Recent adversarial attacks have been shown IoT devices weaknesses due to their limited computing power. Given also their ubiquitous presence, lower costs and limitations in keeping security measures up-todate, resource-constrained devices represent a growing risk for the security of IT infrastructure. The scope of the research is to investigate the weaknesses of resource-constrained IoT devices. The methodology for the investigation is the legal analysis of existing legal frameworks regulating IoT cybersecurity and data security; afterwards it will be carried out a critical evaluation of the existing best practices. This critical analysis should face the twofold challenge of increasing transparency and trust in resource-constrained systems. Users and companies are two faces of the same coin: accountability of data collectors and user awareness are crucial in the security and data protection debate. Thus, a comprehensive overview of the relevant legal frameworks and guidelines would increase the understanding of risks of the users, whilst data controllers (especially of small and medium enterprises) may have an instrument to implement properly security measures.
Security and Privacy in Resource-constrained Devices
Pier Giorgio Chiara
2020
Abstract
Recent adversarial attacks have been shown IoT devices weaknesses due to their limited computing power. Given also their ubiquitous presence, lower costs and limitations in keeping security measures up-todate, resource-constrained devices represent a growing risk for the security of IT infrastructure. The scope of the research is to investigate the weaknesses of resource-constrained IoT devices. The methodology for the investigation is the legal analysis of existing legal frameworks regulating IoT cybersecurity and data security; afterwards it will be carried out a critical evaluation of the existing best practices. This critical analysis should face the twofold challenge of increasing transparency and trust in resource-constrained systems. Users and companies are two faces of the same coin: accountability of data collectors and user awareness are crucial in the security and data protection debate. Thus, a comprehensive overview of the relevant legal frameworks and guidelines would increase the understanding of risks of the users, whilst data controllers (especially of small and medium enterprises) may have an instrument to implement properly security measures.| File | Dimensione | Formato | |
|---|---|---|---|
|
paper-03.pdf
accesso aperto
Tipo:
Versione (PDF) editoriale
Licenza:
Licenza per Accesso Aperto. Creative Commons Attribuzione (CCBY)
Dimensione
311.26 kB
Formato
Adobe PDF
|
311.26 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
