A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System

Bruno Dorsemaine; Jean Philippe Gaulier; Jean Philippe Wary; Nizar Kheir; Pascal Urien

doi:10.1109/ICDCSW.2017.22

A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System

Bruno Dorsemaine, Jean Philippe Gaulier, Jean Philippe Wary, Nizar Kheir, Pascal Urien

Orange

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

In this paper, we propose a new approach to manage the threats brought by an IoT infrastructure to a legacy information system (IS). We first give a state of art for information security properties in IoT and IS based on standards such as ISO 16982 and ISO 27005 and a previously published taxonomy. Then we detail an innovative method, based on the evaluation of threats brought by an IoT infrastructure onto an IS. It is represented as a qualitative matrix between IoT infrastructure threats and the Security properties of the IS. The method is then applied to the use case of connected light bulbs. Thanks to this approach, it is possible to logically organize threat management while integrating an IoT infrastructure into an IS.

Original language	English
Title of host publication	Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017
Editors	Joao E. Ferreira, Teruo Higashino, Aibek Musaev
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	105-112
Number of pages	8
ISBN (Electronic)	9781538632925
DOIs	https://doi.org/10.1109/ICDCSW.2017.22
Publication status	Published - 13 Jul 2017
Event	37th IEEE International Conference on Distributed Computing Systems Workshops, ICDCSW 2017 - Atlanta, United States Duration: 5 Jun 2017 → 8 Jun 2017

Publication series

Name	Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017

Conference

Conference	37th IEEE International Conference on Distributed Computing Systems Workshops, ICDCSW 2017
Country/Territory	United States
City	Atlanta
Period	5/06/17 → 8/06/17

Keywords

Internet of Things
information systems
security
threat management

Access to Document

10.1109/ICDCSW.2017.22

Cite this

Dorsemaine, B., Gaulier, J. P., Wary, J. P., Kheir, N., & Urien, P. (2017). A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System. In J. E. Ferreira, T. Higashino, & A. Musaev (Eds.), Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017 (pp. 105-112). Article 7979802 (Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICDCSW.2017.22

Dorsemaine, Bruno ; Gaulier, Jean Philippe ; Wary, Jean Philippe et al. / A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System. Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017. editor / Joao E. Ferreira ; Teruo Higashino ; Aibek Musaev. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 105-112 (Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017).

@inproceedings{d9bf81dbeb364155b569c8d926f8dc21,

title = "A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System",

abstract = "In this paper, we propose a new approach to manage the threats brought by an IoT infrastructure to a legacy information system (IS). We first give a state of art for information security properties in IoT and IS based on standards such as ISO 16982 and ISO 27005 and a previously published taxonomy. Then we detail an innovative method, based on the evaluation of threats brought by an IoT infrastructure onto an IS. It is represented as a qualitative matrix between IoT infrastructure threats and the Security properties of the IS. The method is then applied to the use case of connected light bulbs. Thanks to this approach, it is possible to logically organize threat management while integrating an IoT infrastructure into an IS.",

keywords = "Internet of Things, information systems, security, threat management",

author = "Bruno Dorsemaine and Gaulier, \{Jean Philippe\} and Wary, \{Jean Philippe\} and Nizar Kheir and Pascal Urien",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 37th IEEE International Conference on Distributed Computing Systems Workshops, ICDCSW 2017 ; Conference date: 05-06-2017 Through 08-06-2017",

year = "2017",

month = jul,

day = "13",

doi = "10.1109/ICDCSW.2017.22",

language = "English",

series = "Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "105--112",

editor = "Ferreira, \{Joao E.\} and Teruo Higashino and Aibek Musaev",

booktitle = "Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017",

}

Dorsemaine, B, Gaulier, JP, Wary, JP, