SlideShare a Scribd company logo

Security Aspects in IoT - A Review

A
Asiri Hewage

This document reviews security challenges for Internet of Things (IoT) devices. It identifies key challenges as securing devices, cloud infrastructure, and managing the security lifecycle across devices and cloud. Specific security issues discussed include authentication, access control, privacy, policy enforcement, trust, mobile security, secure middleware, and confidentiality of private data generated by IoT interconnections. The author argues that addressing these challenges will be critical for realization of IoT's potential benefits.

Technology
Related topics:
Internet of Things Research Paper Smart Devices
1 of 4
1
2
3
4
IOT Security: A Review Asiri Hewage, IT17094078, Faculty of Computing, Sri Lanka Institute of Information Technology, New Kandy RD, Malabe, Sri Lanka. Email: asiriofficial@gmail.com Web: www.asirihewage.business.site Abstract — In the past decade, Internet of Things has been a focus of research. Security and privacy are the key issues for Internet of Things applications, and still face some challenges. One of the key challenges for the realization of the Internet of Things includes security challenges, especially in the area of privacy and confidentiality among management of heterogeneities and limitations of network capacities. This review paper gives an insight into the most important security challenges related to Internet of Things. Keywords: security, Internet of Things, challenges, privacy, data, confidentiality, regulation, IoT. INTRODUCTION The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure. The Internet of Things concerns the connection of physical devices (cars, thermostats, smartphones, home lighting, tide sensors, smart meters, etc.) to the Internet. A more widely accepted definition is ITU's definition from 2005, which is very general and reads as follows: Internet of Things is a global infrastructure for the modern Society, enabling sophisticated services by interconnecting physical and virtual interoperable information and communication technologies. There are more devices connected to the Internet than people on the planet, and the prediction is that there will be 50 billion devices by 2020. I. THE SECURITY IN IOT The three main points attackers can access IOT devices connected to a network are: 1. The device, 2. The cloud, 3. The network. 1. Securing the Device:
There are some technologies in the industry such as embedded SIM Technology (eUICC), M2M-optimised SIM Technology, SafeNet Hardware Security Modules (HSMs), Trusted Key Manager, IP protection to provide security for embedded devices. My opinion is the IP protection is little bit old. Current IoT ecosystems should move from such security infrastructures to something more advanced with encryption technologies. 2. Securing the cloud infrastructure: This is a major form of threat comes from the enterprise or cloud environment that smart devices are connected to. Data encryption, cloud security and cloud-based licensing helps technology companies leverage the full potential of the cloud environment, ensuring their intellectual property is secured. 3. IoT Security Lifecycle Management. Managing the lifecycle of security components across the device and cloud spectrum is a critical element for a robust and long-term digital security strategy. Security of an Internet of ecosystem is not a one-off activity, but an evolving part of the Internet of ecosystem. Some solutions to build a sustainable security lifecycle management infrastructure, to address current and future security threats are Identity & access management, Crypto management and maintaining Trusted Services Hubs. II. CURRENT STATE There are now more connected cars, meters, machines, wearable devices and similar IoT nodes than there are PCs, laptops, tablets, and smartphones. Exact numbers and estimates vary but the consensus is that there are now close to 8 billion IoT devices in use and around 7 billion non-IoT connected devices. Low bandwidth and/or low latency environments such as oil rigs, mines, or factories are rapidly taking the experience of IoT. It will gain in further importance over time. However, the critical element will be the interconnection between device and cloud, in which the cloud performs many of the non- critical tasks and large-scale data storage. The modern IoT trends are as follows according to the analytics done by iot-analytics.com  Most important government initiative: US IoT Cybersecurity Act  Most important connectivity initiative: NB-IoT roll-out  Most essential technology development: IoT Cloud  Most amazing implementation of IoT- based analytics: Google Waymo  Biggest Consumer IoT Success: Voice- enabled home gateways  Most discussed new trend: Blockchain III.CHANLLENGES  Authentication Now-a-days IoT devices use PKI (public key infrastructure) authentication where digital certificates prove the authenticity of the device. However, IoT devices use few protocols than normal networking devices use and their standards and each authentication method must ensure that each device is capable of authentication in a secure manner. Some may need manual update because lacking OTA functionality and others may have locked settings that cannot be changed from the default.  Access Control My opinion is that organizations better to have an automated and integrated security framework that secures network access,
