Total # of page(s): 10

Font Size: 10 

Content

s:

Outline

Title

Keywords

Abstract 

Introductions

Annotations(should not be abstract)

Content

Issues

Solution(s)

Conclusion

Bibliography

References

Helpful URLs: 

https://sites.umuc.edu/library/libhow/bibliography_apa.cfm

https://www.bethel.edu/library/research/apa-annobib-sixth \

http://libguides.enc.edu/writing_basics/annotatedbib/apa <<<< Check out the "Rules! rules! rules!" section

http://guides.library.cornell.edu/annotatedbibliography

https://owl.english.purdue.edu/owl/resource/614/03/

Please see a sample journal attached. Need to be in a similar format. 

Trends in cloud computing

TRENDS IN CLOUD COMPUTING

ABSTRACT

Cloud computing involves the use of remote servers that are hosted on the Internet. The technology has been a game-changer in the world of technology as it has dramatically influenced the aspect of storing, processing, and also managing data. Besides, technology has witnessed a couple of trends that have attracted the attention of crucial technology players. In line with this, the paper will investigate the various trends in cloud computing.

Keywords: cloud computing, social networking, Security, IaaS, PaaS, SaaS.

INTRODUCTION

Cloud computing is one of the newest areas of interest in the world of computing. The technology entails the use of cloud services to store, manage, process, and even ensure that data is secure. Cloud computing involves the use of remote servers that are hosted on the Internet. As a result, the technology has seen an increased reduction of the use of physical servers and computers by companies in storing, managing, and also processing their data. In recent days, technology has witnessed several changes or, rather, trends that will be covered briefly in the paper. Cloud is a collective term for a massive number of possibilities and developments. It is more of a practical innovation than an invention that combines several other inventions to become something compelling and new. Cloud computing puts together and merges several technologies that already exist together, where they include virtualization, time-sharing, web interactivity, browser interface, and high bandwidth networks. Cloud computing helps companies and businesses to transform their initial existing server infrastructures to form a dynamic environment that leads to the expansion and reduction of the server’s capacity. A cloud computing platform, configures, depravations, and reconfigures the servers. Many issues arise firm adopting the cloud computing platform, and the articles below discuss some of the main issues associated with cloud computing.

LITERATURE REVIEW

Different studies, such as Varghese & Buyya (2018), recognize that cloud computing is one of the booming technologies. The technology has witnessed immense growth rates over the last couple of years. Notably, more companies and institutions continue to adopt cloud services. Besides, the use of Iaas, Paas as well as SaaS continues to increase.

Additionally, Varghese & Buyya (2018) express their optimism that the revenue earned from cloud technology will continue to grow. Also, cloud services will continue to advance. For instance, different companies have embarked on the process of adopting private and hybrid technologies, which are much significant in storing, processing, and also managing big company data. Cloud asserts that conceptually the “cloud” at the Internet conceals to be had computing resources and offers an elegant interface, through which customers might be capable of using the whole World Wide Web as a powerful personal laptop. The evolution of computing into six stages: the mainframe, the microcomputer, the LAN, the Internet, grid computing, and cloud computing(Voas & Zhang 2009).

METHODOLOGY

Cloud computing has dramatically been evolving, with higher data being generated. Cloud service has resulted in excessive communication being created between various cloud servers that are inexpensive, thus leading to more, better, and more excellent connectivity with billions of connected computers and computer users.

FINDINGS

Cloud computing seems to have practically taken over many industries in the world, including building management, transportation, energy, healthcare, precision agriculture, and the likes. The options of connectivity by internet cloud services seem to be increasing by a hugely significant amount for application developers and electronic engineers. Computers significantly connected do not necessarily provide the benefit of the connection to people. However, the network connected to the devices tends to receive information that they gather from the environment, which tends to be the source of success. Cloud services that are provided from the connectivity help the devices to offer information that is valuable by acting upon and reaching out to the world. The connected devices are not limited to given computers that the organizations own but are able to span from devices of every personal individual that are used or the big one through the services of internet cloud services.

Khan, N., & Al-Yasiri, A. (2016). discusses the security threats that are associated with cloud computing being adopted in organizations and businesses. Cloud computing is seen to allows organizations to outsource their total process in information technology, thus enabling them to focus more on their main and core business, thus able to enhance innovation and productivity in the services they offer to their customers. There are more benefits that are seen to be gained after adopting cloud computing like the cut down on the major costs that a business incurs over IT infrastructure with them not losing the customers’ needs focus. Despite the many advantages that can be associated with a company adopting the cloud computing framework, the implementation is seen to be faced with some challenges due to issues relating to privacy and security. The article summarizes a combination of several interviews that were conducted with security experts and cloud developers, and the results reviewed Khan, N., & Al-Yasiri, A. (2016). There were many security issues and threats that a company exposes itself to after adopting the cloud computing framework. The study in this article well elaborates and offers an understanding of the future and current, privacy, and security challenges that cloud computing are associated with. Most of the security and privacy issues identified well offer the right attribute of what cloud computing is. 

Over time, there has been continuous growth concern and awareness towards cloud computing, especially on the issue of information security. The article well shows the continued growth in the usage and awareness of Security Algorithms into data processes and systems.

