Your browser doesn't support javascript.
loading
Mostrar: 20 | 50 | 100
Resultados 1 - 2 de 2
Filtrar
Mais filtros










Base de dados
Intervalo de ano de publicação
1.
Sensors (Basel) ; 23(6)2023 Mar 13.
Artigo em Inglês | MEDLINE | ID: mdl-36991781

RESUMO

The use of IoT devices has increased rapidly in recent times. While the development of new devices is moving quickly, and as prices are being forced down, the costs of developing such devices also needs to be reduced. IoT devices are now trusted with more critical tasks, and it is important that they behave as intended and that the information they process is protected. It is not always the IoT device itself that is the target of a cyber attack, but rather, it can be a tool for another attack. Home consumers, in particular, expect these devices to be easy to use and set up. However, to reduce costs, complexity, and time, security measures are often cut down. To increase awareness and knowledge in IoT security, education, awareness, demonstrations, and training are necessary. Small changes may result in significant security benefits. With increased awareness and knowledge among developers, manufacturers, and users, they can make choices that can improve security. To increase knowledge and awareness in IoT security, a proposed solution is a training ground for IoT security, an IoT cyber range. Cyber ranges have received more attention lately, but not as much in the IoT field, at least not what is publicly available. As the diversity in IoT devices is large with different vendors, architectures, and components and peripherals, it is difficult to find one solution that fits all IoT devices. To some extent, IoT devices can be emulated, but it is not feasible to create emulators for all types of devices. To cover all needs, it is necessary to combine digital emulation with real hardware. A cyber range with this combination is called a hybrid cyber range. This work surveys the requirements for a hybrid IoT cyber range and proposes a design and implementation of a range that fulfills those requirements.

2.
Sensors (Basel) ; 20(10)2020 May 23.
Artigo em Inglês | MEDLINE | ID: mdl-32456150

RESUMO

The enforcement of fine-grained access control policies in constrained dynamic networks can become a challenging task. The inherit constraints present in those networks, which result from the limitations of the edge devices in terms of power, computational capacity and storage, require an effective and efficient access control mechanism to be in place to provide suitable monitoring and control of actions and regulate the access over the resources. In this article, we present RESPOnSE, a framework for the specification and enforcement of security policies within such environments, where the computational burden is transferred to high-tier nodes, while low-tier nodes apply risk-aware policy enforcement. RESPOnSE builds on a combination of two widely used access control models, Attribute-Based Access Control and Role-Based Access Control, exploiting the benefits each one provides. Moreover, the proposed mechanism is founded on a compensatory multicriteria decision-making algorithm, based on the calculation of the Euclidean distance between the run-time values of the attributes present in the security policy and their ideal values, as those are specified within the established policy rules.

SELEÇÃO DE REFERÊNCIAS
DETALHE DA PESQUISA
...