monitors traffic and behaviors because Access control systems play a major role in security of Internet of Things, it should ensure that access controls are universally applied and devices are removable with minimal impact to critical business transactions and workflows.  Privacy As an example, Internet of Things is being used to monitor infants’ health and activities, thus enabling them to live safely and independently at home. However, Internet of Things create privacy challenges that need to be addressed. There are some other aspects of privacy such as confidentiality and secondary use of users' information. The developers of Internet of Things should adopt an expanded view of privacy. This will ensure that safeguards are built in to Internet of Things devices to protect and maintain users' privacy while also enabling the appropriate sharing of data to support the users’ safety and wellbeing.  Policy Enforcement Governments and regulators can help unlock socio-economic benefits by implementing policies that promote innovation and investment, as well as introducing regulatory frameworks that build trust and are technology neutral. But in Sri Lanka there no any active policies yet under the IoT ecosystem because that is still not yet touched by public. So startups and new inventors are capable in nature to try anything using IoT technologies because those technologies are not yet regulated by the government. I suggest that the government of Sri Lanka should adapt to those technologies and make rules and regulations before going it viral in the country.  Trust As a user I may consider Trust as the most important thing before interacting with an IoT devices because I’m going to share my data with those tiny devices. The security and privacy requirements including privacy and trust management among users and things are playing a fundamental role to detect malicious nodes in IoT. According to my experience an IoT service provider should do surveys continuously on trust evaluation under some specified criteria to provide a trustworthy service.  Mobile Security There are so many types of attacks could be performed via next generation IMSI catchers just like fake mobile. They will open back doors to monitor users’ IoT activities (e.g., home automation activities, daily routine automations), Create fake nodes based on that information, using these profiles to monitor their activity and behavior remotely even if the users move away from the area. So the current IoT in fractures should pay more attention on mobile devices because it is the device acting as middle person to inter connect the IoT device and the user.  Secure Middleware The middleware for IoT acts as a bond joining the nodes through interfaces. Sometimes middleware acts like a software layer interposed between the infrastructure and the applications using it to support important requirements for these applications. To track issues of middleware, first we should have a better understanding of the current gap and future directions of existing middleware systems. Second, fundamental functional features should be classified on the existing IoT-middleware. Then we can analyze and research the issues to optimize the system
security. As a theory no any system is secure within a network.  Confidentiality IoT interconnections generate a huge amount of private data, which needs to be processed, communicated and stored. Using normal security solutions to ensure data confidentiality is challenging. So my opinion is that we should discuss further more to build up a standardized infrastructure with more secure protocols for the future. Otherwise the developers and innovators will have to do more effort to communicate and promote their product within a society affected by IoT phobias. IV. CONCLUSION Internet of Things represents a new, interesting direction in the development of the Internet. It refers to unique identification of objects and their virtual representation in the structure of the Internet and they may communicate with each other, provide information about itself and accept data collected by other objects. This emerging domain for the Internet of Things has been attracting the significant interest in last few years, and will continue for the years to come The development of Internet of Things depends on the dynamics of innovations in numerous technical fields, from wireless sensors to nanotechnology. Capacities, such as the monitoring of changes in the environment or communication between devices, represent high priority in the development of Internet of Things. One of the key challenges for the realization of the Internet of Things include security, privacy and confidentiality, management of heterogeneities, limitations of network capacities, management and processing of large quantities of data in order to provide useful information / service and enable an efficient regulatory policy in the area of Internet of Things. According to the Gartner’s expectations IoT security spending to grow by almost 60 percent in the next two years, reaching around USD 547 million. So we should take the maximum outcome for the spending. Since, protection of privacy is one of the key constitutional rights of European citizens' it is very important to note that Internet of Things will have to be established in Sri Lanka as regulatory frameworks for data and privacy protection, as well as with all legal requirements into a single group of rules in SL and including also revised measures for data transparency and safety issues. REFERENCES [1] Hari and Singh: Security Issues in Wireless Sensor Networks, International Conference on Advances in Computing, Communication, & Automation (ICACCA), Apr. 2016; DOI: 10.1109/ICACCA.2016.7578876 [2] Ferrag M. A., L. A. Maglaras, H. Janicke and J. Jiang: „Authentication Protocols for Internet of Things: A Comprehensive Survey “, arXiv, Dec. 2016 [3] IoT 2017 in review: The 10 most relevant IoT developments of the year, https://iot-analytics.com/iot- 2017-in-review/ [4] Chaqfeh, Moumena. “Challenges in middleware solutions for the internet of things.” International Conference on Collaboration Technologies and Systems (CTS) (2012): 21-26. [5] ABDMEZIEM, Mohammed. (2016). Data Confidentiality in the Internet of Things. 10.13140/RG.2.2.19150.87366. [6] Mario Ballano Barcena and Candid Wueest, Symantec Antivirus,” Insecurity in the Internet of Things, Mar 12 2015 [7] Ericson Corporation, “IOT Security”, Ericson White paper, 284 23-3302 (Uen), February 2017 [8] Gartner, Forecast: IoT Security, Worldwide, 2016, https://www.gartner.com/doc/3277832/forecast-iot- security-worldwide-