Figure 1: Layard Cloud Architecture

Khan, N., & Al-Yasiri, A. (2016), well presents an overview and comparison of different algorithms together with the Cryptographic algorithm offering a great emphasis on Symmetric algorithms that ought to be used for services and applications that are cloud-based and require a link and data encryption. The asymmetric and symmetric applications are reviewed with there being an emphasis on Symmetric algorithms in consideration of security issues that one should use for cloud-based services and applications which require a link and data encryption. The article identifies that with the emergence of cloud computing as a new technology aspect in the technology industry, private and public corporate and enterprise organizations are either using the services of cloud in the processor as a service for them to get to their end goal despite them facing privacy, security, and data theft issues. Therefore, the use of security algorithms and their implementation is crucial for the cloud, and they need to be utilized properly in order to ensure the best security is offered to the end-user Khan, N., & Al-Yasiri, A. (2016). 

According to Yoo, S. K., & Kim, B. Y. (2018), shows the use of artificial intelligence, big data and new communication and information technologies which have led to the improved business competitiveness and sustainable developments. It is evident from the article that cloud services were seen and classified as having special requirements of the system for the organization of a business can it be represented by cloud computing architectures layers that are different like software as a service. The article also highlights that the IT environment services undergoes continuous changes thus companies are required to recheck and reconsider business models. The article is recommendable because it shows and advises companies on what is right to do in relation to their cloud computing effect that they receive in their company or business as well as it advices on which is the right cloud computing system to adopt to their business model. In reference to the aspect of the model of decision making, the article advices and recommends the cloud computing system to be adopted. The critical variables in the decision areas in the hierac8hical structure is well elaborated in terms of its environment, organization, technology as well as other attributes of decision making for the adoption of cloud computing. The research also offers an explosive comparative analysis between providers and demanders of the adoption of cloud computing. The article is helpful because it continues to offer and suggest important factors to the top management support system, the compatibility and competitive pressure associated with the adoption of the cloud. For more understanding please take a look on figure 2.

Figure 2: The Cloud Computing Adoption Model

The article investigates the advancement of the consumers process of adoption and the technological innovations associated with the services of cloud computing. It focuses on the continued increase rate of the role of big data and cognitive computing that affects the adoption of technologies that are emerging. As more worldwide consumers continue using mobile computing, the online advertisement role continues to be examined to help understand the affects and effects of cloud computing in relation to the marketing fields Ratten, V. (2020). There is thus a great discussion on how the value of social capital can be put to place to improve the adoption of cloud computing technologies especially those that highlight the mindset of consumers and their importance. The article well highlights this mindsets of consumers and how cloud computing can be used to alleviate the consumers concerns as well as meet to offer solution as the cloud computing. Emerging innovations as a result are well discussed and elaborated Ratten, V. (2020).

The Nandgaonkar, S. V., & Raut, A. B. (2014) defining cloud computing to be a massively scalable, configurable resource that is on-demand as a computing model where it is seen to be the latest discussion in the information sector. The article shows that cloud computing offers cloud infrastructure in more of a distributed compared to a dedicated infrastructure which is seen to allow clients to have access that is complete and full to the reliable and scalable resources with continued high performance. Therefore, everything is seen to be provided to the client over the Internet as a utility service. IoT tagged objects generate data that is high, and therefore cloud computing becomes a key to store the unpredictable generated data from the tagged devices. The article continues to discuss the evolution of cloud computing. The information is important in helping one have a great background in understanding where cloud computing evolved from. The article offers great exposure to the different forms of cloud deployment models by continuing to offer an understanding of the characteristics of cloud computing as well as the different models. Something outstanding about the article is that it gives a discussion on the cloud computing actors. It well shows that the NIST based reference cloud computing model gives information about the major participants, including their functions, actions, characteristics, uses, and standards of each participant that is in the cloud paradigm. The article offers very crucial information like the major cloud actors that are found in the architecture of the cloud. They include the cloud provider, cloud broker, cloud auditor, cloud carrier, and cloud consumer. The information is able to teach one the whole connectivity of cloud happens Nandgaonkar, S. V., & Raut, A. B. (2014).

According to Knorr, E. (2017) offers two ways in which cloud computing can be defined and understood. The first one is where workloads are seen to be run remotely over the Internet by the provider’s data centers, which in most cases are commercial like that one of Microsoft Azure and Amazon Web services and in the current days, businesses are seen to use more than one of these clouds. The other meaning that is brought out in this article is about cloud computing is on how it works. It explains that this form of cloud computing and how it works offers a great advantage of agility, which is the ability to store, compute and network resources to the needed workloads and get into the abundance of services that are rebuilt. The article also well explains the different forms of cloud computing, which include the different services and functions offered by cloud computing, the difference between public cloud, hybrid cloud, and the private cloud. The article offering all these definitions and differences gives the reader a chance to clearly understand and differentiate these concepts appropriately. The article continues to offer a great elaboration on the benefits that one gains or a company gains after using cloud computing. The article is a very informative one in terms of explaining the management of cloud computing platforms. It is seen to eliminate the installation steps, and setups as the client of the cloud accessing the hardware resources stay and coexist on different platforms in a distributed form or way. Power consumption, excessive heat reduction, and energy optimization in the cloud environment greatly differentiate it from ordinary or traditional computing, which is seen to be eco-friendly.

