{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T16:44:50Z","timestamp":1765039490740},"reference-count":25,"publisher":"Engineering and Technology Publishing","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["jcm"],"published-print":{"date-parts":[[2019]]},"DOI":"10.12720\/jcm.14.10.958-964","type":"journal-article","created":{"date-parts":[[2019,12,31]],"date-time":"2019-12-31T03:31:16Z","timestamp":1577763076000},"page":"958-964","source":"Crossref","is-referenced-by-count":12,"title":["Assessing the Internet of Things Security Risks"],"prefix":"10.12720","author":[{"name":"National Institute of Posts and Telecommunication INPT, Madinat Al Irfane, Rabat, Morocco","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wissam","family":"Abbass","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zineb","family":"Bakraouy","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Amine","family":"Baina","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mostafa","family":"Bella","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"4977","published-online":{"date-parts":[[2019]]},"reference":[{"key":"ref0","doi-asserted-by":"publisher","unstructured":"[1] F. Wortmann and K. Fl\u00fcchter, \"Internet of things,\" Business & Information Systems Engineering, vol. 57, no. 3, pp. 221-224. 2015.","DOI":"10.1007\/s12599-015-0383-3"},{"key":"ref1","doi-asserted-by":"publisher","unstructured":"[2] F. A. Alaba, M. Othman, I. A. T. Hashem, and F. Alotaibi, \"Internet of Things security: A survey,\" J. Netw. Comput. Appl., vol. 88, pp. 10-28, 2017.","DOI":"10.1016\/j.jnca.2017.04.002"},{"key":"ref2","doi-asserted-by":"publisher","unstructured":"[3] J. Mcdonald, N. Oualha, A. Puccetti, A. Hecker, and F. Planchon, \"Application of EBIOS for the risk assessment of ICT use in electrical distribution sub-stations,\" 2013.","DOI":"10.1109\/PTC.2013.6652221"},{"key":"ref3","doi-asserted-by":"publisher","unstructured":"[4] A. Syalim, Y. Hori, and K. Sakurai, \"Comparison of risk analysis methods: Mehari, magerit, NIST800-30 and microsoft's security management guide,\" in Proc. International Conference on Availability, Reliability and Security, 2009, pp. 726-731.","DOI":"10.1109\/ARES.2009.75"},{"key":"ref4","unstructured":"[5] B. Corcoran, \"A qualitative risk analysis and management tool - CRAMM,\" 2002, p. 13."},{"key":"ref5","doi-asserted-by":"publisher","unstructured":"[6] R. A. Caralli, J. F. Stevens, L. R. Young, and W. R. Wilson, \"Introducing OCTAVE allegro: Improving the information security risk assessment process,\" Carnegie-Mellon Univ. Pittsburgh PA Software Engineering INST, CMU\/SEI-2007-TR-012, 2007.","DOI":"10.21236\/ADA470450"},{"key":"ref6","doi-asserted-by":"publisher","unstructured":"[7] J. Tupa, J. Simota, and F. Steiner, \"Aspects of risk management implementation for Industry 4.0,\" Procedia Manuf., vol. 11, pp. 1223-1230, 2017.","DOI":"10.1016\/j.promfg.2017.07.248"},{"key":"ref7","doi-asserted-by":"publisher","unstructured":"[8] R. Roman, J. Zhou, and J. Lopez, \"On the features and challenges of security and privacy in distributed internet of things,\" Comput. Netw., vol. 57, no. 10, pp. 2266-2279, 2013.","DOI":"10.1016\/j.comnet.2012.12.018"},{"key":"ref8","doi-asserted-by":"publisher","unstructured":"[9] S. Lins, S. Schneider, and A. Sunyaev, \"Trust is good, control is better: Creating secure clouds by continuous auditing,\" IEEE Trans. Cloud Comput., vol. 6, no. 3, pp. 890-903, 2018.","DOI":"10.1109\/TCC.2016.2522411"},{"key":"ref9","unstructured":"[10] J. Eriksson, Threat Politics: New Perspectives on Security, Risk and Crisis Management: New Perspectives on Security, Risk and Crisis Management. Routledge, 2017."},{"key":"ref10","doi-asserted-by":"publisher","unstructured":"[11] K. Liu, M. Wang, W. Zhu, J. Wu, and X. Yan, \"Vulnerability analysis of an urban gas pipeline network considering pipeline-road dependency,\" Int. J. Crit. Infrastruct. Prot., 2018.","DOI":"10.1016\/j.ijcip.2018.08.008"},{"key":"ref11","unstructured":"[12] D. Sameer and K. Swaminathan, \"Efficient surveillance and monitoring using the ELK stack for IoT powered Smart Buildings,\" in Proc. 2nd International Conference on Inventive Systems and Control (ICISC), India, 2018."