DOI: https://doi.org/10.32515/2664-262X.2025.11(42).1.46-55
Шляхи підвищення конфіденційності в мережах інтернету речей
Про авторів
Ю. І. Підлісний, аспірант, Національний університет «Чернігівська політехніка», Чернігів, Україна, e-mail: ypodlesny@ukr.net, ORCID ID: 0009-0001-9783-3898
Анотація
У статті представлено результати огляду існуючих найновітніші і найактуальніші системи захисту для мереж IoT, їх переваги та недоліки. Основну увагу приділено методам захисту даних на рівні пристроїв, мережевої інфраструктури та хмарних сервісів. Серед можливих шляхів підвищення конфіденційності розглядаються застосування шифрування, механізмів аутентифікації, впровадження блокчейн-технологій, штучного інтелекту та машинного навчання. Висновки підкреслюють важливість інтеграції багаторівневих стратегій захисту, адаптованих до специфіки мереж IoT, для забезпечення високого рівня конфіденційності та довіри до систем Інтернету речей. Мета статті - комплексне висвітлення і аналіз сучасних викликів, загроз та проблем конфіденційності та безпеки в мережах Інтернету речей (IoT), а також вивчення передових методів захисту чутливої інформації. Стаття також спрямована на формування уявлення про актуальність питань приватності для користувачів IoT, окреслення можливих підходів до вирішення існуючих проблем і підвищення обізнаності щодо впливу технологій на безпеку даних у глобальній IoT-інфраструктурі.
Ключові слова
IoT, мережа IoT, штучний інтелект, машинне навчання, безпека інформації
Повний текст:
PDF
Посилання
1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. (2016). Verkhovna Rada of Ukraine. Retrieved February 15, 2025, from https://zakon.rada.gov.ua/laws/show/984_008-16#Text [in Ukrainian].
2. California Consumer Privacy Act (CCPA). (2024, March 13). Retrieved February 15, 2025, from https://oag.ca.gov/privacy/ccpa.
3. Pinto, G. P., Donta, P. K., Dustdar, S., & Prazeres, C. (2024). A systematic review on privacy-aware IoT personal data stores. Sensors, 24(7), 2197. Retrieved February 10, 2025, from https://pmc.ncbi.nlm.nih.gov/articles/PMC11014407/.
4. Rajmohan, T., Nguyen, P. H., & Ferry, N. (2022). A decade of research on patterns and architectures for IoT security. Cybersecurity, 5, Article 2. Retrieved February 12, 2025, from https://cybersecurity.springeropen.com/articles/10.1186/s42400-021-00104-7.
5. Ataullah, M., & Chauhan, N. (2024). Exploring security and privacy enhancement technologies in the Internet of Things: A comprehensive review. Security and Privacy, 7(6), e448. Retrieved February 15, 2025, from https://onlinelibrary.wiley.com/doi/10.1002/spy2.448.
6. Lu, Y. (2023). Security and privacy of Internet of Things: A review of challenges and solutions. Journal of Cyber Security and Mobility, 12(6). Retrieved February 15, 2025, from https://journals.riverpublishers.com/index.php/JCSANDM/article/view/22587/.
7. Abomhara, M., & Køien, G. M. (2014). Security and privacy in the Internet of Things: Current status and open issues. Proceedings of the 2014 International Conference on Privacy and Security in Mobile Systems (PRISMS). https://doi.org/10.1109/PRISMS.2014.6970594.
8. Pinto, G. P., Donta, P. K., & Dustdar, S. (2024). A systematic review on privacy-aware IoT personal data stores. Sensors, 24(7), 2197. Retrieved February 15, 2025, from https://pubmed.ncbi.nlm.nih.gov/38610408
9. Ystgaard, K. F., Atzori, L., Palma, D., et al. (2023). Review of the theory, principles, and design requirements of human-centric Internet of Things (IoT). Journal of Ambient Intelligence and Humanized Computing, 14, 2827–2859. Retrieved February 15, 2025, from link.springer.com/article/10.1007/s12652-023-04539-3.
10. Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security, privacy and trust in Internet of Things: The road ahead. Computer Networks, 76, 146–164. Retrieved February 15, 2025, from https://www.sciencedirect.com/science/article/abs/pii/S1389128614003971.
11. Roman, R., Zhou, J., & López, J. (2013). On the features and challenges of security and privacy in distributed Internet of Things. Computer Networks, 57(10), 2266–2279. Retrieved February 15, 2025, from https://www.sciencedirect.com/science/article/abs/pii/S1389128613000054.
12. Ben Henda, N., Msolli, A., Hagui, I., & Helali, A. (2024). Attack detection in IoT network using support vector machine and improved feature selection technique. Journal of Network and Systems Management, 32(4). https://doi.org/10.1007/s10922-024-09871-3.
13. Meidan, Y., Bohadana, M., Mathov, Y., et al. (2018). Network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Computing, 17(3). Retrieved February 15, 2025, from https://ieeexplore.ieee.org/document/8490192.
14. Ul Haque, E., Abbasi, W., Almogren, A., Choi, J., et al. (2024). Performance enhancement in blockchain-based IoT data sharing using lightweight consensus algorithm. Scientific Reports, 14, Article 26561. Retrieved February 20, 2025, from https://www.nature.com/articles/s41598-024-77706-x.
15. Jiang, B., Li, J., Yue, G., & Song, H. (2021). Differential privacy for industrial Internet of Things: Opportunities, applications and challenges. IEEE Internet of Things Journal, 8(13), 10430–10451. Retrieved February 20, 2025, from https://arxiv.org/abs/2101.10569.
16. Chauhan, K. K., Sanger, A. K. S., & Verm, A. (2015). Homomorphic encryption for data security in cloud computing. Proceedings of the International Conference on Information Technology (ICIT). https://doi.org/10.1109/ICIT.2015.39.
17. Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero trust architecture. National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207.
18. Alkhonaini, M. A., Alenizi, F. A., Jazyah, Y. H., & Lee, S. (2024). A two-phase spatiotemporal chaos-based protocol for data integrity in IoT. Scientific Reports, 14, Article 8629. Retrieved February 14, 2025, from https://www.nature.com/articles/s41598-024-58914-x.
19. Baker, A., & River, W. (n.d.). Maintaining data integrity in Internet of Things applications. Retrieved February 14, 2025, from https://files.iccmedia.com/pdf/windriver160823.pdf.
20. Amos, Z. (n.d.). Multi-factor authentication is crucial for IoT security. Retrieved February 19, 2025, from https://www.iotforall.com/multi-factor-authentication-is-crucial-for-iot-security.
Пристатейна бібліографія ГОСТ
1. Регламент Європейського Парламенту і Ради (ЄС) 2016/679 від 27 квітня 2016 року / Верховна Рада України. URL: https://zakon.rada.gov.ua/laws/show/984_008-16#Text (дата звернення: 15.02.2025).
2. California Consumer Privacy Act (CCPA). March 13, 2024. URL: https://oag.ca.gov/privacy/ccpa (дата звернення: 15.02.2025).
3. Pinto G.P., Donta P.K., Dustdar S., Prazeres C. A Systematic Review on Privacy-Aware IoT Personal Data Stores. Sensors. 2024. Vol. 24, No. 7. 2197. URL: https://pmc.ncbi.nlm.nih.gov/articles/PMC11014407/ (дата звернення: 10.02.2025).
4. Rajmohan T., Nguyen P.H., Ferry N. A decade of research on patterns and architectures for IoT security. Cybersecurity. 2022. Vol. 5. Article No. 2. URL: https://cybersecurity.springeropen.com/articles/10.1186/s42400-021-00104-7 (дата звернення: 12.02.2025).
5. Ataullah M., Chauhan N. Exploring security and privacy enhancement technologies in the Internet of Things: A comprehensive review. Security and Privacy. 2024. Vol. 7, Issue 6. e448. URL: https://onlinelibrary.wiley.com/doi/10.1002/spy2.448 (дата звернення: 15.02.2025).
