University of Benghazi
Faculty of Information Technology
Department of Computer Networks and Communications

A Zero Trust Framework to Secure IoT Devices

Aya Issa El-Zughaid

This thesis or dissertation has been approved by the examination committee:

Dr. ………………………….. (External examiner) ………………
(Affiliation)
Dr. ………………………….. (Internal examiner) ………………
(Affiliation)
Dr. ………………………….. (supervisor) ………………
(Affiliation)
Dr. ………………………….. (Co-supervisor) ………………
(Affiliation)

Dr. ………………………….. Dr. …………………………..

Head of Graduate Studies and Dean of the Faculty
Training Office

………../………./………..
 Dedication
This thesis is dedicated to my family, whose unwavering support and encouragement have
been instrumental in my academic journey. Their love, patience, and belief in my abilities
have been a constant source of motivation. I am deeply grateful for their sacrifices and
understanding during the countless hours spent researching, writing, and refining this work.
This achievement is a testament to their belief in me, and I dedicate this thesis to them with
heartfelt appreciation and love.

I
 Acknowledgement

I would like to express my deepest gratitude to all those who have contributed to the
completion of this thesis.

First and foremost, I am immensely thankful to my supervisor, Dr. Younis Elbadry, for their
guidance, expertise, and continuous support throughout this research journey. Their insightful
feedback, valuable suggestions, and unwavering encouragement have been invaluable in
shaping this work.

I am deeply grateful to my husband, Zohier A. Fannoush, for his invaluable participation in

this study. His cooperation, willingness to share insights, and active involvement in gathering
the necessary data have been crucial to the success of this research. His contributions have
greatly enriched the depth and quality of this work, and I am truly appreciative of his support
throughout this journey.

Last but not least, I would like to express my heartfelt gratitude to my family for their
unwavering love, encouragement, and understanding. Their constant support and belief in my
abilities have been the driving force behind my academic pursuits.

Although it is not possible to mention everyone who has played a part in this endeavor, I am
truly grateful for all the support and assistance I have received.

Thank you all for your contributions and for being a part of this important milestone in my
academic journey.

II
 Abstract

The internet has become essential to people's lives worldwide in recent years. Many
people use the Internet for various purposes, such as social networking, email
communication, and sharing data. The rise of the Internet has led to the development of
the Internet of Things (IoT) technology, which allows devices and applications to
communicate more efficiently.
The utilisation of IoT offers various advantages, but it also introduces several security
challenges. One of the main challenges is the heterogeneity of IoT networks, which
often comprise multiple types of devices, platforms, and protocols. These networks used
in IoT are complex and can be challenging to secure using traditional network security
tools and controls, which are often inadequate for the complex and dynamic nature of
IoT environments.
Another security concern is that the devices and the data transmitted to and from them
are often exposed to multiple threats. These threats can come in many forms, including
malware, hacking, physical theft, and unauthorised access. As a result, it is critical to
implement robust security measures designed specifically for IoT environments. These
measures should cover all security aspects, including confidentiality, integrity,
availability, authentication, authorisation, accountability, non-repudiation, resilience,
and scalability. By addressing these security concerns, organisations can fully realize
the benefits of IoT while minimizing the risks. We proposed the IoT security framework
based on zero-trust to address these challenges.
Our proposed IoT security framework will help implementers of IoT to overcome
existing security concerns. Zero-trust security provides a more robust and granular
framework for continuously monitoring and managing device security, access control,
and user behavior. By implementing zero-trust, IoT networks can better protect against
potential cyber-attacks and data breaches by only granting access to devices and data
based on their level of trust and continuously verifying their identity and behavior.
Moreover, the proposed framework tackles most of the security challenges in IoT
compared to other traditional security architectures.
Keywords: Internet of Things, Zero-trust, Software Defined Perimeter.

I
 Contents

Chapter 1: Introduction
1. Introduction ...........................................................................
2. Problem Statement ...........................................................................
3. Aim and Objectives ...........................................................................
4. Methodology ...........................................................................
5. Scope ...........................................................................
6. Research Significance ...........................................................................

Chapter 2: Internet of Things (IoT)

1. Introduction ...........................................................................
2. IoT Definition and Features ...........................................................................
3. IoT Architecture ...........................................................................
3.1 Device Sensing Layer: ...........................................................................
3.2 Network Management Layer:.......................................................................
3.3 Service Composition Layer: .........................................................................
3.4 Application Layer: ....................................................................
3.5 User Interface Layer: .........................................................................
4. IoT Advantages and Disadvantages .........................................................................
4.1 Advantages: .........................................................................
4.2 Disadvantages: .........................................................................
5. IoT Applications .........................................................................
6. IoT Devices .........................................................................
7. IoT Data Types .........................................................................
8. IoT Managing System .........................................................................
9. IoT Network types .........................................................................
10. IoT Security Requirements .........................................................................
11. IoT Threats and Attacks .........................................................................
12. Summary .........................................................................

Chapter 3: Zero Trust

1. Introduction .........................................................................
2. Zero Trust Concept .........................................................................

II
 3. Zero trust architectures .........................................................................
3.1 NIST Architecture: ........................................................................................
3.2 Gartner Architecture:....................................................................................
3.3 CISA Zero Trust Maturity Model:..............................................................
3.4 Palo Alto Architecture:..................................................................................
4. Zero Trust in IoT .........................................................................
5. Related work .........................................................................
6. Summary .........................................................................

Chapter 4: Framework
1. Introduction .........................................................................
2. SecureIoT-ZT Framework .........................................................................
3. Complying IoT Environment with Zero-trust Architecture.................................
4. Case Study: Enhancing Security with Zero-trust Architecture...........................
5. Summary .........................................................................

Chapter 5: Evaluation and Results

1. Introduction ....................................................................
2. SecureIoT-ZT Framework solution .........................................................................
3. Evaluation of SecureIoT-ZT framework...................................................................
4. Summary .........................................................................

Chapter 6: Conclusion …………………………………......55

III
 List of Tables

Table 1 compares the Traditional perimeter-based architecture and the SecureIoT-ZT

framework solution.

Table 2: Evaluation of SecureIoT-ZT framework.

IV
 List of Illustrations

Figure 1: IoT Architecture layers.

Figure 2: Core Zero Trust Logical Components.
Figure 3: Endpoint-Initiated ZTN.
Figure 4: Service-Initiated ZTN.
Figure 5: SecureIoT-ZT Framework.

