Abstract:
Physical objects are getting connected to the internet at an exceptional rate making the idea of the Internet of things a reality. The advent of the internet of things ecosystem is everywhere in our daily lives in the form of smart homes, smart healthcare systems, smart wearables, smart connected vehicles, and industries. This has given rise to the risks associated with the privacy and security concerns of the users. The potential growth of the IoT products might get hindered due to the increasing amount of cyber-attacks on IoT devices due to deficiencies in its architecture. To counter it we need to implement privacy and security rights from its building blocks. This can be achieved through the reference architecture. A reference architecture is a recommended structure a building block that integrates products and services. It provides a framework for the domain. There has been an evolution of IoT architecture’s over the years improving the stack of architecture with new solutions like Scalability, Management, Interoperability, and Extensibility. This gives us more responsibility and the need to standardize and organize IoT reference architecture in federation with privacy and security concerns. In this thesis, we propose the core IoT requirements extracted through the standards considering the quantifiable metrics that integrate privacy and security as well. These requirements are divided into functional and non-functional requirements. We surveyed and analyzed twelve existing IoT reference architectures based on these requirements. Shortcomings were identified through the analysis, we then proposed privacy federated IoT security reference architecture that addresses privacy and security concerns and is a step towards the standardization of concrete domain architecture. Finally to validate our proposed reference architecture we used the industry-recognized scenario-based approach known as the Architecture Tradeoff Analysis Method (ATAM).