More Related Content

PPTX
Iot(security)
Shreya Pohekar
 
PPT
Bluetooth presentation
DhairYash Kotwani
 
PPTX
Iot ppt
piyuu7
 
PPTX
IoT security
YashKesharwani2
 
PPTX
Transport layer security (tls)
Kalpesh Kalekar
 
PDF
Security challenges in IoT
Vishnupriya T H
 
PDF
Overview of IoT and Security issues
Anastasios Economides
 
PPTX
Digital signature
Praseela R
 
Iot(security)
Shreya Pohekar
 
Bluetooth presentation
DhairYash Kotwani
 
Iot ppt
piyuu7
 
IoT security
YashKesharwani2
 
Transport layer security (tls)
Kalpesh Kalekar
 
Security challenges in IoT
Vishnupriya T H
 
Overview of IoT and Security issues
Anastasios Economides
 
Digital signature
Praseela R
 

What's hot (20)

PDF
IoT Networking
Hitesh Mohapatra
 
PPTX
Wireless network security
Vishal Agarwal
 
PPTX
Internet of things
Palak Sood
 
PPT
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
PPTX
Presentation on IOT SECURITY
The Avi Sharma
 
PPTX
Zigbee technology ppt
ijaranjani
 
PDF
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
CableLabs
 
PDF
IoT applications for connected vehicle and ITS
Shashank Dhaneshwar
 
PDF
Digital forensic principles and procedure
newbie2019
 
PPTX
IOT
Gaurav Dwivedi
 
PDF
IoT Security
Narudom Roongsiriwong, CISSP
 
PPT
Bluetooth security
Ramasubbu .P
 
PPTX
Data enrichment
FabMinds
 
PPTX
Internet of things - challenges scopes and solutions
Shivam Kumar
 
PPTX
Iot Security
MAITREYA MISRA
 
PPTX
Internet of Things with Cloud Computing and M2M Communication
Sherin C Abraham
 
PPTX
Eye Movement based Human Computer Interaction Technique
Jobin George
 
PPTX
IoT Security Risks and Challenges
OWASP Delhi
 
PDF
ZigBee Technology
Ibrahim Kazanci
 
PPTX
RFID BASED VEHICLE TRACKING SYSTEM
Ayush Dixit
 
IoT Networking
Hitesh Mohapatra
 
Wireless network security
Vishal Agarwal
 
Internet of things
Palak Sood
 
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
Presentation on IOT SECURITY
The Avi Sharma
 
Zigbee technology ppt
ijaranjani
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
CableLabs
 
IoT applications for connected vehicle and ITS
Shashank Dhaneshwar
 
Digital forensic principles and procedure
newbie2019
 
IOT
Gaurav Dwivedi
 
IoT Security
Narudom Roongsiriwong, CISSP
 
Bluetooth security
Ramasubbu .P
 
Data enrichment
FabMinds
 
Internet of things - challenges scopes and solutions
Shivam Kumar
 
Iot Security
MAITREYA MISRA
 
Internet of Things with Cloud Computing and M2M Communication
Sherin C Abraham
 
Eye Movement based Human Computer Interaction Technique
Jobin George
 
IoT Security Risks and Challenges
OWASP Delhi
 
ZigBee Technology
Ibrahim Kazanci
 
RFID BASED VEHICLE TRACKING SYSTEM
Ayush Dixit
 
Ad

Similar to Security Aspects in IoT - A Review (20)