Figure 3: Cloud computing Architecture(google)

Wang, Y., Chen, R., & Wang, D. C. (2015) Overtime, it is evident that the use of cloud computing has been on arise and it will continue to increase going forward. According to this article, it shows that cloud computing is a tool technology that enables the users to access and configure software storage, hardware and software applications where they put processes directly from the internet or web. The article points out a very important fact that the prevalence of the use of mobile devices like the tablets and smart phones have led to the adoption of fast internet access using the 4Gs and 3Gs communications that are linked in the cloud computing in the form of a mobile. The devices are seen to have cheap, fast and direct link to the internet thus making it easier to download and upload applications and programs into the online network storage and internet services.

Figure 3: Cloud Computing Applications (google)

The records frameworks offices on this undertaking might be evidence contrary to SaaS, as they may catch lost administration quality if structures are aiming to the cloud, (Black, Mandelbaum, Grover, and Marvi, 2010). The figure for distributed computing procedures can be controlled inside the financial association by utilizing way of the issues inside the writing. This delivery approach of data frameworks grants readiness in the arrangement of organization assignments, flexibility, and adaptability inside the versatility of administrations, and especially expense financing conservation (Ahuja and Rolli, 2011) and overhead obtainment monetary reserve funds (Nimsoft, 2011) a period. This system licenses productiveness money related investment funds in the reconciliation of long range interpersonal communication innovation. (Boulton, 2011). Most companies in bosses have in any event one cloud organization. (Dark, and Mandelbaum, and Grover, and Marvi, 2010).

SaaS(Software as a service)

I If it gives software program application services, the utilization of a single recurrence of the application runs on the cloud services, and more than one client’s customers or purchaser enterprises. The most routinely analyzed case of SaaS is even though numerous phenomenal models have improved showcase, which consolidates the Google Apps giving of fundamental business organization contributions that join email and word preparation. Indeed, even notwithstanding the way that drove the meaning of cloud processing with the guide of utilizing limited years, it currently works with the asset of using its partner, which can be divided through method for a stage as an organization. (Puri et al., 2019).

PaaS(Platform as a corporation)

Stage as a bearer unites a layer of software and make accessible it as an organization that might be utilized to gather better acknowledgment contributions. There are, in any event, two perspectives on PaaS temporary at the attitude of the maker or client of the inputs. Somebody creating PaaS execution produces a stage through teaming up an OS, middleware, software, or maybe an improvement domain that is sooner than provided to a benefactor as a supplier. For example, any individual growing a PaaS introducing would conceivably put together it with respect to a hard and fast of computerized hypervisor machines that envelop an incorporated advancement condition, a Web stack and asset for included programming dialects which incorporate Perl or Ruby. Somebody the utilization of PaaS may see an outlined organization. This is outfitted to them through an API. The benefactor communicates by means of a method for the stage through the API, sooner than the stage does what’s important to control and scale itself to give a specific level of administration. 

IaaS (Infrastructure as a service) 

Infrastructure as a supplier parts simple stockpiling and figure abilities as consistent contributions over the system. Servers, carport structures, switches, switches, and different structures are joined together and made accessible to holder remaining burdens that run from application parts to unbalanced run of the mill by and large execution processing applications. Business tests of IaaS envelop, whose significant item is a line of virtualized servers that furnish you with the money for a particularly accessible available to come into work for the foundation. It coordinates memory and I/O devices, carport and figuring usefulness directly into a computerized resources pool, and offers stockpiling sources and virtualization administration for the entire business endeavor. This is a way of facilitated equipment, and the client pays after they utilize the equipment. For instance, Amazon Web Service and IBM Blue Cloud all rent the foundation as assistance. The benefit of IaaS is that the individual best need low worth equipment and rent figuring capacity and carport capacity in accordance with his need, significantly decreased the pace of the equipment. As of now, Google cloud software program has most delegates, together with Google Docs Google Apps, Google Sites, and Google App Engine. (Hari, Krishnaa, and Kiranb, and Muralia, and Pradeep Kumar, 2016).

The assess recommends lost in-power area, and case examines concerning cloud processing appropriation systems, in contrast with those on cloud figuring reception factors. However, quantitative research and applied articles appeared to be predominant. However, there is theoretical research that has not been tried. For instance, a gander at proposed a cloud hypothetically figuring reception appraisal form that thinks about gauges for settling on the cloud supplier; however, this adaptation has not been tried experimentally yet. Accordingly, moreover, subjective investigations wish to be embraced to find further issues and test the previous hypothetical inclinations concerning this region observationally. Therefore, this triggers inquiries regarding the IS explore round table Or alternately, These inquiries should be examined very well the utilization of two or three individual cases look into in exceptional settings, nations, and ventures to all the more likely perceive cloud registering selection components and systems.

IMPLICATION FOR RESEARCH

The main concept in question remains on how the trends in cloud technology will remain active and progressive all the time. The answer brings the relationship between cloud computing and the emerging trends in cloud computing in an attempt to retain the future Internet. Great and large usage of cloud computing has acted as a boost and catalyst for the deployment and development of scalable applications of internet servers in the business modules (Puri et al., 2019). Cloud computing has become a great future in internet technologies that are closely affiliated with one offering the other a platform or its success. Numerous benefits are being derived and being gained from cloud computing as new trends are being converged.  