6. Lu Y. Security and Privacy of Internet of Things: A Review of Challenges and Solutions. Journal of Cyber Security and Mobility. 2023. Vol. 12, Issue 6. URL: journals.riverpublishers.com/index.php/JCSANDM/article/view/22587/ (дата звернення: 15.02.2025).
7. Abomhara M., Køien G.M. Security and privacy in the Internet of Things: Current status and open issues. 2014 International Conference on Privacy and Security in Mobile Systems (PRISMS). 2014. DOI: 10.1109/PRISMS.2014.6970594. URL: https://www.researchgate.net/publication/269687360 (дата звернення: 15.02.2025).
8. Pinto G.P., Donta P.K., Dustdar S. A Systematic Review on Privacy-Aware IoT Personal Data Stores. Sensors. 2024. Vol. 24, No. 7. 2197. URL: https://pubmed.ncbi.nlm.nih.gov/38610408 (дата звернення: 15.02.2025).
9. Ystgaard K.F., Atzori L., Palma D., et al. Review of the theory, principles, and design requirements of human-centric Internet of Things (IoT). Journal of Ambient Intelligence and Humanized Computing. 2023. Vol. 14. P. 2827–2859. URL: https://link.springer.com/article/10.1007/s12652-023-04539-3 (дата звернення: 15.02.2025).
10. Sicari S., Rizzardi A., Grieco L.A., Coen-Porisini A. Security, privacy and trust in Internet of Things: The road ahead. Computer Networks. 2015. Vol. 76. P. 146–164. URL: https://www.sciencedirect.com/science/article/abs/pii/S1389128614003971 (дата звернення: 15.02.2025).
11. Roman R., Zhou J., López J. On the Features and Challenges of Security and Privacy in Distributed Internet of Things. Computer Networks. 2013. Vol. 57, Issue 10. P. 2266–2279. URL: https://www.sciencedirect.com/science/article/abs/pii/S1389128613000054 (дата звернення: 15.02.2025).
12. Ben Henda N., Msolli A., Hagui I., Helali A. Attack Detection in IoT Network Using Support Vector Machine and Improved Feature Selection Technique. Journal of Network and Systems Management. 2024. Vol. 32, No. 4. DOI: 10.1007/s10922-024-09871-3. URL: https://www.researchgate.net/figure/The-conventional-architecture-for-IoT-network_fig1_383984303 (дата звернення: 15.02.2025).
13. Meidan Y., Bohadana M., Mathov Y., et al. Network-based Detection of IoT Botnet Attacks Using Deep Autoencoders. IEEE Pervasive Computing. 2018. Vol. 17, Issue 3. URL: https://ieeexplore.ieee.org/document/8490192 (дата звернення: 15.02.2025).
14. Ul Haque E., Abbasi W., Almogren A., Choi J., et al. Performance enhancement in blockchain-based IoT data sharing using lightweight consensus algorithm. Scientific Reports. 2024. Vol. 14, Article No. 26561. URL: https://www.nature.com/articles/s41598-024-77706-x (дата звернення: 20.02.2025).
15. Jiang B., Li J., Yue G., Song H. Differential Privacy for Industrial Internet of Things: Opportunities, Applications and Challenges. IEEE Internet of Things Journal. 2021. Vol. 8, Issue 13. P. 10430–10451. URL: https://arxiv.org/abs/2101.10569 (дата звернення: 20.02.2025).
16. Chauhan K.K., Sanger A.K.S., Verm A. Homomorphic Encryption for Data Security in Cloud Computing. International Conference on Information Technology (ICIT). 2015. DOI: 10.1109/ICIT.2015.39. URL: https://ieeexplore.ieee.org/document/7437616 (дата звернення: 20.02.2025).
17. Rose S., Borchert O., Mitchell S., Connelly S. Zero Trust Architecture. National Institute of Standards and Technology. 2020. DOI: 10.6028/NIST.SP.800-207.
18. Alkhonaini M.A., Alenizi F.A., Jazyah Y.H., Lee S. A two-phase spatiotemporal chaos-based protocol for data integrity in IoT. Scientific Reports. 2024. Vol. 14, Article No. 8629. URL: https://www.nature.com/articles/s41598-024-58914-x (дата звернення: 14.02.2025).
