{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,8]],"date-time":"2026-01-08T07:22:24Z","timestamp":1767856944370,"version":"3.49.0"},"reference-count":52,"publisher":"Walter de Gruyter GmbH","issue":"1","license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021,1,1]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>This paper presents a review of state-of-the-art security frameworks for IoT applications. It aims to find out what alternatives have been proposed to guide IoT application developers in the implementation of security measures through all development phases. In this literature review, we identified 21 security frameworks, and we analyzed them from IoT application domains addressed and IoT elements protected. We find four application domains: generic, smart cities, smart car\/VANET, and smart infrastructures. Concerning elements protected, we analyzed the frameworks through protected application resources and we also consider security properties in this paper. Our two principal findings are: (i) Even though there are a wide variety of security frameworks, we did not find a proposal that addresses all the layers of an IoT application (device, network, service and application) and all development phases (analysis, design, implementation, testing, deployment, and maintenance), (ii) Addressing security from the design phase allows IoT developers to have a broader perspective of the system, avoiding massive changes to be made in later stages, saving costs and time. This gap and concerns enable various research on security by design and secure development to be carried out, and proposed frameworks to address the identified problems.<\/jats:p>","DOI":"10.1515\/comp-2020-0220","type":"journal-article","created":{"date-parts":[[2021,5,12]],"date-time":"2021-05-12T03:25:35Z","timestamp":1620789935000},"page":"346-354","source":"Crossref","is-referenced-by-count":5,"title":["Framework-based security measures for Internet of Thing: A literature review"],"prefix":"10.1515","volume":"11","author":[{"given":"Johan Smith","family":"Rueda-Rueda","sequence":"first","affiliation":[{"name":"Grupo de investigaci\u00f3n en Tecnolog\u00edas de Informaci\u00f3n . Universidad Aut\u00f3noma de Bucaramanga . Bucaramanga , Santander . Colombia"}]},{"given":"Jesus M. T.","family":"Portocarrero","sequence":"additional","affiliation":[{"name":"Professional services. Nuance Communications . Rio de Janeiro , JR . Brazil"}]}],"member":"374","published-online":{"date-parts":[[2021,5,9]]},"reference":[{"key":"2022020121510245982_j_comp-2020-0220_ref_001","doi-asserted-by":"crossref","unstructured":"Adams K. M. et al., Nonfunctional requirements in systems analysis and design, 2015, 28, Springer.","DOI":"10.1007\/978-3-319-18344-2"},{"key":"2022020121510245982_j_comp-2020-0220_ref_002","doi-asserted-by":"crossref","unstructured":"Alassaf N., Gutub A., Parah S. A., Al Ghamdi M., Enhancing speed of simon: A light-weight-cryptographic algorithm for iot applications, Multimedia Tools and Applications, 2019, 78(23), 32633\u201332657.","DOI":"10.1007\/s11042-018-6801-z"},{"key":"2022020121510245982_j_comp-2020-0220_ref_003","unstructured":"AS S., The consequences of a cyber security breach, 2018."},{"key":"2022020121510245982_j_comp-2020-0220_ref_004","unstructured":"Atamli A. W. Martin A., Threat-based security analysis for the internet of things."