Model-based security engineering for the internet of things
We propose in this chapter a Model-based Security Toolkit (SecKit) and methodology to address the control and protection of user data in the deployment of the Internet of Things (IoT). This toolkit takes a more general approach for security engineering including risk analysis, establishment of aspect-specific trust relationships, and enforceable security policies. We describe the integrated metamodels used in the
toolkit and the accompanying security engineering methodology for IoT systems using these metamodels. We validate our approach through a case study of a real world supply chain scenario where sensors are used to monitor the temperature and control environmental conditions of the transported goods. The toolkit is applied in the design of this case study, analysis of risks, and specification of security policy rules
following the steps of our methodology. Finally, we also show how the specified security policies are enforced using technology specific policy enforcement points.
NEISSE Ricardo;
STERI Gary;
NAI FOVINO Igor;
BALDINI Gianmarco;
VAN HOESEL Lodewijk;
2016-09-29
IET - The Institution of Engineering and Technology
JRC98828
978-1-78561-053-0,
http://digital-library.theiet.org/content/books/10.1049/pbse002e_ch5,
https://publications.jrc.ec.europa.eu/repository/handle/JRC98828,
10.1049/pbse002e_ch5,
Additional supporting files
File name | Description | File type | |