Apparatus: Reasoning About Security Requirements in the Internet of Things

Orestis Mavropoulos; Haralambos Mouratidis; Andrew Fish; Emmanouil Panaousis; Christos Kalloniatis

doi:10.1007/978-3-319-39564-7_21

Apparatus: Reasoning About Security Requirements in the Internet of Things

Orestis Mavropoulos, Haralambos Mouratidis, Andrew Fish, Emmanouil Panaousis, Christos Kalloniatis

University of Brighton

Research output: Chapter in Book/Conference proceeding with ISSN or ISBN › Conference contribution with ISSN or ISBN › peer-review

Abstract

Internet of Things (IoT) can be seen as the main driver towards an era of ubiquitous computing. Taking into account the scale of IoT, the number of security issues that emerge are unprecedented, therefore the need for proposing new methodologies for elaborating about security in IoT systems is undoubtedly crucial and this is recognised by both academia and the industry alike. In this work we present Apparatus, a conceptual model for reasoning about security in IoT systems through the lens of Security Requirements Engineering. Apparatus is architecture-oriented and describes an IoT system as a cluster of nodes that share network connections. The information of the system is documented in a textual manner, using Javascript Notation Object (JSON) format, in order to elicit security requirements. To demonstrate its usage the security requirements of a temperature monitor system are identified and a first application of Apparatus is exhibited.

Original language	English
Title of host publication	Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings.
Place of Publication	Slovenia
Publisher	Springer International Publishing
Pages	219-230
Number of pages	12
Volume	249
ISBN (Electronic)	9783319395647
ISBN (Print)	9783319395630
DOIs	https://doi.org/10.1007/978-3-319-39564-7_21
Publication status	Published - 7 Jun 2016
Event	Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings - CAiSE 2016, Ljubljana, Slovenia, June 13-17, 2016. Duration: 7 Jun 2016 → …

Publication series

Name	Lecture Notes in Business Information Processing

Workshop

Workshop	Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings
Period	7/06/16 → …

Bibliographical note

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-39564-7_21

Keywords

Internet of Things
Security Requirements Engineering
IoT Conceptual Model
Information Security

Access to Document

10.1007/978-3-319-39564-7_21Licence: Unspecified

mavropoulos2016apparatus.pdfAccepted author manuscript, 755 KBLicence: Unspecified

Andrew Fish
- Centre for Secure, Intelligent and Usable Systems
- Mathematical Sciences Research and Enterprise Group
Person: Academic
Haris Mouratidis
- Centre for Secure, Intelligent and Usable Systems
Person: Academic

Cite this

Mavropoulos, O., Mouratidis, H., Fish, A., Panaousis, E., & Kalloniatis, C. (2016). Apparatus: Reasoning About Security Requirements in the Internet of Things. In Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings. (Vol. 249, pp. 219-230). (Lecture Notes in Business Information Processing). Springer International Publishing. https://doi.org/10.1007/978-3-319-39564-7_21

Mavropoulos, Orestis ; Mouratidis, Haralambos ; Fish, Andrew ; Panaousis, Emmanouil ; Kalloniatis, Christos. / Apparatus: Reasoning About Security Requirements in the Internet of Things. Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings.. Vol. 249 Slovenia : Springer International Publishing, 2016. pp. 219-230 (Lecture Notes in Business Information Processing).

@inproceedings{8641db84b2c3416fbf0da72e31a29f50,

title = "Apparatus: Reasoning About Security Requirements in the Internet of Things",

abstract = "Internet of Things (IoT) can be seen as the main driver towards an era of ubiquitous computing. Taking into account the scale of IoT, the number of security issues that emerge are unprecedented, therefore the need for proposing new methodologies for elaborating about security in IoT systems is undoubtedly crucial and this is recognised by both academia and the industry alike. In this work we present Apparatus, a conceptual model for reasoning about security in IoT systems through the lens of Security Requirements Engineering. Apparatus is architecture-oriented and describes an IoT system as a cluster of nodes that share network connections. The information of the system is documented in a textual manner, using Javascript Notation Object (JSON) format, in order to elicit security requirements. To demonstrate its usage the security requirements of a temperature monitor system are identified and a first application of Apparatus is exhibited.",

keywords = "Internet of Things, Security Requirements Engineering, IoT Conceptual Model, Information Security",

author = "Orestis Mavropoulos and Haralambos Mouratidis and Andrew Fish and Emmanouil Panaousis and Christos Kalloniatis",