ANALYSIS

Trends in cloud computing provides companies with a platform to prepare and equip themselves for the future in the world of technology. The trends lay a platform for players in the industry to assess and determine what the likely changes in the sector are. As such, companies will be in a good position to roll out the necessary unfractured as well as hire the required skills for the effective implementation of the technology (Stoica et al., 2018).

Figure 4: Overview of cloud computing

CONCULSION

The emerging trends in cloud computing have greatly impacted the technological world as they continue to make cloud services more effective day in day out. The development of reliable cloud servers continues to make it easier to manage, store, and process data. Users are able to easily scale the storage as the generated data keeps increasing, and the amount of storage paid is consumed together with Cloud Computing. The speed of cloud services and also the security of the data continue to become better. 

REFERENCES

Atlam, H. F., Alenezi, A., Alharthi, A., Walters, R. J., & Wills, G. B. (2017, June). Integration of cloud computing with the Internet of things: challenges and open issues. Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) (pp. 670-675). IEEE.

Puri, V., Tromp, J. G., Le, C. V., Nguyen, N. G., & Le, D. N. (2019). The Vital Role of Fog Computing in the Internet of Things. Security Designs for the Cloud, IoT, and Social Networking, 153-163.

Stoica, M., Mircea, M., Ghilic-Micu, B., & Uscatu, C. R. (2018). From a Smart Education Environment to an Eco-School through Fog & Cloud Computing in IoT Context. Informatica Economica, 22(4), 5-14.

Varghese, B., & Buyya, R. (2018). Next-generation cloud computing: New trends and research directions. Future Generation Computer Systems, 79, 849-861.

Khan, N., & Al-Yasiri, A. (2016). Identifying cloud security threats to strengthen the cloud computing adoption framework. Procedia Computer Science, 94, 485-490.

Nandgaonkar, S. V., & Raut, A. B. (2014). A comprehensive study on cloud computing. International Journal of Computer Science and Mobile Computing, 3(4), 733-738.

Yoo, S. K., & Kim, B. Y. (2018). A Decision-Making Model for Adopting a Cloud Computing System. Sustainability, 10(8), 2952.

Ratten, V. (2020). Cloud computing technology innovation advances: a set of research propositions. In Disruptive Technology: Concepts, Methodologies, Tools, and Applications (pp. 693-703). IGI Global.

B. Hari, Krishnaa., & Dr.S. Kiranb., & G. Muralia,b., & R. Pradeep, Kumar, Reddy, a,b.

(2016) Security Issues in Service Model of Cloud Computing Environment. (246-247). International Conference on Computational Science.

Figure References

Layered Architecture. (n.d.). [Photograph]. Retrieved from https://www.capgemini.com/wp-\content/uploads/2017/07/Trends_in_Cloud_Computing_Secure_Journey_to_the_Cloud_____a_Matter_of_Control

cloud computing. (n.d.). [Photograph]. Retrieved from https://www.highperformance.net.au/wp-content/uploads/Cloud-Computing-Technology-1

Cloud computing Architecture. (n.d.). [Photograph]. Retrieved from https://html.scirp.org/file/9-1730656×2

Mobile cloud computing architecture. (n.d.). [Photograph]. Retrieved from https://onlinelibrary.wiley.com/doi/full/10.1002/wcm.1203

INTERNET OF THINGS: A STUDY ON SECURITY AND PRIVACY THREATS

Md Husamuddin

Dept. of computer science

College of CS and IT, Al-Baha University

Al-Baha, Kingdom of Saudi Arabia

Dr.

husams@gmail.com

ABSTRACT

The current world is driven by new, developing technologies. This has resulted in a variety of smart devices in the society that has impacted positively on the lives of people in the community. However, the organization has been experiencing threats and cyberattacks that mostly targets the private information. Therefore, in this paper, my discussion is centered on the different applications of the internet of things as well as security threats that are involved.

Keywords: security, privacy.

INTRODUCTION

The Internet of things is the most significant of the future of the internet. IoT has a global network through which ant object can connect with the other devices that are also linked on the internet. These devices include computers, tabs, cell phones, among many others. Generally, the internet of things is a system made up of connected things. This machine contains a microchip that connects all the methods related to it. Microchips serve the function of tracking the surrounding of the network and to give the report in case of any findings pertaining to the internet. The meaning of PC wrongdoing and cloud wrongdoing will be come to out to the IoT wrongdoing, which talks to any malignant development that incorporates the IoT worldview as within the IoT contraptions, organizations, or correspondence channels can be a subject, thing, or gadget recognized with the infringement. To investigate these sorts of cases, it is required to execute computerized crime scene examination technique within the IoT to choose the substances around an event. The meaning of a capable and adjust IoT progressed lawful sciences method is still at its unimaginable intrigued (Husamuddin, 2015). The most significant part of IoT is that it makes it possible for different entities to be communicated and to be accessed via the internet. This is very economical as a result, attracts many devices to be connected to the internet (Balte &Patil,2015). Research shows that more than 40 billion devices in 2019 got connected, and a higher risk of this is expected in the current year.