V
 List of Abbreviations

Abbreviation Meaning
IoT Internet of Things
M2M Machine to Machine
SDP Software Defined Perimeter
VPN Virtual Private Network
ZTNA Zero Trust Network Access
RBAC Role Based Access Control
ABAC Attribute Based Access Control
CBAC Context Based Access Control
MAC Mandatory Access Control
DAC Discretionary Access Control
BLE Bluetooth Low Energy
WSNs Wireless Sensor Networks
CRM Customer Relationship Management
ERP Enterprise Resource Planning
SSO Single Sign-On
NAC Network Access Control
WAN Wide Area Network
DLP Data Loss Prevention
SASE Secure Access Service Edge
MFA Multi Factor Authentication
BYOD Bring Your Own Device
SIEM Security Information and Event Management
APTs Advanced Persistent Threats
ACI Application Centric Infrastructure
PE Policy Engine
PA Policy Administrator
PEP Policy Enforcement Point
CDM Continuous Diagnostics and Mitigation
PAM Privileged Access Management
IAM Identity and access management
IDS Intrusion Detection Systems

VI
RPL Routing for Low Power and Lossy Network
DoS Denial of Service
DDoS Distributed Denial of Service
6LoWPAN IPv6 over Low Power Wireless Personal Area
GSM Global System for Mobile
KMS Key Management Services
DTLS Datagram Transport Layer Security
TLS Transport Layer Security
RFID Radio Frequency Identification
HSMs Hardware Security Modules
PKI Public Key Infrastructure
CoAP Constrained Application Protocol
MQTT Message Queuing Telemetry Transport
AMQP Advanced Message Queuing Protocol
XMPP Extensible Messaging and Presence Protocol
GPS Global Positioning System
ZT Zero Trust
NB-IoT Narrowband Internet of Things
LTE-M Long Term Evolution Machine
Wi-Fi Wireless Fidelity

VII
Chapter 1

Introduction

8
 1. Introduction
The spread of Internet of Things (IoT) devices is occurring at an unprecedented rate, as
highlighted by a recent Gartner report [1]. The IoT can defined as a wired or wireless network
of uniquely identifiable connected devices that can process data and communicate with each
other with or without human involvement.

The surge in IoT adoption is evident across various regions, with Western Europe, North
America, and China leading the way [1]. The exponential growth of machine-to-machine
(M2M) connections further emphasizes the significance of the IoT ecosystem, as the number
of M2M connections is anticipated to surge from 5.6 billion in 2016 to 27 billion in 2024 [1].
The huge potential of the Internet of Things market is evident in the projected revenue from
$892 billion in 2018 to $4 trillion by 2025. M2M connections cover many applications,
including smart cities, smart environments, smart grids, smart retail, smart agriculture, and
more [2].

The growth of the IoT field is driven by the widespread adoption of intelligent devices that
leverage diverse wireless technologies like RFID, Bluetooth, telephonic data services, Wi-Fi,
embedded actuators and sensor nodes. Over time, IoT has evolved from its initial stages and
is now transitioning from the conventional internet to a fully integrated future internet [4].
This IoT revolution has facilitated extensive and rapid interconnection among various entities,
enabling the development of intelligent environments on an unprecedented scale. This
interconnected ecosystem of devices holds immense potential for transforming industries and
enhancing everyday life through innovative applications and seamless connectivity.

This rapid expansion of IoT applications brings forth significant concerns regarding security
and privacy. Without a reliable and interconnected IoT ecosystem, the full potential of
emerging applications cannot be realized, resulting in diminished demand. In addition to the
security challenges encountered by the internet, cellular networks, and wireless sensor
networks, the IoT landscape presents unique security obstacles. These include privacy
concerns, authentication vulnerabilities, management complexities, and information storage
issues. Addressing these challenges is crucial for establishing a trusted and robust IoT
environment capable of safeguarding sensitive data and ensuring user confidence.

As the deployment of IoT devices continues to surge, the management and security of these
devices pose significant challenges. Due to their resource-constrained nature, these devices
primarily allocate their processing power to perform their intended functions, leaving limited
9
capacity for implementing security and privacy measures [2] [3]. The utilization of complex
cryptographic approaches is particularly arduous due to the devices' limited resources.
Additionally, other pertinent concerns include device tracking, device security, maintenance,
and the security and privacy of transmitted data. Developing a resilient and robust ecosystem
for these devices to operate is imperative [2] [3]. These multifaceted issues necessitate
innovative solutions that balance device functionality and robust security measures, enabling
the seamless integration of IoT devices into various domains while preserving data integrity
and user privacy.

Implementing a zero-trust management model for IoT can ensure that every infrastructure
resource's credentials and configurations are verified each time they connect to the network,
thereby preventing deceptive behavior [5]. Additionally, this model can ensure that all
messages exchanged between resources undergo authentication through security measures
such as cryptography, safeguarding them against falsification attempts. Moreover, zero-trust
management can verify the legitimacy of each transaction before its execution, effectively
identifying and discarding any abnormal or suspicious transactions. By adopting a zero-trust
approach, IoT environments can enhance security and protect against threats and unauthorized
activities.

2. Problem Statement
The security of IoT devices presents significant challenges due to their limited processing
capabilities, low power consumption, and diverse software and hardware. These devices often
struggle to comply with traditional security approaches and policies. Moreover, their presence
in critical locations can attract attackers, posing risks to organizations and individuals.
Additionally, with the rise of remote work and interconnected networks, traditional perimeter-
based security models are inadequate as employees connect from various locations and
devices outside the protected perimeter. To address these challenges, there is a need for a
comprehensive security approach that embraces the concept of "zero trust" (ZT), assuming no
implicit trust and providing robust protection for IoT devices and remote work environments;
this ensures that security measures are in place to mitigate the unique risks associated with
IoT devices and the evolving landscape of remote work.

3. Aim and Objectives

The aim of this research is to propose a ZT framework for securing IoT devices.
The main objectives of this research are:
 To review and study the IoT principles and concepts.

10
  To understand and explore zero trust and its architectures.
 To propose and design a zero trust framework for IoT.
 To evaluate the proposed framework based on IoT security requirements.

4. Methodology
In order to propose the model, the research will be carried out in the following phases:
Phase 1:
First, investigate the security vulnerabilities in IoT, which include:
 IoT device-level threats resulting from IoT devices' limited computing resources.
 Device mobility and plurality.
 Network-level threats resulting from various IoT protocols.
Phase 2:
Explore various ZT principles, which include:
 Explore and understand ZT Architectures and find an essential form of deployment
models more suitable for IoT networks.
 Get a deeper look at the Software Defined Perimeter (SDP) using traditional
technologies like VPNs, a Gartner-based model.
Phase 3:
Design a zero-trust framework with the following:
 Investigate and comprehend the available models.
 Find their key differences to construct a solution based on these architectures.
Phase 4:
 Evaluate the proposed framework in order to meet the IoT security concerns.