},{"key":"2022020121510245982_j_comp-2020-0220_ref_005","doi-asserted-by":"crossref","unstructured":"Atzori L., Iera A., Morabito G., The internet of things: A survey, Computer networks, 2010, 54(15), 2787\u20132805.","DOI":"10.1016\/j.comnet.2010.05.010"},{"key":"2022020121510245982_j_comp-2020-0220_ref_006","doi-asserted-by":"crossref","unstructured":"Atzori L., Iera A., Morabito G., Understanding the internet of things: definition, potentials, and societal role of a fast evolving paradigm, Ad Hoc Networks, 2017, 56, 122\u2013140.","DOI":"10.1016\/j.adhoc.2016.12.004"},{"key":"2022020121510245982_j_comp-2020-0220_ref_007","unstructured":"Avast, Avast smart home security report 2019, 2019, Technical report."},{"key":"2022020121510245982_j_comp-2020-0220_ref_008","doi-asserted-by":"crossref","unstructured":"Bohli J.-M., Skarmeta A., Moreno M. V., Garc\u00eda D., Langend\u00f6rfer P., Smartie project: Secure iot data management for smart cities, 2015 International Conference on Recent Advances in Internet of Things (RIoT), IEEE, 2015, 1\u20136.","DOI":"10.1109\/RIOT.2015.7104906"},{"key":"2022020121510245982_j_comp-2020-0220_ref_009","doi-asserted-by":"crossref","unstructured":"Borgia E., The internet of things vision: Key features, applications and open issues, Computer Communications, 2014, 54, 1\u201331.","DOI":"10.1016\/j.comcom.2014.09.008"},{"key":"2022020121510245982_j_comp-2020-0220_ref_010","doi-asserted-by":"crossref","unstructured":"Brooks F. P., Essence and accidents of software engineering, IEEE Computer, 1997, 20(4).","DOI":"10.1109\/MC.1987.1663532"},{"key":"2022020121510245982_j_comp-2020-0220_ref_011","doi-asserted-by":"crossref","unstructured":"Chen Q., Abdelwahed S., Erradi A., A model-based validated autonomic approach to self-protect computing systems, IEEE Internet of things Journal, 2014, 1(5), 446\u2013460.","DOI":"10.1109\/JIOT.2014.2349899"},{"key":"2022020121510245982_j_comp-2020-0220_ref_012","unstructured":"Chung L., Nixon B. A., Yu E., Mylopoulos J., Non-functional requirements in software engineering, 2012, 5, Springer Science & Business Media."},{"key":"2022020121510245982_j_comp-2020-0220_ref_013","doi-asserted-by":"crossref","unstructured":"Cirani S., Ferrari G., Veltri L., Enforcing security mechanisms in the ip-based internet of things: An algorithmic overview, Algorithms, 2013, 6(2), 197\u2013226.","DOI":"10.3390\/a6020197"},{"key":"2022020121510245982_j_comp-2020-0220_ref_014","doi-asserted-by":"crossref","unstructured":"Condry M. W. Nelson C. B., Using smart edge iot devices for safer, rapid response with industry iot control operations, Proceedings of the IEEE, 2016, 104(5), 938\u2013946.","DOI":"10.1109\/JPROC.2015.2513672"},{"key":"2022020121510245982_j_comp-2020-0220_ref_015","unstructured":"CORDIS, Internet of things architecture, 2019."},{"key":"2022020121510245982_j_comp-2020-0220_ref_016","doi-asserted-by":"crossref","unstructured":"Da Xu L., He W., Li S., Internet of things in industries: A survey, IEEE Transactions on industrial informatics, 2014, 10(4), 2233\u20132243.","DOI":"10.1109\/TII.2014.2300753"},{"key":"2022020121510245982_j_comp-2020-0220_ref_017","unstructured":"Davis A. M., Software requirements: objects, functions, and states, 1993, Prentice-Hall, Inc."},{"key":"2022020121510245982_j_comp-2020-0220_ref_018","unstructured":"Deloitte, Business impacts of cyber attacks, 2018."},{"key":"2022020121510245982_j_comp-2020-0220_ref_019","doi-asserted-by":"crossref","unstructured":"Ge M., Hong J. B., Guttmann W., Kim D. S., A framework for automating security analysis of the internet of things, Journal of Network and Computer Applications, 2017, 83, 12\u201327.","DOI":"10.1016\/j.jnca.2017.01.033"},{"key":"2022020121510245982_j_comp-2020-0220_ref_020","doi-asserted-by":"crossref","unstructured":"Gu L., Wang J., Sun B., Trust management mechanism for internet of things, China Communications, 2014, 11(2), 148\u2013156.","DOI":"10.1109\/CC.2014.6821746"},{"key":"2022020121510245982_j_comp-2020-0220_ref_021","doi-asserted-by":"crossref","unstructured":"Heer