Desired Quality Ability of the system to enforce the intended
confidentiality, integrity and service access policies and
to detect and recover from failure in these security
mechanisms.
IoT-A Requirements UNI.062, UNI.407, UNI.408, UNI.410, UNI.412,
UNI.413, UNI.424, UNI.502, UNI.507, UNI.604,
UNI.609, UNI.611, UNI.612, UNI.617, UNI.618,
UNI.624, UNI.719
Applicability Relevant to all IoT systems.
Activities Capture the security requirements
Check interoperability requirements for impacts on
security processes between heterogenous peers
Conduct risk analysis
Use infrastructural Authentication components that
support more Identity Frameworks for scalability and
interoperability
Use infrastructural or federated Key Exchange
Management to secure communication initiation and
tunnelling between gateways for interoperability
Use an Authorization component to enable
interoperability with other systems
Define security impact on interaction model
Address all aspects of Service and Communication
Security
Integrate the trust model and support privacy features
Identify security hardware requirements
Consider performance/security tradeoffs
Validate against requirements
Tactics Use an extended Internet Threat Model for which takes
into account specific IoT communication vulnerabilities
Harden infrastructural functional components
Authenticate subjects
Define and enforce access policies
Secure communication infrastructure (gateways,
infrastructure services)
Secure communication between subjects
Secure peripheral networks (data link layer security,
network entry, secure routing, mobility and handover)
Avoid wherever possible wireless communication
Physically protect peripheral devices or consider
peripheral devices as available to malicious users in