SECURITY REQUIREMENTS

The rate at which technologies are emerging is so high, and this has lead to threats as well as a privacy issue. The smart devices arising from this technology will interact with other devices and transmit information in the network (Balte, &Patil,2015). If a computer gets infected, the effects ripples to other devices in the system; thus, the whole internet infrastructure would be at risk. As soon as an attack spot has been identified, it is feasible to enumerate the safety vulnerabilities and risk prone regions requiring defense-in-intensity protection. Such safety refers to a typically used approach to protect important data on company networks wherein security controls are set up at a couple of tiers of the IT information technology infrastructure. The critical security issues are the validity of data, the privacy of data, accountability of data, and accessibility of data. The highlighted points are the main security concerns that are related to the privacy of the information in the network. Without suitable security and assurance defending frameworks, IoT fog can’t be grasped in any case of its esteem. The inconvenience does not fair begin from the interoperability issue, however in expansion the planning ask of security courses of action (Varga, P., Plosz, S., Soos, G., & Hegedus, 2017).

IOT TECHNOLOGIES AND SECURITY THREATS

Wireless Sensor Network (WSN)

The sensor wireless network is a technique that comprises of a variety of small cells that are called sensor nodes and other computing components called actuators. The primary purpose of sensor nodes is to facilitate data processing and communication. This technique can be applied in fields such as healthcare, military, logistics, and many others (Botta, 2020). this network is prone to attacks since it acts as a transimmitio channel for broadcasting. The major threats to this network include; physical attacks from hackers due to the fact that this network can’t stop unauthorized physical access. Node replication. In this, the id of the node is moved to a network together with a sensor resulting in disruption of the network performance. Sinkhole attack. This is where an intruder takes possession of the node from the internet and then attracts the traffic from the neighbor nodes. As a result, this can lead to the alteration of the information such as deleting or the changing of the data. Another threat to this network is service attack denial. The services to the legitimate user are made unavailable by the intruders. Another technology and its security threats are Radio Frequency Identification Technology that consists of a specific identity on the tags, and this is incorporated to the object (Botta, 2020). This tag serves as an identifier for the purpose. This technique is mostly applicable to the healthcare field.

CONCLUSION

IoT is among the significant emerging technologies in the world.the data transmitted through the sensors carry sensitivity information that needs protection from the attackers. To archive, this IoT technology must incorporate services such as encryption, access control for a real-time, end to end environment as well as critical infrastructure protection. This will make it possible for the consumers to control tasks automatically and effectively using IOT technology. In the future, more changes pertaining to the security of smart devices, as well as privacy measures of communication in IOT, will advance and this will win the trust of the operators. Threats involved in this technique include tag cloning, tag swapping that consists of the process of replacing two tags that are of different products with each other, physical data modification, and service denial to the legitimate user.

BIBLIOGRAPHY

Balte, A., Kashid, A., &Patil, B. (2015). Security Issues in the Internet of Things (IoT): A Survey. International Journal of Advanced Research in Computer Science and Software Engineering, 5(4), 450-455. ISSN: 2277, 128X.

SHIELDING IOT AGAINST CYBER-ATTACKS: AN EVENT-BASED APPROACH USING SIEM

Daniel Díaz López,1 María Blanco Uribe,1 Claudia Santiago Cely,1 Andrés Vega Torres,1 Nicolás Moreno Guataquira,1 Stefany Morón Castro,1 Pantaleone Nespoli,2 and Félix Gómez Mármol.

ABSTRACT

The massive growth in the internet of things has led to a variety of machines in diverse industries. However, there is presently inadequate security for these new smart objects in the market. This has risen the need for safety solutions to these issues, and the most desirable techniques have been developed to offer a solution to this problem. This paper proposes the best security solution derived from the management of security events that clearly determines any malicious activity on this model. Different vulnerabilities relating to this technique are pointed out so that solution measures can be undertaken. In this paper, three attack events are generated, exploited vulnerabilities, and the response that could be launched to solve and curb the attack on IoT devices. This paper generally proposes the best approach that can be used to protect the IoT ecosystem.

Keywords: Privacy, security, and trust on the internet of things

INTRODUCTION

IoT devices have rapidly grown and have attracted attention from several fields in the society. It is an emerging technology in the decade is with the capability to be developed to perform efficiently as intended. The main area of concern in this paper is the proposal security method that can be applied in IoT to deal with security issues affecting the performance of this technology. When mulling over the IoT contraptions, it is basic to get it that, comparative to a few other contraptions, security can’t be guaranteed. IoT security is certifiably not a combined suggestion of secure or temperamental. Or maybe, it is profitable to conceptualize IoT security as a run of contraption weakness (Rodriguez-Mota, A., Escamilla-Ambrosio, P. J., Happa, J., & Nurse, 2016). Detailed security events of IoT and the proposed security to each scenario. Another sector focuses on the security issues for the IoT devices and the last part about the proposed security measures. The suggestions of a cyber assault by means of the web may result within the collapse of communications networks; the disappointment of electronic keeping money and major online shops including eBay and Amazon; the frustration of transport systems, counting discuss control computers and railroad frameworks; and also the disappointment of the facility grid, shutting down control supplies and causing broad power outages. Advanced framework is especially defenseless to assault. Cyber assaults are difficult to distinguish and indeed harder to shield against (Corones, S., & Lane, 2010). IoT incorporates interconnection a huge number of contraptions from various producers and businesses and execution framework for the most part shifts on different applications and client necessities, heterogeneity of contraptions and information is of imperative noteworthiness. In like way, designing has been the establishment of IoT system, and routine web plan ought to be changed to address IoT challenges (Yelamarthi, Abdelgawad 2017).