DOCX
INTERNET OF THINGS A STUDY ON SECURITY AND PRIVACY THREATSMd .docx
vrickens
 
PDF
A Critical Study on Security Threats, Issues, and Challenges in the Internet ...
BRNSSPublicationHubI
 
PDF
A Survey Report on : Security & Challenges in Internet of Things
ijsrd.com
 
PPTX
A_Review_on_Security_Challenges_in_Internet_of.pptx
abeeralmarboa134
 
PDF
Internet of Things Challenges and Solutions
ijtsrd
 
PDF
509286-Aki_Koivu-Review
Aki Koivu
 
PDF
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET Journal
 
PDF
Internet of Things IoT Anytime Anywhere Anything Connectivity
YogeshIJTSRD
 
PDF
A Study on Device Oriented Security Challenges in Internet of Things (IoT)
Eswar Publications
 
PPTX
Not IN Cybersecurity Connectivity,Cloud Platforms,Security.pptx
PratimanChoubey
 
PDF
Security in IoT
SKS
 
DOCX
Security and Privacy considerations in Internet of Things
Somasundaram Jambunathan
 
PDF
White Paper: IoT Security – Protecting the Networked Society
Ericsson
 
DOCX
Addressing security and privacy in io t ecosystem v0.4
Somasundaram Jambunathan
 
PDF
IRJET - Cyber Security Threats and Vulnerabilities in IoT
IRJET Journal
 
PDF
IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...
IRJET Journal
 
PDF
76 s201918
IJRAT
 
PDF
IRJET - A Study on Smart Way for Securing IoT Devices
IRJET Journal
 
PDF
Security and Privacy Big Challenges in Internet of things
IRJET Journal
 
PDF
76 s201917
IJRAT
 
INTERNET OF THINGS A STUDY ON SECURITY AND PRIVACY THREATSMd .docx
vrickens
 
A Critical Study on Security Threats, Issues, and Challenges in the Internet ...
BRNSSPublicationHubI
 
A Survey Report on : Security & Challenges in Internet of Things
ijsrd.com
 
A_Review_on_Security_Challenges_in_Internet_of.pptx
abeeralmarboa134
 
Internet of Things Challenges and Solutions
ijtsrd
 
509286-Aki_Koivu-Review
Aki Koivu
 
IRJET- Multifactor Authentication in IoT Devices for Ensuring Secure Cloud St...
IRJET Journal
 
Internet of Things IoT Anytime Anywhere Anything Connectivity
YogeshIJTSRD
 
A Study on Device Oriented Security Challenges in Internet of Things (IoT)
Eswar Publications
 
Not IN Cybersecurity Connectivity,Cloud Platforms,Security.pptx
PratimanChoubey
 
Security in IoT
SKS
 
Security and Privacy considerations in Internet of Things
Somasundaram Jambunathan
 
White Paper: IoT Security – Protecting the Networked Society
Ericsson
 
Addressing security and privacy in io t ecosystem v0.4
Somasundaram Jambunathan
 
IRJET - Cyber Security Threats and Vulnerabilities in IoT
IRJET Journal
 
IRJET- Internet of Things (IoT), and the Security Issues Surrounding it: ...
IRJET Journal
 
76 s201918
IJRAT
 
IRJET - A Study on Smart Way for Securing IoT Devices
IRJET Journal
 
Security and Privacy Big Challenges in Internet of things
IRJET Journal
 
76 s201917
IJRAT
 
Ad

Recently uploaded (20)

PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
KodekX | Application Modernization Development
KodekX
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
Teaching material agriculture food technology
LiaRayya
 
Approach and Philosophy of On baking technology
30anthuong17
 
Cloud computing and distributed systems.
kkkkkhan
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 