5. Scope
The primary goal of this study is to clarify the security concerns around the IoT network and
build a model based on ZT architectures.

6. Research Significance
In 2020, as the COVID-19 pandemic unfolded, IT teams faced the monumental task of
granting millions of employees remote access to corporate networks. Many companies turned
to VPNs, which, while serving their purpose, expanded the attack surface, hindered
productivity, and disrupted native app experiences. VPNs, though, had their limitations;

11
authorised users often gained access to the entire network, including sensitive resources. Fast
forward to 2023, the landscape has evolved significantly. Around 80% of new digital business
applications, including those in the IoT regality, are now accessed through the secure
framework of zero trust network access (ZTNA). Consequently, over 60% of enterprises have
phased out traditional VPNs in favor of ZTNA, and approximately 40% have extended its
adoption to various other use cases, as detailed in this research. [6]

12
Chapter 2

Internet of Things
(IoT)

13
 1. Introduction
The Internet of Things (IoT) has the potential to revolutionize the way we live and work,
enabling everything from smart homes and cities to self-driving cars and advanced healthcare
systems. This chapter will provide a comprehensive overview of IoT, covering its definition
and key features. We will explore the various architecture components of an IoT system, its
advantages and disadvantages, examine the diverse range of IoT applications, data and
network types, and highlight the critical security requirements that must be addressed when
designing and deploying IoT systems, such as confidentiality, integrity, availability,
authentication, and authorization. Finally, we will discuss the various types of attacks that IoT
systems are vulnerable to.

By the end of this chapter, readers will have a thorough understanding of IoT technology and
its potential impact on various industries and sectors. They will also have the knowledge and
tools to effectively design, deploy, and secure IoT systems.

2. IoT Definition and Features

The IoT refers to a network of interconnected physical devices and objects that have the
ability to collect and share data through the use of electronics, software, sensors, and
connectivity. The purpose of IoT is to create a more efficient and accurate system through
data exchange between devices; this can lead to economic benefits. The range of IoT devices
includes everyday items such as smart speakers and security cameras, as well as industrial
machines such as jet engines and heavy machinery. These devices gather data through sensors
and send it to the cloud for analysis and control.

According to [7], IoT technology has brought revolutionary impacts in many areas of our
lives. Besides, it has provided opportunities for the creation of new business models and
revenue streams through the collection and analysis of data for product usage, leading to
improved services and offerings, by reducing the need for human intervention, such as a smart
thermostat adjusting the temperature in a home or a smart factory monitoring and controlling
its machines to minimize downtime and enhance efficiency. However, in a smart
environment, IoT and non-IoT devices and services are often blended to enhance people's
quality of life.

Although IoT is expected to impact many areas of our lives in the future significantly,
ongoing security and privacy concerns must be addressed. Due to the dynamic and diverse
nature of IoT-based smart environments, addressing these security and privacy issues can be
complex.
14
Significant issues for a wider deployment of IoT systems include: limited storage and
processing capacity of the things, concerns regarding reliability in performance, availability in
communication mediums, accessibility any-time and any-where, interoperability in a
heterogeneous environment, data management performance and security and privacy [8] [ 9].

3. IoT Architecture
Numerous proposed IoT architectures have been presented in the literature, but a commonly
accepted reference model for the IoT remains lacking. A typical architecture among these
proposals is a three-layer architecture consisting of the application, network, and perception
layers, as seen in [10] [11]. However, some architectures have suggested a four-layer structure
including the sensing, network, service, and application-interface layers, as exemplified in
[12]. As opposed to the prevalent three and four layer architectures, we agree that multiple
layers are necessary to capture the complexity of the IoT.
This study's illustration of the IoT security requirements features a security architecture with
five functional layers. According to [13], figure 1 shows the five layers: user interface,
application, services composition, network management, and device sensing.

Figure 1: IoT Architecture layers [13]

15
As shown above, each layer has an architectural element required for information gathering,
storage, computing, processing, and communication between different layers and architectural
elements. In addition to the planes constituted by these layers, there are other fundamental
security requirements like key management, trust management, identity management,
authorization, and authentication. It should be noted that the list of security requirements
provided is not exhaustive and may need to be updated in the future to reflect new threats and
vulnerabilities [13].

The proposed security architecture is not limited to a specific layer or level of the IoT system,
but rather provides a horizontal framework that can be implemented at any level of the
system. This approach ensures that the security requirements are met at every level of
functionality and across the entire vertical plane of the IoT system. A brief description of each
layer in the vertical plane is now given:

 Device Sensing Layer: The first layer of the proposed IoT security architecture
consists of smart IoT sensing devices such as sensors, RFID tags, smart phones, and
actuators capable of sensing and collecting physical parameters such as temperature,
humidity, and location. These devices can store the collected information locally or
transmit it to predefined sensor hubs for further processing. The primary functions of
this layer are data sensing and acquisition. Standardized plug-and-play mechanisms
can be used for the integration of various sensing devices. However, security is a
significant concern in their deployment, with authentication, authorization, access
control, and availability of infrastructure and networks being the key security issues at
this layer. The deployment of sensing devices may be simultaneous or staggered based
on the environmental context and practical requirements.

 Network Management Layer: The second layer in IoT architecture is the network
management layer, responsible for data aggregation, Quality of Service, scheduling,
and transmitting data to the next layer. Different wired and wireless networks, cloud
computing services, and big data repositories exist. Various technologies, including
3G, 4G, GSM, WiFi, and Bluetooth, are used for data transmission in this layer. IPv6,
6LoWPAN, and RPL are commonly used technologies. Security issues in this layer
include unauthorized access, modification of routing paths, and DoS attacks.

 Service Composition Layer: The third layer is the service composition layer, which
analyzes and processes data collected from the network management layer. It is built
16
 on middle-ware technology that allows for information exchange among
heterogeneous objects without specific hardware and software requirements. The
service composition unit is responsible for event processing, creating service
divisions, service monitoring, and decision analytics. Common security issues in this
layer include service authentication, data confidentiality, and integrity.

 Application Layer: The fourth layer is the application layer, which offers various
smart IoT services to users. It includes smart homes, smart cities, smart transport,
smart commerce, and smart health, among others. The layer is responsible for data
presentation, application access control, updating software, and security patches.
Standard interfaces using HTTP and HTTPS are widely used, while more dedicated
resource-constrained protocols like CoAP, MQTT, AMQP, and XMPP are also
employed. Common security issues in this layer include unauthorized access to
services, privacy breaches, and resource unavailability.

 User Interface Layer: The fifth and final layer, known as the user interface layer,
includes the interface provided to users and the users themselves as the main
components. This layer delivers the functionalities of the system to end-users through
standard web services for both service protocol and composition received from the
application layer. Security concerns in this layer include user authentication and
authorization, unauthorized access to data, data confidentiality, and availability of
services.

