Security Requirements and Solutions for IoT Gateways: A Comprehensive Study

The need for improving the security level of Internet-of-Things (IoT) systems is growing. Users may refrain from using such systems if they realize that security measures are not in place. In this context, one of the most important IoT components has not received the necessary attention by the community: the gateway. IoT gateways play a central role in an IoT system as they solve heterogeneity issues. However, if compromised, gateways can be a source of security threats, and these threats become more relevant due to the gateway's central role. Gateways connect IoT devices and cloud services, and successful attacks on this component may exploit this fact. Using a well-known security requirements (SRs) engineering approach, this article evaluates and prioritizes SRs specifically for IoT gateways. The prioritization highlights a set of SRs that must be observed when evaluating and improving the gateway security level. Also, current solutions are detailed to support the enforcement of such SRs. Finally, a set of open challenges are discussed to highlight current research gaps that must be addressed to support SRs.

Automated summary

This article discusses the importance of improving the security level of IoT systems, with a focus on the security issues of IoT gateways. It evaluates and prioritizes security requirements for IoT gateways, detailing current solutions and discussing open challenges.