Security Aspects in IoT - A Review

  • 1. IOT Security: A Review Asiri Hewage, IT17094078, Faculty of Computing, Sri Lanka Institute of Information Technology, New Kandy RD, Malabe, Sri Lanka. Email: asiriofficial@gmail.com Web: www.asirihewage.business.site Abstract — In the past decade, Internet of Things has been a focus of research. Security and privacy are the key issues for Internet of Things applications, and still face some challenges. One of the key challenges for the realization of the Internet of Things includes security challenges, especially in the area of privacy and confidentiality among management of heterogeneities and limitations of network capacities. This review paper gives an insight into the most important security challenges related to Internet of Things. Keywords: security, Internet of Things, challenges, privacy, data, confidentiality, regulation, IoT. INTRODUCTION The Internet of Things (IoT) is the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure. The Internet of Things concerns the connection of physical devices (cars, thermostats, smartphones, home lighting, tide sensors, smart meters, etc.) to the Internet. A more widely accepted definition is ITU's definition from 2005, which is very general and reads as follows: Internet of Things is a global infrastructure for the modern Society, enabling sophisticated services by interconnecting physical and virtual interoperable information and communication technologies. There are more devices connected to the Internet than people on the planet, and the prediction is that there will be 50 billion devices by 2020. I. THE SECURITY IN IOT The three main points attackers can access IOT devices connected to a network are: 1. The device, 2. The cloud, 3. The network. 1. Securing the Device:
  • 2. There are some technologies in the industry such as embedded SIM Technology (eUICC), M2M-optimised SIM Technology, SafeNet Hardware Security Modules (HSMs), Trusted Key Manager, IP protection to provide security for embedded devices. My opinion is the IP protection is little bit old. Current IoT ecosystems should move from such security infrastructures to something more advanced with encryption technologies. 2. Securing the cloud infrastructure: This is a major form of threat comes from the enterprise or cloud environment that smart devices are connected to. Data encryption, cloud security and cloud-based licensing helps technology companies leverage the full potential of the cloud environment, ensuring their intellectual property is secured. 3. IoT Security Lifecycle Management. Managing the lifecycle of security components across the device and cloud spectrum is a critical element for a robust and long-term digital security strategy. Security of an Internet of ecosystem is not a one-off activity, but an evolving part of the Internet of ecosystem. Some solutions to build a sustainable security lifecycle management infrastructure, to address current and future security threats are Identity & access management, Crypto management and maintaining Trusted Services Hubs. II. CURRENT STATE There are now more connected cars, meters, machines, wearable devices and similar IoT nodes than there are PCs, laptops, tablets, and smartphones. Exact numbers and estimates vary but the consensus is that there are now close to 8 billion IoT devices in use and around 7 billion non-IoT connected devices. Low bandwidth and/or low latency environments such as oil rigs, mines, or factories are rapidly taking the experience of IoT. It will gain in further importance over time. However, the critical element will be the interconnection between device and cloud, in which the cloud performs many of the non- critical tasks and large-scale data storage. The modern IoT trends are as follows according to the analytics done by iot-analytics.com  Most important government initiative: US IoT Cybersecurity Act  Most important connectivity initiative: NB-IoT roll-out  Most essential technology development: IoT Cloud  Most amazing implementation of IoT- based analytics: Google Waymo  Biggest Consumer IoT Success: Voice- enabled home gateways  Most discussed new trend: Blockchain III.CHANLLENGES  Authentication Now-a-days IoT devices use PKI (public key infrastructure) authentication where digital certificates prove the authenticity of the device. However, IoT devices use few protocols than normal networking devices use and their standards and each authentication method must ensure that each device is capable of authentication in a secure manner. Some may need manual update because lacking OTA functionality and others may have locked settings that cannot be changed from the default.  Access Control My opinion is that organizations better to have an automated and integrated security framework that secures network access,
  • 3. monitors traffic and behaviors because Access control systems play a major role in security of Internet of Things, it should ensure that access controls are universally applied and devices are removable with minimal impact to critical business transactions and workflows.  Privacy As an example, Internet of Things is being used to monitor infants’ health and activities, thus enabling them to live safely and independently at home. However, Internet of Things create privacy challenges that need to be addressed. There are some other aspects of privacy such as confidentiality and secondary use of users' information. The developers of Internet of Things should adopt an expanded view of privacy. This will ensure that safeguards are built in to Internet of Things devices to protect and maintain users' privacy while also enabling the appropriate sharing of data to support the users’ safety and wellbeing.  