4. IoT Advantages and Disadvantages

The IoT can offer many advantages and challenges to our daily lives. IoT devices can help us
be more efficient, productive, and convenient by automating tasks and analyzing data in real-
time. However, they can also bring new security and privacy risks, create technological
dependence, and contribute to environmental issues. In this section, we will discuss the
benefits and drawbacks of IoT technology in more detail.
 Advantages:
 Efficiency: IoT devices automate tasks, allowing for more efficient use of time
and resources. For example, smart homes can adjust lighting and temperature
automatically, saving energy and reducing costs.

17
  Improved communication: IoT devices allow for improved communication
between devices and people. For example, smart medical devices can monitor
patients' health remotely and send updates to their doctor.
 Data collection and analysis: IoT devices collect vast amounts of data, which
can be analyzed to provide insights and improve decision-making. For
example, smart traffic lights can collect data on traffic patterns and adjust
timing to reduce congestion.
 Enhanced safety: IoT devices can enhance safety in various environments. For
example, smart smoke detectors can alert residents of a fire even if they're not
home.

 Disadvantages:
 Security concerns: IoT devices are vulnerable to cyber-attacks, as they often
have weak security measures. For example, a hacker could access a smart
home's security cameras and spy on the occupants.
 Privacy concerns: IoT devices collect large amounts of personal data, raising
privacy concerns. For example, a fitness tracker may collect data on a user's
location and exercise habits.
 Cost: IoT devices can be expensive, especially for businesses that require
large-scale implementation. Additionally, maintenance and software updates
can be costly.
 Complexity: IoT devices can be complex and require specialized knowledge to
install and maintain.
 Interoperability: As IoT devices come from different manufacturers, they may
not always be compatible with each other, which can limit their effectiveness.

5. IoT Applications
The IoT has a wide range of potential application areas across various industries [14]. Here
are some examples of how IoT is being used in different fields:

 Smart Home: In a smart home, IoT devices can be used to control and monitor
various home appliances remotely through a mobile device or voice-activated assistant
[15]. For example, a smart thermostat can adjust the temperature in a home based on
the occupant's preferences and patterns of use. Smart lighting systems can be

18
 programmed to turn on and off automatically, and security systems can be monitored
and controlled remotely.
 Industrial Automation: IoT can optimize production processes and automate tasks in
industrial settings, leading to increased efficiency and reduced costs. IoT devices like
sensors can monitor machinery performance, detect potential failures, and trigger
maintenance activities. IoT can also be used to improve inventory management,
supply chain processes, and worker safety.
 Healthcare: IoT can be used in healthcare to monitor patients remotely, collect health
data, and provide better patient care. For example, wearable devices like smartwatches
and fitness trackers can track a patient's heart rate, blood pressure, and vital signs [16].
This data can be used to diagnose health conditions, track medication compliance, and
monitor chronic diseases like diabetes and hypertension.
 Agriculture: IoT can be used in agriculture to optimize crop yield and automate
farming processes. IoT devices like sensors can monitor soil moisture levels,
temperature, and other environmental factors affecting crop growth. This data can
inform irrigation, fertilizer application, and pest control decisions.
 Transportation: IoT can be used in transportation to track vehicle location, optimize
routes, and improve traffic flow [17]. Connected vehicles can communicate with each
other and with traffic management systems to provide real-time information about
traffic conditions and congestion. This data can be used to optimize routes and reduce
travel times, leading to improved efficiency and reduced emissions.
 Retail: IoT can be used in retail to personalize customer experiences, improve
inventory management, and optimize supply chain processes. For example, RFID tags
can track inventory levels in real-time, reducing stock outs and improving product
availability. Smart shelves can track customer preferences and provide personalized
product recommendations.
 Energy: IoT can be used in the energy sector to optimize energy consumption,
monitor production, and improve efficiency [18]. Smart grid systems can balance
energy supply and demand in real-time, reducing the need for fossil fuel-powered
peakier plants. Connected sensors can be used to monitor energy usage in buildings
and identify opportunities for energy savings.
 Environmental Monitoring: IoT can be used for environmental monitoring to collect
data on air quality, water quality, and weather conditions. Connected sensors can be

19
 used to monitor pollution levels in real-time, and this data can inform decisions about
environmental policy and regulation.
 Smart Cities: IoT can be used in smart cities to improve infrastructure [19], optimize
energy consumption, and enhance public safety. For example, connected sensors can
monitor traffic flow and optimize traffic signal timing, reducing congestion and
improving safety. Smart street lighting systems can adjust lighting levels based on
occupancy, reducing energy consumption and light pollution.

6. IoT Devices
IoT devices can be broadly categorized into several types based on their functionality and
application. Here are some examples:

 Wearables: These devices are typically small, lightweight, and designed to be worn on a
body. They can monitor and track health and fitness data, such as heart rate, steps taken, and
calories burned. Examples of wearables include smartwatches, fitness trackers, and smart
glasses.
 Smart Home Devices: These devices are designed to make home automation more accessible
and comfortable. They can be controlled via a mobile app or voice commands and used to
control various aspects of the home, such as lighting, temperature and security. Examples of
smart home devices include smart thermostats, smart lights, and smart locks.
 Industrial IoT Devices: These devices are used in industrial settings to monitor and control
various aspects of the production process, such as temperature, humidity, and pressure. They
can improve efficiency, reduce waste, and improve safety. Examples of industrial IoT devices
include sensors used to monitor machinery, equipment, and supply chains.
 Medical IoT Devices: These devices are used in healthcare settings to monitor patients
remotely, track vital signs, and provide real-time health data to medical professionals.
Medical IoT devices include remote patient monitoring systems, medical wearables, and
health monitoring apps.
 Smart City Devices: These devices are used in urban environments to collect data and
improve city services. They can monitor traffic, air quality, waste management, and other
aspects of city life. Examples of smart city devices include smart traffic management systems,
air quality monitors, and waste management systems.
 Agricultural IoT Devices: These devices are used in farming and agriculture to improve crop
yields, reduce waste, and conserve resources. They can monitor soil conditions, weather
patterns, and irrigation systems. Examples of agricultural IoT devices include soil sensors,
weather monitoring systems, and smart irrigation systems.
20
 7. IoT Data Types
IoT devices generate and transmit various types of data, each with its unique characteristics
and use cases. Some of the different types of IoT data include:
 Sensor Data: This is the most common type of IoT data, and it refers to the data collected by
sensors embedded in IoT devices. Sensors can measure various physical phenomena, such as
temperature, humidity, light, sound, and motion. The data generated by sensors is usually in
the form of numerical values, and it provides real-time insights into the environment. Sensor
data is essential for IoT applications such as smart homes, smart cities, and industrial
automation.
 Actuator Data: Actuator data refers to the data generated by devices that perform an action
based on sensor data. For example, actuators can control temperature or turn on lights in
response to sensor data. Actuator data is usually binary, indicating whether the device is on or
off, or in some cases, it can be a range of values, such as the speed of a motor.
 Location Data: Location data is generated by GPS or other location tracking technologies. It
provides real-time information about the location of devices or people. Location data is used
in IoT applications such as asset tracking.
 Audio and Video Data: Audio and video data are generated by cameras and microphones.
This type of data is usually in the form of multimedia files. Audio and video data are used in
IoT applications such as video surveillance, video conferencing, and voice recognition.
 User Data: User data includes information about user behavior, preferences, and usage
patterns. It can be collected through IoT devices such as smartwatches, fitness trackers, and
home automation systems. User data is used in IoT applications such as personalized
recommendations, targeted advertising, and smart health monitoring.
 Metadata: Metadata includes information about the context in which the data was generated.
For example, metadata can have the time and date of data collection, the device ID, and the
location. Metadata is essential for data analytics and visualization, as it provides context and
helps interpret data.
 Network Data: Network data includes information about the performance and behavior of the
network. It can be used to optimize network performance and troubleshoot issues. Network
data is generated by IoT devices such as routers, gateways, and network switches.
 Environmental Data: Environmental data includes information about the environment in
which the IoT devices are deployed. For example, environmental data can consist of air
quality, weather conditions, and water quality information. Ecological data is used in IoT
applications such as environmental monitoring, precision agriculture, and smart cities.