T., Garcia-Morchon O., Hummen R., Keoh S. L., Kumar S. S., Wehrle K., Security challenges in the ip-based internet of things, Wireless Personal Communications, 2011, 61(3), 527\u2013542.","DOI":"10.1007\/s11277-011-0385-5"},{"key":"2022020121510245982_j_comp-2020-0220_ref_022","doi-asserted-by":"crossref","unstructured":"Hellaoui H., Bouabdallah A., Koudil M., Tas-iot: trust-based adaptive security in the iot, 2016 IEEE 41st Conference on Local Computer Networks (LCN), IEEE, 2016, 599\u2013602.","DOI":"10.1109\/LCN.2016.101"},{"key":"2022020121510245982_j_comp-2020-0220_ref_023","doi-asserted-by":"crossref","unstructured":"Hernandez-Ramos J. L., Pawlowski M. P., Jara A. J., Skarmeta A. F., Ladid L., Toward a lightweight authentication and authorization framework for smart objects, IEEE Journal on Selected Areas in Communications, 2015, 33(4), 690\u2013702.","DOI":"10.1109\/JSAC.2015.2393436"},{"key":"2022020121510245982_j_comp-2020-0220_ref_024","doi-asserted-by":"crossref","unstructured":"Huang X., Craig P., Lin H., Yan Z., Seciot: a security framework for the internet of things, Security and communication networks, 2016, 9(16), 3083\u20133094.","DOI":"10.1002\/sec.1259"},{"key":"2022020121510245982_j_comp-2020-0220_ref_025","doi-asserted-by":"crossref","unstructured":"Irshad M., A systematic review of information security frameworks in the internet of things (iot), 2016 IEEE 18th International Conference on High Performance Computing and Communications; IEEE 14th International Conference on Smart City; IEEE 2nd International Conference on Data Science and Systems (HPCC\/SmartCity\/DSS), IEEE, 2016, 1270\u20131275.","DOI":"10.1109\/HPCC-SmartCity-DSS.2016.0180"},{"key":"2022020121510245982_j_comp-2020-0220_ref_026","unstructured":"ISO\/IEC, Iso\/iec 25010:2011 systems and software engineering \u2013 systems and software quality requirements and evaluation (square) \u2013 system and software quality models, 2011, Technical report, Technical Committee : ISO\/IEC JTC 1\/SC 7 Software and systems engineering."},{"key":"2022020121510245982_j_comp-2020-0220_ref_027","unstructured":"ISO\/IEC\/IEEE, Iso\/iec\/ieee 24765:2017 systems and software engineering \u2013 vocabulary, 2017, Technical report, Technical Committee: ISO\/IEC JTC 1\/SC 7 Software and systems engineering."},{"key":"2022020121510245982_j_comp-2020-0220_ref_028","unstructured":"ITU-T, Y.2060: Overview of the internet of things, 2012, Technical report, International Telecommunication Union."},{"key":"2022020121510245982_j_comp-2020-0220_ref_029","doi-asserted-by":"crossref","unstructured":"Lee I. Lee K., The internet of things (iot): Applications, investments, and challenges for enterprises, Business Horizons, 2015, 58(4), 431\u2013440.","DOI":"10.1016\/j.bushor.2015.03.008"},{"key":"2022020121510245982_j_comp-2020-0220_ref_030","doi-asserted-by":"crossref","unstructured":"Liu L., Yin L., Guo Y., Fang B., Eac: a framework of authentication property for the iots, 2014 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery, IEEE, 2014, 102\u2013105.","DOI":"10.1109\/CyberC.2014.25"},{"key":"2022020121510245982_j_comp-2020-0220_ref_031","doi-asserted-by":"crossref","unstructured":"Mahalank S. N., Malagund K. B., Banakar R., Non functional requirement analysis in iot based smart traffic management system, 2016 International Conference on Computing Communication Control and automation (ICCUBEA), IEEE, 2016, 1\u20136.","DOI":"10.1109\/ICCUBEA.2016.7860147"},{"key":"2022020121510245982_j_comp-2020-0220_ref_032","doi-asserted-by":"crossref","unstructured":"Mahalle P. N., Anggorojati B., Prasad N. R., Prasad R., Identity authentication and capability based access control (iacac) for the internet of