Open AccessA Fuzzy Model for Knowledge Base IoT Information Security Evaluation
Author(s) -
Fernando Machado de Mello
Publication year - 2019
Publication title -
journal of information security and cryptography
Language(s) - English
Resource type - Journals
ISSN - 2595-5217
DOI - 10.17648/jisc.v5i1.66
Subject(s) - correctness , computer science , internet of things , computer security , fuzzy logic , order (exchange) , service (business) , perspective (graphical) , information security , control (management) , security controls , artificial intelligence , economy , finance , economics , programming language
Internet of Things (IoT) accelerating growth exposes many unsecured issues related to the design and the usage of network integrated devices. This paper presents a fuzzy evaluation method, based on both IOT hardware/software developers’ and users’ knowledge, creating an novel model to aid correctness actions over security procedures, in order to increase the IOT safeness usage. This method combines both the developer’s and user’s perspectives, creating an integrated adaptive evaluation attached to the Information Technology security standards and best practices guidelines. The proposed evaluation method is divided by categories, each one composed of security control clauses and their corresponding action recommendation. The user perspective of such evaluation method was applied into a service company, and the developer perspective was defined by an IoT device manufacturer. The obtained results have shown that the evaluation method enhances both the manufacturer security awareness and the IOT users experience in the improvement of security IoT issues.