Document details

The Internet today is mainly human-centric and many of the connected devices are well known technology (e.g. desktops, laptops, mobile phones). The Internet of Things (IoT) changes this situation by introducing a wide variety of new objects to the traditional Internet, so as to improve the daily lives of people and business, by enhancing new services and triggering innovations into these environments. However, the security solutions built around previous connected technologies is not completely su cient for these new connected objects. This is due to their miniaturization they have many constraints in terms of computational power, memory, storage, and battery lifetime, which introduces new challenges in terms of implementing security solutions. Apart from the establishment of secure communications, the data collected from these devices also raises some privacy threats; how these data are processed, stored and shared, is still not clear. As more objects become Internet-enabled the threat will only increase if no measures are put in place during the early stages of the Internet of Things. This work was developed to identify potential security and privacy vulnerabilities associated with the current and future Internet of Things. This thesis starts by describing the concept of the Internet of Things followed by a description of the current state of security approaches for the IoT products. The technologies that will enable the IoT growth and the security challenges, requirements, threats, and countermeasures are thus summarized in this thesis. At the end an experimental assessment of the security implementation of a device present in the current market was performed and a more robust proposal for the security and privacy of the device was developed. The work was then followed by the implementation of an environment that will help organize and manage the heterogeneous IoT devices that will be part of a smart home. Finally some conclusions and directions for future work are presented.