21
 In summary, IoT data can be classified into different types based on the type of IoT device
generating, the physical phenomenon being measured, or the context in which the data is
generated. Understanding the different types of IoT data is essential for building practical IoT
applications and extracting insights from IoT data.

8. IoT Managing System

Managing IoT devices requires a system that can handle the unique challenges of many
devices, their heterogeneity, and their distributed nature. Some of the systems used to manage
IoT devices include:
 IoT Platforms: IoT platforms are software systems that provide a range of services for
managing and deploying IoT devices. They typically offer features such as device
management, data analytics, and integration with other systems. IoT platforms can be either
cloud-based or on-premises solutions. Cloud-based IoT platforms are hosted in the cloud and
provide a scalable and flexible solution for managing large devices. On-premises IoT
platforms, on the other hand, are installed on local servers and give greater control over data
security and privacy.
 Device Management Systems: Device management systems manage and monitor IoT
devices. They provide features such as firmware updates, remote configuration, and device
health monitoring. Device management systems can be used to control devices from different
vendors. They can be integrated with other systems, such as Enterprise Resource Planning
(ERP) and Customer Relationship Management (CRM) systems, which are software
platforms that can provide valuable insights and improve the efficiency of business
operations.
 Home Automation Systems: Home automation systems control smart home devices such as
lights, thermostats, and security systems. They typically include a hub or central controller
that connects to the internet and communicates with individual devices using wireless
protocols such as Zigbee or Z-Wave. Examples of home automation systems include
Samsung SmartThings, Apple HomeKit, and Google Nest.

9. IoT Network types

Several types of networks are used for connecting IoT devices, each with unique
characteristics and capabilities. Some of the most common networks for IoT devices include
[20] [21]:
 Wireless Sensor Networks (WSNs): WSNs are networks of interconnected sensors that
communicate wirelessly. They are used in applications where many sensors must be deployed
in a wide area, such as environmental monitoring or industrial automation. WSNs typically

22
 use low-power wireless protocols such as Zigbee, Z-Wave, LoRaWAN, or Bluetooth Low
Energy (BLE).
 Cellular Networks: Cellular networks such as 3G, 4G, and 5G are widely used to connect
IoT devices to the internet. Cellular networks provide comprehensive coverage and high
reliability, making them suitable for IoT applications such as smart cities, asset tracking, and
transportation. In addition to traditional cellular networks, cellular IoT networks such as
Narrowband IoT (NB-IoT) and LTE-M are optimised for low-power IoT devices.
 Wi-Fi Networks: Wi-Fi networks are commonly used to connect IoT devices in indoor
settings such as homes and offices. Wi-Fi networks provide high bandwidth and low latency,
making them suitable for smart homes, home automation, and consumer electronics
applications. Wi-Fi networks use the IEEE 802.11 standard for wireless communication.
 Ethernet Networks: Ethernet networks are used in industrial settings to connect IoT devices
such as sensors, actuators, and controllers. Ethernet networks provide high reliability, low
latency, and high bandwidth, making them suitable for industrial automation and control
applications. Ethernet networks use the IEEE 802.3 standard for wired communication.
In summary, the choice of an IoT system or network depends on factors such as the specific
requirements of the IoT application, the number and type of devices involved, the
communication range and bandwidth requirements, and the security and privacy
considerations.

10. IoT Security Requirements

The increasing adoption of IoT devices and systems in various industries and applications has
led to a growing need for security measures to protect these devices and the data they collect
and transmit. The unique nature of IoT devices, such as their limited resources and distributed
nature, presents significant challenges for security. As a result, a set of IoT security
requirements has been developed to address these challenges and provide guidance for
designing, deploying, and managing secure IoT systems. These requirements include keeping
data private, ensuring it's not tampered with, and ensuring that only authorised people or
devices can access it.

Previous studies on the security of the IoT have not focused enough attention on security
requirements as a central issue, with many treating it as a secondary concern. Yang and Fang
[22] proposed a security architecture for IoT that addresses fundamental security issues like
authentication, access control, and identity based on communication, control, and
computation aspects. Other approaches, like [23] [24], prioritise authorisation, authentication,
confidentiality, access control, trust, and identity management as core security requirements
23
for IoT. Some studies, such as [15], cover other general security requirements like network
security, application security, layer security, bootstrapping security, configuration, data
integrity, firewalls, anti-virus, encryption functionality, and secure routing.
In this section, we consider these requirements to be generic and necessary for most IoT
systems:
 Confidentiality: This requirement ensures that sensitive data transmitted by IoT
devices and systems is kept private and only accessible to authorised parties. To
achieve confidentiality, encryption can be used to protect data in transit and at rest,
and access controls can be implemented to limit who can view and modify data.
 Integrity: This requirement ensures that data transmitted by IoT devices and systems
is not tampered with or modified without authorisation. Techniques such as data
hashing, digital signatures, and integrity checks can be used to ensure that data
remains unmodified during transmission and storage.
 Availability: This requirement ensures that IoT devices and systems are available
when needed and not subject to DoS attacks or other disruptions. To achieve
availability measures such as load balancing, redundancy, and failover mechanisms
can be implemented to ensure that IoT systems can continue to operate even if one or
more components fail.
 Authentication: This requirement ensures that IoT devices and systems can verify the
identity of authorised users or devices. To achieve authentication, strong passwords,
two-factor authentication, and biometric authentication can be used to verify the
identity of users and devices.
 Authorization: This requirement ensures that only authorised users or devices can
access specific resources or data. Access control mechanisms such as Role-Based
Access Control (RBAC) and Attribute-Based Access Control (ABAC) can ensure that
only authorised users or devices can access specific resources or data.
 Accountability: This requirement ensures that all actions taken by IoT devices or
users are traceable and auditable. Logging mechanisms can be used to track and record
all actions taken by IoT devices and users, providing a record that can be used to
investigate security breaches and other issues.
 Non-Repudiation: This requirement ensures that actions taken by IoT devices or
users cannot be denied later. Techniques such as digital signatures can be used to
ensure that actions taken by IoT devices and users are authentic and cannot be rejected
later.