things, Journal of Cyber Security and Mobility, 2013, 1(4), 309\u2013348.","DOI":"10.13052\/jcsm2245-1439.142"},{"key":"2022020121510245982_j_comp-2020-0220_ref_033","doi-asserted-by":"crossref","unstructured":"Mahmoud R., Yousuf T., Aloul F., Zualkernan I., Internet of things (iot) security: Current status, challenges and prospective measures, 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), IEEE, 2015, 336\u2013341.","DOI":"10.1109\/ICITST.2015.7412116"},{"key":"2022020121510245982_j_comp-2020-0220_ref_034","doi-asserted-by":"crossref","unstructured":"Miorandi D., Sicari S., De Pellegrini F., Chlamtac I., Internet of things: Vision, applications and research challenges, Ad hoc networks, 2012, 10(7), 1497\u20131516.","DOI":"10.1016\/j.adhoc.2012.02.016"},{"key":"2022020121510245982_j_comp-2020-0220_ref_035","doi-asserted-by":"crossref","unstructured":"Mozzaquatro B. A., Jardim-Goncalves R., Agostinho C., Towards a reference ontology for security in the internet of things, 2015 IEEE International Workshop on Measurements & Networking (M&N), IEEE, 2015, 1\u20136.","DOI":"10.1109\/IWMN.2015.7322984"},{"key":"2022020121510245982_j_comp-2020-0220_ref_036","doi-asserted-by":"crossref","unstructured":"Namal S., Gamaarachchi H., MyoungLee G., Um T.-W., Autonomic trust management in cloud-based and highly dynamic iot applications, 2015 ITU Kaleidoscope: Trust in the Information Society (K-2015), IEEE, 2015, 1\u20138.","DOI":"10.1109\/Kaleidoscope.2015.7383635"},{"key":"2022020121510245982_j_comp-2020-0220_ref_037","doi-asserted-by":"crossref","unstructured":"Neisse R., Fovino I. N., Baldini G., Stavroulaki V., Vlacheas P., Giaffreda R., A model-based security toolkit for the internet of things, 2014 Ninth International Conference on Availability, Reliability and Security, IEEE, 2014, 78\u201387.","DOI":"10.1109\/ARES.2014.17"},{"key":"2022020121510245982_j_comp-2020-0220_ref_038","doi-asserted-by":"crossref","unstructured":"Nespoli P., Zago M., Huertas Celdr\u00e1n A., Gil P\u00e9rez M., G\u00f3mez M\u00e1rmol F., Garc\u00eda Clemente F. J., Palot: profiling and authenticating users leveraging internet of things, Sensors, 2019, 19(12), 2832.","DOI":"10.3390\/s19122832"},{"key":"2022020121510245982_j_comp-2020-0220_ref_039","doi-asserted-by":"crossref","unstructured":"Obaidat M. A., Obeidat S., Holst J., Al Hayajneh A., Brown J., A comprehensive and systematic survey on the internet of things: Security and privacy challenges, security frameworks, enabling technologies, threats, vulnerabilities and countermeasures, Computers, 2020, 9(2), 44.","DOI":"10.3390\/computers9020044"},{"key":"2022020121510245982_j_comp-2020-0220_ref_040","doi-asserted-by":"crossref","unstructured":"Pacheco J. Hariri S., Iot security framework for smart cyber infrastructures, 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS* W), IEEE, 2016, 242\u2013247.","DOI":"10.1109\/FAS-W.2016.58"},{"key":"2022020121510245982_j_comp-2020-0220_ref_041","doi-asserted-by":"crossref","unstructured":"Pacheco J., Satam S., Hariri S., Grijalva C., Berkenbrock H., Iot security development framework for building trustworthy smart car services, 2016 IEEE Conference on Intelligence and Security Informatics (ISI), IEEE, 2016, 237\u2013242.","DOI":"10.1109\/ISI.2016.7745481"},{"key":"2022020121510245982_j_comp-2020-0220_ref_042","doi-asserted-by":"crossref","unstructured":"Patel P. Cassou D., Enabling high-level application development for the internet of things, Journal of Systems and Software, 2015, 103, 62\u201384.","DOI":"10.1016\/j.jss.2015.01.027"},{"key":"2022020121510245982_j_comp-2020-0220_ref_043","unstructured":"Radomirovic S., Towards a model for security and privacy in the internet of things, Proc. First Int\u2019l Workshop on Security of the Internet of Things, 2010."