Test-based risk assessment and security certification proposal for the Internet of Things

被引:0
|
作者
Matheu Garcia, Sara N. [1 ]
Hernandez-Ramos, Jose L. [1 ]
Skarmeta, Antonio E. [1 ,2 ]
机构
[1] Univ Murcia, Fac Comp Sci, Dept Informat & Commun Engn, Murcia, Spain
[2] Odin Solut SL, Murcia, Spain
来源
2018 IEEE 4TH WORLD FORUM ON INTERNET OF THINGS (WF-IOT) | 2018年
基金
欧盟地平线“2020”;
关键词
Security Certification; Security Risk Assessment; CWSS; Common Criteria; IoT; Security Testing;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This work provides a design of a certification methodology for IoT, paying attention to the test-based risk assessment phase to empower testers with the ability to assess security solutions for large-scale IoT deployments. The resulting approach is an instantiation of the Risk-based Security Assessment presented by ETSI based on the ISO 31000, and it is built on top of different technologies and approaches for security testing and risk assessment adapted to the IoT landscape. The proposed methodology is intended to be used for the different experiments that are proposed in the scope of the ARMOUR project for assessing the fulfilment of several security aspects. It is expected to be used as a baseline to build a new security certification and labelling approach for IoT devices.
引用
收藏
页码:641 / 646
页数:6
相关论文
共 50 条
  • [1] Test-Based Security Certification of Composite Services
    Anisetti, Marco
    Ardagna, Claudio
    Damiani, Ernesto
    Polegri, Gianluca
    [J]. ACM TRANSACTIONS ON THE WEB, 2019, 13 (01)
  • [2] A Test-Based Security Certification Scheme for Web Services
    Anisetti, Marco
    Ardagna, Claudio A.
    Damiani, Ernesto
    Saonara, Francesco
    [J]. ACM TRANSACTIONS ON THE WEB, 2013, 7 (02)
  • [3] RFID Security Certification based on the Internet of Things
    Zhang, Meng
    Zhao, Zhen-Yu
    Yu, Song-Sen
    [J]. 2016 INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND INFORMATION SECURITY (CSIS 2016), 2016, : 755 - 760
  • [4] Security certification and labelling in Internet of Things
    Baldini, Gianmarco
    Skarmeta, Antonio
    Fourneret, Elizabeta
    Neisse, Ricardo
    Legeard, Bruno
    Le Gall, Franck
    [J]. 2016 IEEE 3RD WORLD FORUM ON INTERNET OF THINGS (WF-IOT), 2016, : 627 - 632
  • [5] Security Risk Assessment in Internet of Things Systems
    Nurse, Jason R. C.
    Creese, Sadie
    De Roure, David
    [J]. IT PROFESSIONAL, 2017, 19 (05) : 20 - 26
  • [6] A Test-Based Incremental Security Certification Scheme for Cloud-Based Systems
    Anisetti, Marco
    Ardagna, Claudio A.
    Damiani, Ernesto
    [J]. 2015 IEEE 12TH INTERNATIONAL CONFERENCE ON SERVICES COMPUTING (SCC 2015), 2015, : 736 - 741
  • [7] Test-based Interoperability Certification for Web Services
    Elia, Ivano Alessandro
    Laranjeiro, Nuno
    Vieira, Marco
    [J]. 2015 45TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS, 2015, : 196 - 206
  • [8] Security and Privacy in the Internet of Medical Things: Taxonomy and Risk Assessment
    Alsubaei, Faisal
    Shiva, Sajjan
    Abuhussein, Abdullah
    [J]. 2017 IEEE 42ND CONFERENCE ON LOCAL COMPUTER NETWORKS WORKSHOPS (LCN WORKSHOPS 2017), 2017, : 112 - 120
  • [9] Security Risk Assessment Methodologies in The Internet of Things: Survey and Taxonomy
    Yassine, Imad
    Halabi, Talal
    Bellaiche, Martine
    [J]. 2021 21ST INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY COMPANION (QRS-C 2021), 2021, : 668 - 675
  • [10] A Novel Risk Assessment Model for Privacy Security in Internet of Things
    WU Tianshui
    ZHAO Gang
    [J]. Wuhan University Journal of Natural Sciences, 2014, 19 (05) : 398 - 404
12345