24
  Resilience: This requirement ensures that IoT devices and systems can continue
functioning in the face of attacks or other disruptions. Resilience can be achieved
through backup systems, disaster recovery plans, and other measures to ensure IoT
systems can recover quickly from disruptions and continue functioning.
 Scalability: Is a critical requirement for IoT security because IoT systems often
involve many devices and users [25]. To ensure security at scale, it is essential to
design security mechanisms that are efficient, effective, and can handle a large number
of connections and requests without compromising performance or security.

11. IoT Threats and Attacks

Because IoT devices are resource-constrained, traditional security mechanisms that require
many resources may not work well with IoT devices, making them vulnerable to attacks.
Several studies have looked into the security of IoT and analysed the different threats and
attacks that could occur [26] [27]. Some works, such as [28], have sorted potential threats and
attacks based on the different layers of an IoT system. Other works, such as [29], have
identified threats and attacks based on specific security concerns like identity, access control,
trust, middleware, and mobility. A few studies, such as [30], have also categorised threats and
attacks based on particular applications and use-case scenarios. Additionally, Ref. [31] groups
various security issues in an IoT system according to the type of IoT infrastructure used, such
as centralised, collaborative, connected, and distributed IoTs.
Briefly, some common threats and attacks that can affect the security of IoT devices and
systems include:
 Malware: Malicious software that can infect IoT devices and systems, allowing
attackers to take control of them remotely.
 Denial of Service (DoS)/ Distributed Denial of Service (DDoS): An attack that
floods an IoT device or system with traffic, rendering it unusable.
 Man-in-the-Middle (MitM): An attacker intercepts and alters the communication
between IoT devices, potentially gaining access to sensitive data.
 Physical Attacks: Attacks that exploit physical weaknesses in IoT devices, such as
hacking a smart lock to gain entry to a building.
 Botnets: A collection of compromised IoT devices controlled by a single attacker,
allowing them to launch large-scale attacks.
 Credential Stuffing: Attackers use stolen login credentials to gain unauthorised
access to IoT devices and systems.

25
 12. Summary
In conclusion, the Internet of Things (IoT) has rapidly transformed how we live, work, and
interact with technology. This technology has the potential to bring many benefits, such as
increased efficiency and convenience. However, it also introduces new challenges like
security risks and privacy concerns. In this chapter, we explored the features and architecture
of IoT, its applications, and its advantages and disadvantages. We also discussed the security
requirements that must be considered to protect IoT devices from attacks. Overall, while IoT
presents a promising future, it is essential to be aware of its potential risks and to implement
appropriate security measures.

26
27
 References
[1] Gartner, “Zero trust architecture and solutions,” Qi An Xin Group, Beijing, 2020. [Online].
Available: https:// www.gartner.com/teamsiteanalytics/ servePDF?g=/imagesrv/media
-products/pdf/Qi-An-Xin/Qi-An-in -1-1OKONUN2.pdf

[2] T. M. Fernández-Caramés and P. Fraga-Lamas, “A review on the use of blockchain for the Internet
of things,” IEEE Access, vol. 6, pp. 3279– 33 001, 2018.

[3] S. K. Lo et al., ”Analysis of Blockchain Solutions for IoT: A Systematic Literature Review,” in IEEE
Access, vol. 7, pp. 58822-58835, 2019.

[4] Lu Tan and N. Wang, "Future Internet: The Internet of Things," in International Conference on
Advanced Computer Theory and Engineering(ICACTE), Chengdu, China, 2010.

[5] Y. Xiangshuai and W. Huijuan, “Survey on Zero-Trust Network Security,” in Artificial Intelligence
and Security. ICAIS 2020. Communications in Computer and Information Science., Singapore, 2020.

[6] S. Rose et al., “Zero trust architecture,” Nat. Inst. Stand. Technol., Gaithersburg, MD, USA, Draft
(2nd) NIST SP 800 207, 2020.

[7] H. Lin and N. W. Bergmann, ‘‘IoT privacy and security challenges for smart home environments,’’
Information, vol. 7, no. 3, p. 44, 2016.

[8] Zorzi, M.; Gluhak, A.; Lange, S.; Bassi, A. From today’s INTRAnet of things to a future INTERnet of
things: A wireless- and mobility-related view. IEEE Wirel. Commun. 2010, 17, 44–51.

[9] Radanliev, P.; De Roure, D.; Page, K.; Nurse, J.R.; Mantilla Montalvo, R.; Santos, O.; Maddox, L.;
Burnap, P.Cyber risk at the edge: Current and future trends on cyber risk analytics and artificial
intelligence in the industrial internet of things and industry 4.0 supply chains. Cybersecurity 2020, 3,
1–21.

[10] Khan, R.; Khan, S.U.; Zaheer, R.; Khan, S. Future Internet: The Internet of Things Architecture,
Possible Applications and Key Challenges. In Proceedings of the 10th International Conference on
Frontiers of Information Technology, Islamabad, India, 17–19 December 2012; pp. 257–260.

[11] Siegel, J.E.; Erb, D.C.; Sarma, S.E. A Survey of the Connected Vehicle Landscape—Architectures,
Enabling Technologies, Applications, and Development Areas. IEEE Trans. Intell. Transp. Syst. 2018,
19, 2391–2406.

[12] Li, S.; Tryfonas, T.; Li, H. The Internet of Things: A security point of view. Internet Res. 2016, 26,
337–359.

[13] S. Pal, M. Hitchens, T. Rabehaja, and S. Mukhopadhyay, "Security Requirements for the Internet
of Things": A Systematic Approach, Sensors, vol. 20, no. 20, pp. 5897-5897, 2020.