note = "The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-39564-7_21; Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings ; Conference date: 07-06-2016",

year = "2016",

month = jun,

day = "7",

doi = "10.1007/978-3-319-39564-7_21",

language = "English",

isbn = "9783319395630",

volume = "249",

series = "Lecture Notes in Business Information Processing",

publisher = "Springer International Publishing",

pages = "219--230",

booktitle = "Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings.",

}

Mavropoulos, O, Mouratidis, H , Fish, A, Panaousis, E & Kalloniatis, C 2016, Apparatus: Reasoning About Security Requirements in the Internet of Things. in Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings.. vol. 249, Lecture Notes in Business Information Processing, Springer International Publishing, Slovenia, pp. 219-230, Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings, 7/06/16. https://doi.org/10.1007/978-3-319-39564-7_21

Apparatus: Reasoning About Security Requirements in the Internet of Things. / Mavropoulos, Orestis; Mouratidis, Haralambos ; Fish, Andrew; Panaousis, Emmanouil; Kalloniatis, Christos.

Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings.. Vol. 249 Slovenia : Springer International Publishing, 2016. p. 219-230 (Lecture Notes in Business Information Processing).

Research output: Chapter in Book/Conference proceeding with ISSN or ISBN › Conference contribution with ISSN or ISBN › peer-review

TY - GEN

T1 - Apparatus: Reasoning About Security Requirements in the Internet of Things

AU - Mavropoulos, Orestis

AU - Mouratidis, Haralambos

AU - Fish, Andrew

AU - Panaousis, Emmanouil

AU - Kalloniatis, Christos

N1 - The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-39564-7_21

PY - 2016/6/7

Y1 - 2016/6/7

N2 - Internet of Things (IoT) can be seen as the main driver towards an era of ubiquitous computing. Taking into account the scale of IoT, the number of security issues that emerge are unprecedented, therefore the need for proposing new methodologies for elaborating about security in IoT systems is undoubtedly crucial and this is recognised by both academia and the industry alike. In this work we present Apparatus, a conceptual model for reasoning about security in IoT systems through the lens of Security Requirements Engineering. Apparatus is architecture-oriented and describes an IoT system as a cluster of nodes that share network connections. The information of the system is documented in a textual manner, using Javascript Notation Object (JSON) format, in order to elicit security requirements. To demonstrate its usage the security requirements of a temperature monitor system are identified and a first application of Apparatus is exhibited.

AB - Internet of Things (IoT) can be seen as the main driver towards an era of ubiquitous computing. Taking into account the scale of IoT, the number of security issues that emerge are unprecedented, therefore the need for proposing new methodologies for elaborating about security in IoT systems is undoubtedly crucial and this is recognised by both academia and the industry alike. In this work we present Apparatus, a conceptual model for reasoning about security in IoT systems through the lens of Security Requirements Engineering. Apparatus is architecture-oriented and describes an IoT system as a cluster of nodes that share network connections. The information of the system is documented in a textual manner, using Javascript Notation Object (JSON) format, in order to elicit security requirements. To demonstrate its usage the security requirements of a temperature monitor system are identified and a first application of Apparatus is exhibited.

KW - Internet of Things

KW - Security Requirements Engineering

KW - IoT Conceptual Model

KW - Information Security

U2 - 10.1007/978-3-319-39564-7_21

DO - 10.1007/978-3-319-39564-7_21

M3 - Conference contribution with ISSN or ISBN

SN - 9783319395630

VL - 249

T3 - Lecture Notes in Business Information Processing

SP - 219

EP - 230

BT - Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings.

PB - Springer International Publishing

CY - Slovenia

T2 - Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings

Y2 - 7 June 2016

ER -

Mavropoulos O, Mouratidis H , Fish A, Panaousis E, Kalloniatis C. Apparatus: Reasoning About Security Requirements in the Internet of Things. In Advanced Information Systems Engineering Workshops,CAiSE 2016 International Workshops, Proceedings.. Vol. 249. Slovenia: Springer International Publishing. 2016. p. 219-230. (Lecture Notes in Business Information Processing). https://doi.org/10.1007/978-3-319-39564-7_21

Apparatus: Reasoning About Security Requirements in the Internet of Things

Abstract

Publication series

Workshop

Bibliographical note

Keywords

Access to Document

Fingerprint

Profiles

Andrew Fish

Haris Mouratidis

Cite this