19. Baker A., Technologist P., River W. Maintaining data integrity in Internet of Things applications Arlen Baker, Principal Technologist, Wind River. URL: https://files.iccmedia.com/pdf/windriver160823.pdf (дата звернення: 14.02.2025).
20. Amos Z. Multi-Factor Authentication Is Crucial for IoT Security. URL: https://www.iotforall.com/multi-factor-authentication-is-crucial-for-iot-security (дата звернення: 19.02.2025).
Copyright (c) 2025 Ю. І. Підлісний
Шляхи підвищення конфіденційності в мережах інтернету речей
Про авторів
Ю. І. Підлісний, аспірант, Національний університет «Чернігівська політехніка», Чернігів, Україна, e-mail: ypodlesny@ukr.net, ORCID ID: 0009-0001-9783-3898
Анотація
Ключові слова
Повний текст:
PDFПосилання
1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. (2016). Verkhovna Rada of Ukraine. Retrieved February 15, 2025, from https://zakon.rada.gov.ua/laws/show/984_008-16#Text [in Ukrainian].
2. California Consumer Privacy Act (CCPA). (2024, March 13). Retrieved February 15, 2025, from https://oag.ca.gov/privacy/ccpa.
3. Pinto, G. P., Donta, P. K., Dustdar, S., & Prazeres, C. (2024). A systematic review on privacy-aware IoT personal data stores. Sensors, 24(7), 2197. Retrieved February 10, 2025, from https://pmc.ncbi.nlm.nih.gov/articles/PMC11014407/.
4. Rajmohan, T., Nguyen, P. H., & Ferry, N. (2022). A decade of research on patterns and architectures for IoT security. Cybersecurity, 5, Article 2. Retrieved February 12, 2025, from https://cybersecurity.springeropen.com/articles/10.1186/s42400-021-00104-7.
5. Ataullah, M., & Chauhan, N. (2024). Exploring security and privacy enhancement technologies in the Internet of Things: A comprehensive review. Security and Privacy, 7(6), e448. Retrieved February 15, 2025, from https://onlinelibrary.wiley.com/doi/10.1002/spy2.448.
6. Lu, Y. (2023). Security and privacy of Internet of Things: A review of challenges and solutions. Journal of Cyber Security and Mobility, 12(6). Retrieved February 15, 2025, from https://journals.riverpublishers.com/index.php/JCSANDM/article/view/22587/.
7. Abomhara, M., & Køien, G. M. (2014). Security and privacy in the Internet of Things: Current status and open issues. Proceedings of the 2014 International Conference on Privacy and Security in Mobile Systems (PRISMS). https://doi.org/10.1109/PRISMS.2014.6970594.
8. Pinto, G. P., Donta, P. K., & Dustdar, S. (2024). A systematic review on privacy-aware IoT personal data stores. Sensors, 24(7), 2197. Retrieved February 15, 2025, from https://pubmed.ncbi.nlm.nih.gov/38610408
9. Ystgaard, K. F., Atzori, L., Palma, D., et al. (2023). Review of the theory, principles, and design requirements of human-centric Internet of Things (IoT). Journal of Ambient Intelligence and Humanized Computing, 14, 2827–2859. Retrieved February 15, 2025, from link.springer.com/article/10.1007/s12652-023-04539-3.
10. Sicari, S., Rizzardi, A., Grieco, L. A., & Coen-Porisini, A. (2015). Security, privacy and trust in Internet of Things: The road ahead. Computer Networks, 76, 146–164. Retrieved February 15, 2025, from https://www.sciencedirect.com/science/article/abs/pii/S1389128614003971.
11. Roman, R., Zhou, J., & López, J. (2013). On the features and challenges of security and privacy in distributed Internet of Things. Computer Networks, 57(10), 2266–2279. Retrieved February 15, 2025, from https://www.sciencedirect.com/science/article/abs/pii/S1389128613000054.
12. Ben Henda, N., Msolli, A., Hagui, I., & Helali, A. (2024). Attack detection in IoT network using support vector machine and improved feature selection technique. Journal of Network and Systems Management, 32(4). https://doi.org/10.1007/s10922-024-09871-3.
