On the security aspects of Internet of Things: A systematic literature review

Internet of Things (IoT) has gained increasing visibility among emerging technologies and undoubtedly changing our daily life. Its adoption is strengthened by the growth of connected devices (things) as shown in recent statistics. However, as the number of connected things grows, responsibility related to security aspects also needs to increase. For instance, cyberattacks might happen if simple authentication mechanisms are not implemented on IoT applications, or if access control mechanisms are weakly defined. Considering the relevance of the subject, we performed a systematic literature review (SLR) to identify and synthesize security issues in IoT discussed in scientific papers published within a period of 8 years. Our literature review focused on four main security aspects, namely authentication, access control, data protection, and trust. We believe that a study considering these topics has the potential to reveal important opportunities and trends related to IoT security. In particular, we aim to identify open issues and technological trends that might guide future studies in this field, thus providing useful material both to researchers and to managers and developers of IoT systems. In this paper, we describe the protocol adopted to perform the SLR and present the state-of-the-art on the field by describing the main techniques reported in the retrieved studies. To the best of our knowledge, ours is the first study to compile information on a comprehensive set of security aspects in IoT. Moreover, we discuss the placement, in terms of architectural tiers, for deploying security techniques, in an attempt to provide guidelines to help design decisions of security solution developers. We summarize our results showing security trends and research gaps that can be explored in future studies.