},{"key":"2022020121510245982_j_comp-2020-0220_ref_044","doi-asserted-by":"crossref","unstructured":"Rana K., Singh A. V., Vijaya P., A systematic review on different security framework for iot, 2018 Fifth International Symposium on Innovation in Information and Communication Technology (ISIICT), 2018, 1\u20137.","DOI":"10.1109\/ISIICT.2018.8613296"},{"key":"2022020121510245982_j_comp-2020-0220_ref_045","doi-asserted-by":"crossref","unstructured":"Rueda J. S. Portocarrero J. M. T., Similitudes y diferencias entre redes de sensores inal\u00e1mbricas e internet de las cosas: Hacia una postura clarificadora, Revista Colombiana de Computaci\u00f3n, 2017, 18(2), 58\u201374.","DOI":"10.29375\/25392115.3218"},{"key":"2022020121510245982_j_comp-2020-0220_ref_046","doi-asserted-by":"crossref","unstructured":"Serna J., Morales R., Medina M., Luna J., Trustworthy communications in vehicular ad hoc networks, 2014 IEEE World Forum on Internet of Things (WF-IoT), IEEE, 2014, 247\u2013252.","DOI":"10.1109\/WF-IoT.2014.6803167"},{"key":"2022020121510245982_j_comp-2020-0220_ref_047","doi-asserted-by":"crossref","unstructured":"Sicari S., Rizzardi A., Grieco L. A., Coen-Porisini A., Security, privacy and trust in internet of things: The road ahead, Computer networks, 2015, 76, 146\u2013164.","DOI":"10.1016\/j.comnet.2014.11.008"},{"key":"2022020121510245982_j_comp-2020-0220_ref_048","unstructured":"Singh M. Bhandari P., Building a framework for network security situation awareness, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom), IEEE, 2016, 2578\u20132583."},{"key":"2022020121510245982_j_comp-2020-0220_ref_049","doi-asserted-by":"crossref","unstructured":"Tahir R., Tahir H., McDonald-Maier K., Fernando A., A novel ic-metric based framework for securing the internet of things, 2016 IEEE International Conference on Consumer Electronics (ICCE), IEEE, 2016, 469\u2013470.","DOI":"10.1109\/ICCE.2016.7430694"},{"key":"2022020121510245982_j_comp-2020-0220_ref_050","unstructured":"Technologies F., Know your iot security risk. how hackable is your smart enterprise?, 2016, Technical report."},{"key":"2022020121510245982_j_comp-2020-0220_ref_051","doi-asserted-by":"crossref","unstructured":"Yang J.-C. Fang B.-X., Security model and key technologies for the internet of things, The Journal of China Universities of Posts and Telecommunications, 2011, 18, 109\u2013112.","DOI":"10.1016\/S1005-8885(10)60159-8"},{"key":"2022020121510245982_j_comp-2020-0220_ref_052","doi-asserted-by":"crossref","unstructured":"Zegzhda D. Stepanova T., Achieving internet of things security via providing topological sustainability, 2015 Science and Information Conference (SAI), IEEE, 2015, 269\u2013276.","DOI":"10.1109\/SAI.2015.7237154"}],"container-title":["Open Computer Science"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.degruyter.com\/document\/doi\/10.1515\/comp-2020-0220\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.degruyter.com\/document\/doi\/10.1515\/comp-2020-0220\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,2,1]],"date-time":"2022-02-01T22:17:18Z","timestamp":1643753838000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.degruyter.com\/document\/doi\/10.1515\/comp-2020-0220\/html"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,1,1]]},"references-count":52,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2021,1,13]]},"published-print":{"date-parts":[[2021,1,1]]}},"alternative-id":["10.1515\/comp-2020-0220"],"URL":"https:\/\/doi.org\/10.1515\/comp-2020-0220","relation":{},"ISSN":["2299-1093"],"issn-type":[{"value":"2299-1093","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,1,1]]}}}