13. Meidan, Y., Bohadana, M., Mathov, Y., et al. (2018). Network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Computing, 17(3). Retrieved February 15, 2025, from https://ieeexplore.ieee.org/document/8490192.
14. Ul Haque, E., Abbasi, W., Almogren, A., Choi, J., et al. (2024). Performance enhancement in blockchain-based IoT data sharing using lightweight consensus algorithm. Scientific Reports, 14, Article 26561. Retrieved February 20, 2025, from https://www.nature.com/articles/s41598-024-77706-x.
15. Jiang, B., Li, J., Yue, G., & Song, H. (2021). Differential privacy for industrial Internet of Things: Opportunities, applications and challenges. IEEE Internet of Things Journal, 8(13), 10430–10451. Retrieved February 20, 2025, from https://arxiv.org/abs/2101.10569.
16. Chauhan, K. K., Sanger, A. K. S., & Verm, A. (2015). Homomorphic encryption for data security in cloud computing. Proceedings of the International Conference on Information Technology (ICIT). https://doi.org/10.1109/ICIT.2015.39.
17. Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero trust architecture. National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207.
18. Alkhonaini, M. A., Alenizi, F. A., Jazyah, Y. H., & Lee, S. (2024). A two-phase spatiotemporal chaos-based protocol for data integrity in IoT. Scientific Reports, 14, Article 8629. Retrieved February 14, 2025, from https://www.nature.com/articles/s41598-024-58914-x.
19. Baker, A., & River, W. (n.d.). Maintaining data integrity in Internet of Things applications. Retrieved February 14, 2025, from https://files.iccmedia.com/pdf/windriver160823.pdf.
20. Amos, Z. (n.d.). Multi-factor authentication is crucial for IoT security. Retrieved February 19, 2025, from https://www.iotforall.com/multi-factor-authentication-is-crucial-for-iot-security.
Пристатейна бібліографія ГОСТ
1. Регламент Європейського Парламенту і Ради (ЄС) 2016/679 від 27 квітня 2016 року / Верховна Рада України. URL: https://zakon.rada.gov.ua/laws/show/984_008-16#Text (дата звернення: 15.02.2025).
2. California Consumer Privacy Act (CCPA). March 13, 2024. URL: https://oag.ca.gov/privacy/ccpa (дата звернення: 15.02.2025).
3. Pinto G.P., Donta P.K., Dustdar S., Prazeres C. A Systematic Review on Privacy-Aware IoT Personal Data Stores. Sensors. 2024. Vol. 24, No. 7. 2197. URL: https://pmc.ncbi.nlm.nih.gov/articles/PMC11014407/ (дата звернення: 10.02.2025).
4. Rajmohan T., Nguyen P.H., Ferry N. A decade of research on patterns and architectures for IoT security. Cybersecurity. 2022. Vol. 5. Article No. 2. URL: https://cybersecurity.springeropen.com/articles/10.1186/s42400-021-00104-7 (дата звернення: 12.02.2025).
5. Ataullah M., Chauhan N. Exploring security and privacy enhancement technologies in the Internet of Things: A comprehensive review. Security and Privacy. 2024. Vol. 7, Issue 6. e448. URL: https://onlinelibrary.wiley.com/doi/10.1002/spy2.448 (дата звернення: 15.02.2025).
6. Lu Y. Security and Privacy of Internet of Things: A Review of Challenges and Solutions. Journal of Cyber Security and Mobility. 2023. Vol. 12, Issue 6. URL: journals.riverpublishers.com/index.php/JCSANDM/article/view/22587/ (дата звернення: 15.02.2025).
7. Abomhara M., Køien G.M. Security and privacy in the Internet of Things: Current status and open issues. 2014 International Conference on Privacy and Security in Mobile Systems (PRISMS). 2014. DOI: 10.1109/PRISMS.2014.6970594. URL: https://www.researchgate.net/publication/269687360 (дата звернення: 15.02.2025).
