Detalhes bibliográficos
| Ano de defesa: |
2022 |
| Autor(a) principal: |
GOMES, Diego Ribeiro
 |
| Orientador(a): |
LINS, Fernando Antonio Aires |
| Banca de defesa: |
DOMINGUES, Jeísa Pereira de Oliveira,
CORREIA NETO, Jorge da Silva,
ROSA, Nelson Souto |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Universidade Federal Rural de Pernambuco
|
| Programa de Pós-Graduação: |
Programa de Pós-Graduação em Informática Aplicada
|
| Departamento: |
Departamento de Estatística e Informática
|
| País: |
Brasil
|
| Palavras-chave em Português: |
|
| Área do conhecimento CNPq: |
|
| Link de acesso: |
http://www.tede2.ufrpe.br:8080/tede2/handle/tede2/8674
|
Resumo: |
Within the Internet of Things, gateways are devices that play a strategic role in the communication of devices with the external environment. Gateways help with the problem of heterogeneity, acting to conduct the communication of devices even if they use different protocols. However, given its centralized and strategic position in an IoT network, gateway security becomes even more relevant. A successful attack on this device could leave everything inside the Internet of things (IoT) system vulnerable. In this context, considering traditional security requirements, authentication is incredibly important in IoT systems, since it is important that devices go through an authentication process before being inserted into the environment. In this dissertation, the main objective is to evaluate the authentication compliance levels of IoT gateways currently used in the community. For this, an evaluation methodology was developed, described in Business Process Model and Notation (BPMN), to evaluate authentication requirements in IoT gateways. Consequently, it was possible to analyze and select several authentication requirements published by internationally recognized technical organizations, such as IoTSF and OWASP. The gateways currently used in IoT were surveyed, installed, and configured, and the requirements inspection process was performed. In terms of results, it was possible to observe that current gateways, in their default configuration, can only meet approximately 66% of the authentication requirements presented by technical organizations. |