[14] P. Kanuch, D. Macko and L. Hudec, "Survey: Classification of the IoT technologies for better
selection to real use," in 2020 43nd International Conference on Telecommunications and Signal
Processing (TSP), 2020, pp. 500-505.

28
[15] Jerald, A.V.; Rabara, S.A.; Bai, D.P. Secure IoT architecture for integrated smart services
environment. In Proceedings of the 2016 3rd International Conference on Computing for Sustainable
Global Development (INDIACom), Palladam, India, 16-18 March 2016; pp. 800–805.

[16] Catarinucci, L.; de Donno, D.; Mainetti, L.; Palano, L.; Patrono, L.; Stefanizzi, M.L.; Tarricone, L.
An IoT-Aware Architecture for Smart Healthcare Systems. IEEE Internet Things J. 2015, 2, 515–526.

[17] Saarika, P.S.; Sandhya, K.; Sudha, T. Smart transportation system using IoT. In Proceedings of the
2017 International Conference On Smart Technologies For Smart Nation (SmartTechCon), Bengaluru,
India, 17–19 August 2017; pp. 1104–1107.

[18] Fang, X.; Misra, S.; Xue, G.; Yang, D. Smart Grid — The New and Improved Power Grid: A Survey.
IEEE Commun. Surv. Tutor. 2012, 14, 944–980.

[19] Jin, J.; Gubbi, J.; Marusic, S.; Palaniswami, M. An Information Framework for Creating a Smart
City Through Internet of Things. IEEE Internet Things J. 2014, 1, 112–121.

[20] Hanes, D., Salgueiro, G., Grossetete, P., Barton, R., & Henry, J. (2017). IoT Fundamentals:
Networking Technologies, Protocols, and Use Cases for the Internet of Things. Cisco Press.

[21] Palo Alto Networks. (n.d.). The Right Approach to Zero Trust for IoT Devices. Retrieved from
https://www.paloaltonetworks.com/resources/whitepapers/the-right-approach-to-zero-trust-for-iot-
devices

[22] Yang, J.; Fang, B. Security model and key technologies for the Internet of things. J. China Univ.
Posts Telecommun. 2011, 18, 109–112.

[23] Tourani, R.; Misra, S.; Mick, T.; Panwar, G. Security, Privacy, and Access Control in Information-
Centric Networking: A Survey. IEEE Commun. Surv. Tutor. 2017, 20, 566–600.

[24] Asiri, S. A Blockchain-Based IoT Trsust Model. Master’s Thesis, Ryerson University, Toronto, ON,
Canada, 2018.

[25] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., & Sikdar, B. (2019). Security and Privacy
Issues in Internet of Things (IoT): A Review. In 2019 International Conference on Intelligent
Computing and Control Systems (ICICCS) (pp. 1289-1294). IEEE.

[26] Ahmad, M.; Younis, T.; Habib, M.A.; Ashraf, R.; Ahmed, S.H. A Review of Current Security Issues
in Internet of Things. In Recent Trends and Advances in Wireless and IoT-enabled Networks; Springer:
Berlin/Heidelberg, Germany, 2019; pp. 11–23.

[27] Yang, Y.; Wu, L.; Yin, G.; Li, L.; Zhao, H. A Survey on Security and Privacy Issues in Internet-of
Things. IEEE Internet Things J. 2017, 4, 1250–1258.

[28] Ko, E.; Kim, T.; Kim, H. Management platform of threats information in IoT environment. J.
Ambient Intell. Human. Comput. 2017, 9, 1167–1176.

[29] Sfar, A.R.; Natalizio, E.; Challal, Y.; Chtourou, Z. A roadmap for security challenges in the Internet
of Things. Digital Commun. Netw. 2017, 4, 118–137.

[30] Alaba, F.A.; Othman, M.; Hashem, I.A.T.; Alotaibi, F. Internet of Things security: A survey. J.
Netw. Comput. Appl. 2017, 88, 10 – 28.

29
[31] Roman, R.; Zhou, J.; Lopez, J. On the features and challenges of security and privacy in
distributed internet of things. Comput. Netw. 2013, 57, 2266–2279 .

[32] https://publications.opengroup.org/c166.

[33] J. Kindervag, “No More Chewy Centers : Introducing The Zero Trust Model Of Information
Security,” pp. 1–15, 2010.

[34] U.S. Presidential Executive Order, “Improving critical infrastructure cybersecurity”, (February 12,
2013).

[35] NIST report, “Developing a framework to improve critical infrastructure cybersecurity”,

submitted by Forrester Group, 18 p. (April 2013).

[36] K. Townsend, “Don’t implement zero-trust security in a virtualized network without reading this
overview - TechRepublic,” 2015.

[37] “Cisco Application Policy Infrastructure Controller Data Center Policy Model - Cisco,” 2014.

[38] “Cisco ACI Security: A New Approach to Secure the Next-Generation Data Center - Cisco,” 2014.

[39] Cybersecurity and Infrastructure Security Agency (CISA). (2020). Zero Trust Maturity Model.
Retrieved from https://www.cisa.gov/publication/zero-trust-maturity-model.

[40] A. Whitmore, A. Agarwal and L. Da Xu, "The Internet of Things-A survey of topics and trends,"
Information Systems Frontiers, vol. 17, no. 2, 2015.

[41] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari and M. Ayyash, "Internet of Things: A

Survey on Enabling Technologies, Protocols, and Applications," IEEE Communications Surveys and
Tutorials , vol. 17, no. 4, p. 2347–2376, 2015.

[42] S. Rose, O. Borchert, S. Mitchell and S. Connelly, “nist.gov,” 20 August 2020. [Online]. Available:
https://doi.org/10.6028/NIST.SP.800-207. [Accessed 17 10 2020]

[43] B. Embrey, “The top three factors driving zero trust adoption,” Computer Fraud & Security, vol.
2020, no. 9, pp. 13-15, 22 September 2020.

[44] S. Mehraj and T. M. Banday, “Establishing a Zero Trust Strategy in Cloud Computing
Environment,” in 2020 International Conference on Computer Communication and Informatics
(ICCCI), Coimbatore, India, 2020.

[45] D. Sood, S. Sood, and S. K. Dhurandher, "Augmenting Zero Trust Architecture to Endpoints Using
Blockchain: A State-of-The-Art Review," in 2020 12th International Conference on Communication
Systems & Networks (COMSNETS), Bangalore, India, 2020, pp. 506-513.

[46] R. P. Atwal and S. Chauhan, "Zero Trust Network Architecture: A Survey," in 2021 IEEE 11th
Annual Computing and Communication Workshop and Conference (CCWC), 2021, pp. 110-115.