8. Pinto G.P., Donta P.K., Dustdar S. A Systematic Review on Privacy-Aware IoT Personal Data Stores. Sensors. 2024. Vol. 24, No. 7. 2197. URL: https://pubmed.ncbi.nlm.nih.gov/38610408 (дата звернення: 15.02.2025).
9. Ystgaard K.F., Atzori L., Palma D., et al. Review of the theory, principles, and design requirements of human-centric Internet of Things (IoT). Journal of Ambient Intelligence and Humanized Computing. 2023. Vol. 14. P. 2827–2859. URL: https://link.springer.com/article/10.1007/s12652-023-04539-3 (дата звернення: 15.02.2025).
10. Sicari S., Rizzardi A., Grieco L.A., Coen-Porisini A. Security, privacy and trust in Internet of Things: The road ahead. Computer Networks. 2015. Vol. 76. P. 146–164. URL: https://www.sciencedirect.com/science/article/abs/pii/S1389128614003971 (дата звернення: 15.02.2025).
11. Roman R., Zhou J., López J. On the Features and Challenges of Security and Privacy in Distributed Internet of Things. Computer Networks. 2013. Vol. 57, Issue 10. P. 2266–2279. URL: https://www.sciencedirect.com/science/article/abs/pii/S1389128613000054 (дата звернення: 15.02.2025).
12. Ben Henda N., Msolli A., Hagui I., Helali A. Attack Detection in IoT Network Using Support Vector Machine and Improved Feature Selection Technique. Journal of Network and Systems Management. 2024. Vol. 32, No. 4. DOI: 10.1007/s10922-024-09871-3. URL: https://www.researchgate.net/figure/The-conventional-architecture-for-IoT-network_fig1_383984303 (дата звернення: 15.02.2025).
13. Meidan Y., Bohadana M., Mathov Y., et al. Network-based Detection of IoT Botnet Attacks Using Deep Autoencoders. IEEE Pervasive Computing. 2018. Vol. 17, Issue 3. URL: https://ieeexplore.ieee.org/document/8490192 (дата звернення: 15.02.2025).
14. Ul Haque E., Abbasi W., Almogren A., Choi J., et al. Performance enhancement in blockchain-based IoT data sharing using lightweight consensus algorithm. Scientific Reports. 2024. Vol. 14, Article No. 26561. URL: https://www.nature.com/articles/s41598-024-77706-x (дата звернення: 20.02.2025).
15. Jiang B., Li J., Yue G., Song H. Differential Privacy for Industrial Internet of Things: Opportunities, Applications and Challenges. IEEE Internet of Things Journal. 2021. Vol. 8, Issue 13. P. 10430–10451. URL: https://arxiv.org/abs/2101.10569 (дата звернення: 20.02.2025).
16. Chauhan K.K., Sanger A.K.S., Verm A. Homomorphic Encryption for Data Security in Cloud Computing. International Conference on Information Technology (ICIT). 2015. DOI: 10.1109/ICIT.2015.39. URL: https://ieeexplore.ieee.org/document/7437616 (дата звернення: 20.02.2025).
17. Rose S., Borchert O., Mitchell S., Connelly S. Zero Trust Architecture. National Institute of Standards and Technology. 2020. DOI: 10.6028/NIST.SP.800-207.
18. Alkhonaini M.A., Alenizi F.A., Jazyah Y.H., Lee S. A two-phase spatiotemporal chaos-based protocol for data integrity in IoT. Scientific Reports. 2024. Vol. 14, Article No. 8629. URL: https://www.nature.com/articles/s41598-024-58914-x (дата звернення: 14.02.2025).
19. Baker A., Technologist P., River W. Maintaining data integrity in Internet of Things applications Arlen Baker, Principal Technologist, Wind River. URL: https://files.iccmedia.com/pdf/windriver160823.pdf (дата звернення: 14.02.2025).
20. Amos Z. Multi-Factor Authentication Is Crucial for IoT Security. URL: https://www.iotforall.com/multi-factor-authentication-is-crucial-for-iot-security (дата звернення: 19.02.2025).
Copyright (c) 2025 Ю. І. Підлісний