IOT ATTACK SURFACES

This comprises the enablers that are the communication protocols and channels and targets that are the data and the processes needed to operate an incident on the IoT devices. The incident threat on the surface primarily depends on the connection among variables of the devices. In this issue, once the attack surface has been determined, the vulnerabilities and the areas of risks that need protection are identified and protective measures adopted. The most common surface attacks include the device web interface, administrative interface, device network services, cloud web interface, mobile application, and many others (Yelamarthi, Abdelgawad 2017). From these vulnerabilities, it is frank that the IoT infrastructure is vulnerable to security threats from a variety of contexts. Right now, may be a major investigate opportunity in different locales, among them Security. Along these lines, right presently has been presented a novel way to bargain with security examination for the IoT systems, counting the progression of a visual dialect structure for the depiction of IoT components and their blend, a framework to recognize veritable circumstances where models can be attempted, and a strategy to grant security courses of action. The heterogeneous thought of the IoT talks to a major test for the different accomplices locked in with the advancement of the supporting development and rules (Rodriguez-Mota, A., Escamilla-Ambrosio, P. J., Happa, J., & Nurse, 2016).

IOT VULNERABILITIES

Data security in the objects of IoT can be clear comprehended through the concepts of integrity, confidentiality, and availability of the information. These are the principles that underline this technique, and they tend to represent the measure of the safety levels that this model has implemented. Unfortunately, these attributes are violated due to the vulnerabilities associated with this technique. These vulnerabilities are the ones that increase the surface attack(“Gartner’s 2016). These vulnerabilities include cryptography, physical access, device control, and authentication problems, as discussed in the previous article. Within the IoT setting, not as it were the client may get to the information but the authorized question. This requires tending to two critical viewpoints: to begin with, get to control and authorization component and moment confirmation and character administration (IdM) mechanism. The IoT gadget should be able to confirm that the substance (individual or other gadgets) is authorized to get to the benefit. The authorization makes a difference decide if, upon recognizable proof, the individual or gadget is allowed to get a benefit (Abomhara, M., 2015).

STATE OF THE ART

Security Information and Event Management (SIEM)

The show cutting edge of the middleware for IoT examines different ways to bargain with offer assistance a parcel of the functionalities to work in IoT space. Be that because it may, no one covers the total course of action of functionalities to meet the prerequisite of IoT-middleware as broke down here for any sharp or unavoidable condition (Soma Bandyopadhyay, Munmun Sengupta, Souvik Maiti, Subhajit Dutta, 2011). This is a model that reveals the happening of a system, network, or service showing the breach of information that occurred as well as offering the security solution to the problem that occurred. The security event comes from the firewalls, virtual private networks, intrusion prevention systems, servers, routers, among others (“Gartner’s 2016). security event management is adopted to ensure monitoring, normalization, reporting, and integration of the security incidents. Security event management (SEM) merge with Security information system (SIM) to facilitate management of log and to give report so as to update security information and event management (SIEM). Hence, the SIEM helps in the discovery of threats and to respond to security incidents through a deep study of the security issues from a range of activities as well as sources of data throughout an IT structure or system. SIEM provides a long period of security occasions and proper reporting of any security incidents in the IoT technique.

CONCLUSION

The IoT technology is accompanied by great beneficial opportunities in the market places. There are a variety of advanced applications to promote productivity and the quality of this technology. In this paper, security measures in the IoT devices have been conducted, and responsive tests also revealed. The most common security events, attack surfaces, and vulnerabilities have also been discussed. SIEM system is the model that has been adopted to generate correlation guidelines to detect security incidents as well as the responsive measures.

BIBLIOGRAPHY

K. Yelamarthi, M. S. Aman, and A. Abdelgawad, “An application-driven modular IoT architecture,” Wireless Communications and Mobile Computing, vol. 2017, Article ID 1350929, 16 pages, 2017.View at: 

Publisher Site

 | 

Google Scholar

Gartner, “Gartner’s 2016 Hype Cycle for Emerging Technologies,” 2016. [Online]. Available: 

https://www.gartner.com/newsroom/id/3412017

.

THE FUTURE INTERNET OF THINGS AND SECURITY OF ITS CONTROL SYSTEMS

Misty Blowers, USAF Research Laboratory

Jose Iribarne, westrock

Edward Colbert, ICF International, Inc.

Alexander Kott, US Army Research Laboratory

ABSTRACT

The industrial evolution commenced in the 18th century in Britain. Textile industry marked the beginning of the industrial revolution. All the work that was performed manually were brought down to a milling machine in the textile industry, giving rise to the factory. In the 20th century, the second industrial revolution took place leading to the mass development of products. In this particular paper am going to discuss the change that has occurred in the IoT and its future. The future of IoT will come at a cost as it involves technological innovations.

Key terms: Manufacturing and industry

INTRODUCTION

The future of cybersecurity highly depends on the context of the Internet of Things. All the infrastructure and industrial contexts, and all the cyber systems are actually all referred to the IoT. The IoT in the future will most likely subsume the industrial plants, housing facilities, infrastructure, and all the methods that are under the control of ICS systems today. For the development of IoT to take place, a few other things must accompany its construction such as the increase in the mobility of devices, growing of automation, ubiquitous robotics as well as miniaturization of sensors and devices (Allen, 2005). The future of IoT depends on the enhancement of automation of machines. It will also involve the emergence of networking and computing paradigms. Cybersecurity will highly benefit from system agility in the IoT environment.