Policy Enforcement Governments and regulators can help unlock socio-economic benefits by implementing policies that promote innovation and investment, as well as introducing regulatory frameworks that build trust and are technology neutral. But in Sri Lanka there no any active policies yet under the IoT ecosystem because that is still not yet touched by public. So startups and new inventors are capable in nature to try anything using IoT technologies because those technologies are not yet regulated by the government. I suggest that the government of Sri Lanka should adapt to those technologies and make rules and regulations before going it viral in the country.  Trust As a user I may consider Trust as the most important thing before interacting with an IoT devices because I’m going to share my data with those tiny devices. The security and privacy requirements including privacy and trust management among users and things are playing a fundamental role to detect malicious nodes in IoT. According to my experience an IoT service provider should do surveys continuously on trust evaluation under some specified criteria to provide a trustworthy service.  Mobile Security There are so many types of attacks could be performed via next generation IMSI catchers just like fake mobile. They will open back doors to monitor users’ IoT activities (e.g., home automation activities, daily routine automations), Create fake nodes based on that information, using these profiles to monitor their activity and behavior remotely even if the users move away from the area. So the current IoT in fractures should pay more attention on mobile devices because it is the device acting as middle person to inter connect the IoT device and the user.  Secure Middleware The middleware for IoT acts as a bond joining the nodes through interfaces. Sometimes middleware acts like a software layer interposed between the infrastructure and the applications using it to support important requirements for these applications. To track issues of middleware, first we should have a better understanding of the current gap and future directions of existing middleware systems. Second, fundamental functional features should be classified on the existing IoT-middleware. Then we can analyze and research the issues to optimize the system
  • 4. security. As a theory no any system is secure within a network.  Confidentiality IoT interconnections generate a huge amount of private data, which needs to be processed, communicated and stored. Using normal security solutions to ensure data confidentiality is challenging. So my opinion is that we should discuss further more to build up a standardized infrastructure with more secure protocols for the future. Otherwise the developers and innovators will have to do more effort to communicate and promote their product within a society affected by IoT phobias. IV. CONCLUSION Internet of Things represents a new, interesting direction in the development of the Internet. It refers to unique identification of objects and their virtual representation in the structure of the Internet and they may communicate with each other, provide information about itself and accept data collected by other objects. This emerging domain for the Internet of Things has been attracting the significant interest in last few years, and will continue for the years to come The development of Internet of Things depends on the dynamics of innovations in numerous technical fields, from wireless sensors to nanotechnology. Capacities, such as the monitoring of changes in the environment or communication between devices, represent high priority in the development of Internet of Things. One of the key challenges for the realization of the Internet of Things include security, privacy and confidentiality, management of heterogeneities, limitations of network capacities, management and processing of large quantities of data in order to provide useful information / service and enable an efficient regulatory policy in the area of Internet of Things. According to the Gartner’s expectations IoT security spending to grow by almost 60 percent in the next two years, reaching around USD 547 million. So we should take the maximum outcome for the spending. Since, protection of privacy is one of the key constitutional rights of European citizens' it is very important to note that Internet of Things will have to be established in Sri Lanka as regulatory frameworks for data and privacy protection, as well as with all legal requirements into a single group of rules in SL and including also revised measures for data transparency and safety issues. REFERENCES [1] Hari and Singh: Security Issues in Wireless Sensor Networks, International Conference on Advances in Computing, Communication, & Automation (ICACCA), Apr. 2016; DOI: 10.1109/ICACCA.2016.7578876 [2] Ferrag M. A., L. A. Maglaras, H. Janicke and J. Jiang: „Authentication Protocols for Internet of Things: A Comprehensive Survey “, arXiv, Dec. 2016 [3] IoT 2017 in review: The 10 most relevant IoT developments of the year, https://iot-analytics.com/iot- 2017-in-review/ [4] Chaqfeh, Moumena. “Challenges in middleware solutions for the internet of things.” International Conference on Collaboration Technologies and Systems (CTS) (2012): 21-26. [5] ABDMEZIEM, Mohammed. (2016). Data Confidentiality in the Internet of Things. 10.13140/RG.2.2.19150.87366. [6] Mario Ballano Barcena and Candid Wueest, Symantec Antivirus,” Insecurity in the Internet of Things, Mar 12 2015 [7] Ericson Corporation, “IOT Security”, Ericson White paper, 284 23-3302 (Uen), February 2017 [8] Gartner, Forecast: IoT Security, Worldwide, 2016, https://www.gartner.com/doc/3277832/forecast-iot- security-worldwide-