[47] M. A. Alsheikh, S. M. Abdalla, S. M. Abdalla, A. M. Abdou and A. M. Ali, "Augmenting Zero Trust
Architecture to Endpoints Using Blockchain: A State-of-The-Art Review," in IEEE Access, vol. 9, pp.
16517-16531, 2021, doi: 10.1109/ACCESS.2021.3058351.

30
 ‫المستخلص‬

‫في السنوات األخيرة‪ ،‬أصبح اإلنترنت جزًء ا أساسًيا من حياة الن‪QQ‬اس في جمي‪QQ‬ع أنح‪QQ‬اء الع‪QQ‬الم‪ .‬يس‪QQ‬تخدم العدي‪QQ‬د من األش‪QQ‬خاص‬
‫اإلنترنت ألغراض مختلفة‪ ،‬مثل التواصل االجتماعي والبريد اإللكتروني ومشاركة البيانات‪ .‬تطور تكنولوجيا اإلن‪QQ‬ترنت من‬
‫األشياء (اإلنترنت المتصل باألشياء) كمفهوم يهدف إلى تمكين األجهزة والتطبيقات من التواصل مع بعضها البعض بس‪QQ‬هولة‬
‫أكبر‪ ،‬حيث أن استخدام التكنولوجيا المبنية على اإلنترنت المتصلة باألشياء (‪ )IoT‬ي‪QQ‬وفر العدي‪QQ‬د من المزاي‪QQ‬ا‪ ،‬ولكن‪QQ‬ه يواج‪QQ‬ه‬
‫أيًض ا تحديات أمنية عديدة‪.‬‬
‫واحدة من التحديات الرئيسية هي التشابه في شبكات األشياء المتص‪QQ‬لة‪ ،‬حيث تتض‪QQ‬من غالًب ا مجموع‪QQ‬ة متنوع‪QQ‬ة من األجه‪QQ‬زة‬
‫والمنص‪Q‬ات وال‪Q‬بروتوكوالت‪ .‬ه‪Q‬ذه الش‪Q‬بكات المس‪Q‬تخدمة في اإلن‪Q‬ترنت المتص‪Q‬لة باألش‪Q‬ياء معق‪Q‬دة وق‪Q‬د تك‪Q‬ون ص‪Q‬عبة الت‪Q‬أمين‬
‫باستخدام أدوات وضوابط األمان التقليدية‪ ،‬التي في كثير من األحيان ال تكفي للتعامل م‪Q‬ع طبيع‪Q‬ة البيئ‪Q‬ات المتغ‪Q‬يرة والمعق‪Q‬دة‬
‫لألجهزة المتصلة باألشياء‪ .‬مصدر قلق آخر يتعلق باألمان هو أن األجهزة ذاتها‪ ،‬وكذلك البيانات التي يتم نقله‪QQ‬ا إليه‪QQ‬ا ومنه‪QQ‬ا‪،‬‬
‫غالًبا ما تكون عرضة للعديد من التهديدات‪.‬‬
‫يمكن أن ت‪Q‬أتي ه‪Q‬ذه التهدي‪Q‬دات في العدي‪Q‬د من األش‪Q‬كال‪ ،‬بم‪Q‬ا في ذل‪Q‬ك ال‪Q‬برامج الض‪Q‬ارة واخ‪Q‬تراق األجه‪Q‬زة والس‪Q‬رقة المادي‪Q‬ة‬
‫والوصول غير المصرح ب‪QQ‬ه‪ .‬وبالت‪QQ‬الي‪ ،‬فإن‪QQ‬ه من الض‪QQ‬روري تنفي‪QQ‬ذ ت‪QQ‬دابير أم‪QQ‬ان قوي‪QQ‬ة مص‪QQ‬ممة خصيًص ا لبيئ‪QQ‬ات اإلن‪QQ‬ترنت‬
‫المتصلة باألشياء‪ .‬يجب أن تشمل هذه الت‪QQ‬دابير جمي‪QQ‬ع ج‪QQ‬وانب األم‪QQ‬ان‪ ،‬بم‪QQ‬ا في ذل‪QQ‬ك الس‪QQ‬رية والنزاه‪QQ‬ة والت‪QQ‬وافر والمص‪QQ‬ادقة‬
‫والترخيص والمساءلة وعدم اإلنكار والصمود والقابلية للتوسع من خالل معالج‪QQ‬ة ه‪QQ‬ذه المخ‪QQ‬اوف األمني‪QQ‬ة‪ ،‬يمكن للمؤسس‪QQ‬ات‬
‫تحقيق الفوائد الكاملة لإلنترنت المتصل باألشياء مع تقليل المخاطر‪.‬‬
‫يهدف إطار األمان الذي نقترحه لإلنترنت المتصل باألشياء بن‪Q‬اًء على مب‪Q‬دأ الثق‪Q‬ة الص‪Q‬فرية إلى مس‪Q‬اعدة المنف‪Q‬ذين لإلن‪Q‬ترنت‬
‫المتصل باألشياء على التغلب على المخاوف األمنية الحالية‪ .‬يوفر األمان بن‪QQ‬اًء على مب‪QQ‬دأ الثق‪QQ‬ة الص‪QQ‬فرية إط‪QQ‬اًرا أمنًي ا أق‪QQ‬وى‬
‫وأكثر تفصياًل يسمح بمراقبة وإدارة مستمرة ألمان األجهزة وضبط الوصول وسلوك المستخدم‪.‬‬
‫من خالل تنفي‪Q‬ذ مب‪Q‬دأ الثق‪Q‬ة الص‪Q‬فرية‪ ،‬يمكن لش‪Q‬بكات اإلن‪Q‬ترنت المتص‪Q‬لة باألش‪Q‬ياء حماي‪Q‬ة أفض‪Q‬ل ض‪Q‬د الهجم‪Q‬ات الس‪Q‬يبرانية‬
‫المحتملة وانتهاكات البيانات من خالل منح الوصول إلى األجهزة والبيانات فقط استناًدا إلى مستوى ثقته‪Q‬ا والتحق‪Q‬ق المس‪Q‬تمر‬
‫من هويتها وسلوكها‪.‬‬

‫‪31‬‬
 ‫جامعة بنغازي‬
‫كلية تقنية المعلومات‪-‬‬
‫قسم شبكات واتصاالت الحاسوب‬

‫‪ IOT‬اطار عمل عدم الثقة ألجهزة‬

‫آية عيسى محمد إبراهيم الزغيد‬

‫يونس علي البدري‬

‫أستاذ مساعد‬

‫قدمت الرسالة استكماال لمتطلبات اإلجازة العلمية (ماجستير) في العلوم ‪....‬‬

‫بتاريخ ‪........./...../...‬هـ الموافق ‪01/05/2023‬م‬

‫‪32‬‬