Archivio Istituzionale della RicercaThe development of cloud-connected Internet of Things (IoT) systems is becoming more and more affordable, even to novice programmers, thanks to dedicated cloud platforms that already integrate the core functionality needed by an IoT system. In this context, a growing number of IoT systems are being developed and deployed on open networks, often without integrating adequate security in the process. Novice IoT programmers, in particular, tend to overlook security issues, as confirmed by a small user study. Starting from this risk, the paper analyzes the security features available in two major cloud-IoT platforms (Amazon Web Services and Microsoft Azure) and highlights those settings, tools, and practices designed to ensure more secure implementations. We observed that these platforms would reasonably address many security problems detected in the study, if only the correct features were identified and used. The paper finally contributes a set of guidelines to support novice IoT developers in avoiding the main and recurrent security issues in their projects and better exploiting cloud-IoT platforms' inherent security features.
Helping Novice Developers Harness Security Issues in Cloud-IoT Systems / Corno, Fulvio; De Russis, Luigi; Mannella, Luca. - In: JOURNAL OF RELIABLE INTELLIGENT ENVIRONMENTS. - ISSN 2199-4676. - ELETTRONICO. - 8:(2022), pp. 261-283. [10.1007/s40860-022-00175-4]
Helping Novice Developers Harness Security Issues in Cloud-IoT Systems
Corno, Fulvio;De Russis, Luigi;Mannella, Luca
2022
Abstract
The development of cloud-connected Internet of Things (IoT) systems is becoming more and more affordable, even to novice programmers, thanks to dedicated cloud platforms that already integrate the core functionality needed by an IoT system. In this context, a growing number of IoT systems are being developed and deployed on open networks, often without integrating adequate security in the process. Novice IoT programmers, in particular, tend to overlook security issues, as confirmed by a small user study. Starting from this risk, the paper analyzes the security features available in two major cloud-IoT platforms (Amazon Web Services and Microsoft Azure) and highlights those settings, tools, and practices designed to ensure more secure implementations. We observed that these platforms would reasonably address many security problems detected in the study, if only the correct features were identified and used. The paper finally contributes a set of guidelines to support novice IoT developers in avoiding the main and recurrent security issues in their projects and better exploiting cloud-IoT platforms' inherent security features.
| File | Dimensione | Formato | |
|---|---|---|---|
|
[2022-04-11] PostPrint HelpingNoviceDevsHarnessSecurityIssuesInCloud-IoTSystems.pdf
accesso aperto
Descrizione: Articolo principale
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Creative commons
Dimensione
622.85 kB
Formato
Adobe PDF
|
622.85 kB | Adobe PDF | Visualizza/Apri |
|
[2022-05-13] HelpingNoviceDevsHarnessSecurityIssuesInCloud-IoTSystems.pdf
accesso aperto
Descrizione: Published version v1.1
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Creative commons
Dimensione
1.36 MB
Formato
Adobe PDF
|
1.36 MB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2960962