FACTORS THAT WILL AFFECT THE FUTURE OF IOT

Various factors are bound to change the future of IoT. These factors include the building of the future of the IoT. Here academic along with economic support will be required for the success of innovations in the IoT and ICS field that will also be used by others to build the IoT future. The users of the system is another factor that will affect the future of IoT. These are the people who will use or consume the innovative systems in IoT(Allen, 2005). Support is also needed from collaborative parties so as to enhance the ability of consumers to make use of innovative products and services. There are various fields in which I should focus on. These categories include in the first category; materials, devices, automation, and software. In the second category, the focus should be on industrial plant users as well as consumers, and in the third category, the focus should be on infrastructure and computing as well as in government collaboration. Various challenges within the IoT are still beneath investigated. The IoT challenges and open issues are raised due to two fundamental reasons. These reasons for mass gathering information for each thing within the IoT framework and the communication among framework equipment. Gadgets and controllers are utilized by buyers around the world for controlling domestic lighting, reconnaissance cameras, vehicles, and a parcel dynamically locally built up sensors. One difference is that locally built up contraptions and controllers are less costly, are mass-produced with commonly destitute programming and firmware security, and are by and large related to the Net. Web Control Systems were arranged with the common understanding that they would have no framework accessibility to the outside world. In any case, this is often changing as the trade wishes to manhandle the central focus inconvenience gave by amplifying framework accessibility.

SUMMARY

The control systems and IT are making good use of every opportunity that facilitates the development of new hardware devices as the IoT field continues to grow. New automation is required due to the increase in the number of devices both in the consumer and industrial fields. Cloud storage systems, for example, Microsoft Purplish blue, Amazon Web Organizations (AWS), Google Docs, and so on., are foreseen to supply standard entryways for interconnection articles with calculation and correspondence abilities over a wide reach out of utilizations, organizations, and advancements. As IoT drives, distributed computing is foreseen to supply the spine for the around the globe information dispersal, data investigation (or calculation) and limit (Tweneboah-Koduah, S., Skouby, K. E., & Tadayoni, 2017). Consequently, as automation of machines continues to increase in the control centre of IoT, vulnerabilities will also be on the rise both in the software and hardware devices. In the near future, information originating from the IoT will soon be facilitated by proxy network servers such as mobile phones. This will be so because the current wearables and devices have no inbuilt security and those that have inbuilt security they have very little. An extensive software will be required so as to support the future of IoT. Devices should be equipped with protection enough to safeguard personal data, and thus IOT devices need to be designed.

SOLUTIONS

Manufacturing will evolve in one way or the other so as to meet the need of the many changes in the globe. It is predictable that with the growing population, there will be a shortage of resources and products to meet consumer needs. Some of the solutions to curb the above risk are resilience self-adaption in which means that instead of more resources been designed, there should an increase in resilience. A resilient product may be prone to malware attacks but can recover fast from the incident. Thus, normal functioning of such a device is achieved faster (Atzori, & Morabito,2010). Mixed trust systems should also be developed. A mixed trust system is the kind of a system that is flexible and modifiable and those who can tolerate untrusted hardware and software. The use of Big Data Analytics is another solution to the future of IoT. This system is independent and predictive for it is able to anticipate a malware attack within a given time and doesn’t require human intervention so as to operate (Atzori, & Morabito,2010). Proactive threat responsiveness is another solution to the future of IoT.

BIBLIOGRAPHY

Allen, J. (2005) Governing for Enterprise Security (CMU/SEI-2005-TN-023). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University

Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey. Computer networks, 54(15), 2787-2805

SAFEGUARDING THE IOT

BEING SECURE, VIGILANT, AND RESILIENT IN THE CONNECTED AGE

by Irfan, Sean Peasley, and Perinkolam

ABSTRACT

IoT objects are not only smart objects but also connected. That is, they are able to transmit the data they produce. The IoT has done away with human control and can comfortably operate with the power of people. As it is transferred from one smart object to the other in the IoT, there is a possibility of the information being compromised. Data breaches can occur and expose highly private and personal data. IoT producers ignored to execute a generous security system within the contraptions, security pros have cautioned the potential peril of tremendous amounts of unbound gadgets meddle with the Internet. In this discussion, various paradigms that can be used to manage cyber risks are discussed. The ascent of the IoT holds magnificent assurance to change over individual’s lives by making society progressively profitable in various districts, tallying essentialness, transportation, medical services, trade, manufacturing (Chen, D., Bovornkeeratiroj, P., Irwin, D., & Shenoy, 2018).

Keywords: Secure, vigilant, and resilient

INTRODUCTION

As advancements in technology continue to happen, and as connectivity increases, the risk of cybersecurity is also increasing and is proven to be a threat to all the users of IoT. Cars’ locations can be hacked, and even the control systems of the vehicle can be hacked. If the control systems of a vehicle are hacked, and the car moves against the will of the user, then the life of people are at serious risk (Pangburn, 2013). The emphasis is on taking care of the specialized issues recognized with building up the IoT with small thought to the issues of spurring powers to grasp, sharing of critical worth over organize clients, and estimation of extraordinary impact. The IoT has gone ahead to create information value loop so as to deal with the issue of insecurity. All objects are being turned as a source of information on that particular object by IoT. The creation of value in the form of an object or a service has led to the development of a value chain in which information about all the activities of a product is seen, thus the emergence of a value loop. This information value loop needs to be protected adequately through a framework, as discussed below.