},{"key":"ref12","doi-asserted-by":"publisher","unstructured":"[13] A. Cook, H. Janicke, L. Maglaras, and R. Smith, \"An assessment of the application of IT security mechanisms to industrial control systems,\" International Journal of Internet Technology Secured Transactions, vol. 7, no. 2, p. 144, 2017.","DOI":"10.1504\/IJITST.2017.087163"},{"key":"ref13","doi-asserted-by":"publisher","unstructured":"[14] A. M. Ghiran, R. A. Buchmann, and C. C. Osman, \"Security requirements elicitation from engineering governance, risk management and compliance,\" in Proc. Springer International Working Conference on Requirements Engineering: Foundation for Software Quality, Netherland, 2018, pp. 283-289.","DOI":"10.1007\/978-3-319-77243-1_17"},{"key":"ref14","doi-asserted-by":"publisher","unstructured":"[15] M. Panjwani, M. J\u00e4ntti, and J. Sormunen, \"IT service management from a perspective of small and medium sized companies,\" in Proc. 10th International Conference on the Quality of Information and Communications Technology, Portugal, 2016, pp. 210-215.","DOI":"10.1109\/QUATIC.2016.053"},{"key":"ref15","doi-asserted-by":"publisher","unstructured":"[16] J. Tupa, J. Simota, and F. Steiner, \"Aspects of risk management implementation for Industry 4.0,\" Procedia Manuf., vol. 11, pp. 1223-1230, 2017.","DOI":"10.1016\/j.promfg.2017.07.248"},{"key":"ref16","doi-asserted-by":"publisher","unstructured":"[17] W. Abbass, A. Baina, and M. Bellafkih, \"Survey on information system security risk management alignment\", in Proc. International Conference on Information Technology for Organizations Development, Morocco, 2016, pp. 1-6.","DOI":"10.1109\/IT4OD.2016.7479260"},{"key":"ref17","doi-asserted-by":"publisher","unstructured":"[18] W. Abbass, A. Baina, and M. Bellafkih, \"Improvement of information system security risk management,\" in Proc. 4th IEEE International Colloquium on Information Science and Technology, Morocco, 2016, pp. 182-187.","DOI":"10.1109\/CIST.2016.7805039"},{"key":"ref18","doi-asserted-by":"publisher","unstructured":"[19] H. Holm, T. Sommestad, M. Ekstedt, and L. Nordstr\u00f6M, \"CySeMoL: A tool for cyber security analysis of enterprises,\" in Proc. 22nd International Conference and Exhibition on Electricity Distribution, Sweden, 2013, pp. 1-4.","DOI":"10.1049\/cp.2013.1077"},{"key":"ref19","doi-asserted-by":"publisher","unstructured":"[20] S. Lins, S. Schneider, and A. Sunyaev, \"Trust is good, control is better: Creating secure clouds by continuous auditing,\" IEEE Trans. Cloud Comput., vol. 6, no. 3, pp. 890-903, 2018.","DOI":"10.1109\/TCC.2016.2522411"},{"key":"ref20","doi-asserted-by":"publisher","unstructured":"[21] M. A. Van Staalduinen, F. Khan, V. Gadag, and G. Reniers, \"Functional quantitative security risk analysis (QSRA) to assist in protecting critical process infrastructure,\" Reliability Engineering & System Safety, 2017.","DOI":"10.1016\/j.ress.2016.08.014"},{"key":"ref21","doi-asserted-by":"publisher","unstructured":"[22] A. Marrella, M. Mecella, B. Pernici, and P. Plebani, Design-time Models for Resiliency, InConceptual Modeling Perspectives, Springer, Cham, 2017.","DOI":"10.1007\/978-3-319-67271-7_8"},{"key":"ref22","doi-asserted-by":"publisher","unstructured":"[23] Z. Bakraouy, A. Baina, and M. Bellafkih, \"Availability of web services based on autonomous classification and negotiation of SLAs,\" in Proc. 6th International Conference on Multimedia Computing and Systems, Morocco, 2018, pp. 1-6.","DOI":"10.1109\/ICMCS.2018.8525913"},{"key":"ref23","doi-asserted-by":"publisher","unstructured":"[24] Z. Bakraouy, A. Baina, and M. Bellafkih, \"System multi agents for automatic negotiation of SLA in cloud computing,\" in Proc. International Conference on Innovations in Bio-Inspired Computing and Applications, Morocco, 2017, pp. 234-244.","DOI":"10.1007\/978-3-319-76354-5_21"},{"key":"ref24","doi-asserted-by":"publisher","unstructured":"[25] W. Abbass, Z. Bakraouy, A. Baina, and M. Bellafkih, \"Classifying IoT security risks using Deep Learning algorithms,\" in Proc. 6th International Conference on Wireless Networks and Mobile Communications, Morocco, 2018. [26] Son, S. Jun, and Y. Kwon, \"Performance of ELK stack and commercial system in security log analysis,\" in Proc. the 13th Malaysia International Conference on Communications (MICC), Malaysia, 2017.","DOI":"10.1109\/WINCOM.2018.8629709"}],"container-title":["Journal of Communications"],"original-title":[],"link":[{"URL":"http:\/\/www.jocm.us\/uploadfile\/2019\/0909\/20190909054049213.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,1,4]],"date-time":"2021-01-04T02:56:43Z","timestamp":1609729003000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.jocm.us\/index.php?m=content&c=index&a=show&catid=231&id=1444"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"references-count":25,"URL":"https:\/\/doi.org\/10.12720\/jcm.14.10.958-964","relation":{},"ISSN":["2374-4367"],"issn-type":[{"type":"print","value":"2374-4367"}],"subject":[],"published":{"date-parts":[[2019]]}}}