TY - JOUR
T1 - An ontology-based cybersecurity framework for the internet of things
AU - Mozzaquatro, Bruno Augusti
AU - Agostinho, Carlos
AU - Gonçalves, Diogo
AU - Martins, João
AU - Jardim-Gonçalves, Ricardo
N1 - info:eu-repo/grantAgreement/EC/H2020/636909/EU#
PY - 2018/9/12
Y1 - 2018/9/12
N2 - The use of sensors and actuators as a form of controlling cyber-physical systems in resource networks has been integrated and referred to as the Internet of Things (IoT). However, the connectivity of many stand-alone IoT systems through the Internet introduces numerous cybersecurity challenges as sensitive information is prone to be exposed to malicious users. This paper focuses on the improvement of IoT cybersecurity from an ontological analysis, proposing appropriate security services adapted to the threats. The authors propose an ontology-based cybersecurity framework using knowledge reasoning for IoT, composed of two approaches: (1) design time, which provides a dynamic method to build security services through the application of a model-driven methodology considering the existing enterprise processes; and (2) run time, which involves monitoring the IoT environment, classifying threats and vulnerabilities, and actuating in the environment ensuring the correct adaptation of the existing services. Two validation approaches demonstrate the feasibility of our concept. This entails an ontology assessment and a case study with an industrial implementation.
AB - The use of sensors and actuators as a form of controlling cyber-physical systems in resource networks has been integrated and referred to as the Internet of Things (IoT). However, the connectivity of many stand-alone IoT systems through the Internet introduces numerous cybersecurity challenges as sensitive information is prone to be exposed to malicious users. This paper focuses on the improvement of IoT cybersecurity from an ontological analysis, proposing appropriate security services adapted to the threats. The authors propose an ontology-based cybersecurity framework using knowledge reasoning for IoT, composed of two approaches: (1) design time, which provides a dynamic method to build security services through the application of a model-driven methodology considering the existing enterprise processes; and (2) run time, which involves monitoring the IoT environment, classifying threats and vulnerabilities, and actuating in the environment ensuring the correct adaptation of the existing services. Two validation approaches demonstrate the feasibility of our concept. This entails an ontology assessment and a case study with an industrial implementation.
KW - Cybersecurity framework
KW - Industry 4.0
KW - Internet of things
KW - Security ontology
KW - Security service provisioning
UR - http://www.scopus.com/inward/record.url?scp=85053444553&partnerID=8YFLogxK
U2 - 10.3390/s18093053
DO - 10.3390/s18093053
M3 - Article
C2 - 30213085
AN - SCOPUS:85053444553
VL - 18
JO - Sensors
JF - Sensors
SN - 1424-8220
IS - 9
M1 - 3053
ER -