THE PARADIGM FOR RISK MANAGEMENT

Secure; the first thing in the protection process is to ensure that data and systems are protected and secured against breaches and compromises. The most effective form of protection is that which controls approaches, layers, and types. This is because cyber attackers use the slightest weaknesses in a system to hack it. A weakness that the organization could not imagine existed. Sensors are hardened more and more so as to secure them against deliberate or accidental manipulation. Software firewalls should also be installed so as to protect the systems against hackers. Vigilant; in this paradigm, an organization should ensure frequent verification of security system so as to ensure that they are still functioning and that they have not yet been attacked (Pangburn, 2013). Software are prone to degradation due to age if they stay for a long time. This verification is also essential because attacks keep on mutating so as to fit in new systems, and thus the security systems should be checked regularly. Resilient; a resilient system should also be adopted by organizations. A resilient system recovers data quickly, and therefore even-after a cyber attack, an organization can resume its normal operations faster as the breech is being dealt with.

CONCLUSION

In summary, we can conclude that the IoT products are at high risk of malware attacks, and individuals and organizations should do everything in their power to ensure that they secure their devices against being attacked by hackers, which can use the breeched dat to harm them. We at that point layout the protection suggestions of untrusted IoT gadgets interfacing to certainly trusted systems, and conceivable future inquiries about bearings to relieve these protection suggestions (Chen, D., Bovornkeeratiroj, P., Irwin, D., & Shenoy, 2018). Various strategies can help in securing devices and systems against cyber-attacks, as discussed above.

BIBLIOGRAPHY

D. J. Pangburn, “How easily can a moving car be hacked?” Motherboard, June 28, 2013, http://motherboard.vice. com/blog/how-easily-can-a-moving-car-be-hacked, accessed Feb 29, 2020.

Hewlett-Packard, Internet of Things research study, 2014, www8.hp.com/h20195/v2/GetDocument. aspx?docname=4AA5-4759ENW, accessed April 2015; Arik Hesseldahl, “A hacker’s eye view of the Internet of Things,” Re/code, April 7, 2015, http://recode.net/2015/04/07/a-hackers-eye-view-of-the-internet-of-things/, accessed Feb 29, 2020.

REFERENCES

Bin Sulaiman, R. (2019). Future Threats to Internet of Things (IoT) Security & Privacy: A Survey. SSRN Electronic Journal. doi: 10.2139/ssrn.3509352

Masoodi, F., Alam, S., & Siddiqui, S. (2019). Security & Privacy Threats, Attacks and Countermeasures in Internet of Things. International Journal Of Network Security & Its Applications, 11(02), 67-77. doi: 10.5121/ijnsa.2019.11205

Ficco, M. (2019). Internet-of-Things and fog-computing as enablers of new security and privacy threats. Internet Of Things, 8, 100113. doi: 10.1016/j.iot.2019.100113

Yang, Y., Wu, L., Yin, G., Li, L., & Zhao, H. (2017). A survey on security and privacy issues in Internet-of-Things. IEEE Internet of Things Journal, 4(5), 1250-1258

Riggins, F. J., & Wamba, S. F. (2015, January). Research directions on the adoption, usage, and impact of the internet of things through the use of big data analytics. In 2015 48th Hawaii International Conference on System Sciences (pp. 1531-1540). IEEE.

Bandyopadhyay, S., Sengupta, M., Maiti, S., & Dutta, S. (2011). Role of middleware for internet of things: A study. International Journal of Computer Science and Engineering Survey, 2(3), 94-105.

Bandyopadhyay, S., Sengupta, M., Maiti, S., & Dutta, S. (2011). A survey of middleware for internet of things. In Recent trends in wireless and mobile networks (pp. 288-296). Springer, Berlin, Heidelberg.

Rodriguez-Mota, A., Escamilla-Ambrosio, P. J., Happa, J., & Nurse, J. R. (2016, November). Towards IoT cybersecurity modeling: From malware analysis data to IoT system representation. In 2016 8th IEEE Latin-American Conference on Communications (LATINCOM) (pp. 1-6). IEEE.

Chen, D., Bovornkeeratiroj, P., Irwin, D., & Shenoy, P. (2018, July). Private memoirs of iot devices: Safeguarding user privacy in the IoT era. In 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS) (pp. 1327-1336). IEEE.

Abomhara, M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, 4(1), 65-88.

Corones, S., & Lane, B. (2010). Shielding critical infrastructure information-sharing schemes from competition law. Deakin L. Rev., 15, 1.

Varga, P., Plosz, S., Soos, G., & Hegedus, C. (2017, May). Security threats and issues in automation IoT. In 2017 IEEE 13th International Workshop on Factory Communication Systems (WFCS) (pp. 1-6). IEEE.

Lee, K., Kim, D., Ha, D., Rajput, U., & Oh, H. (2015, September). On security and privacy issues of fog computing supported Internet of Things environment. In 2015 6th International Conference on the Network of the Future (NOF) (pp. 1-3). IEEE.

Tweneboah-Koduah, S., Skouby, K. E., & Tadayoni, R. (2017). Cyber security threats to IoT applications and service domains. Wireless Personal Communications, 95(1), 169-185.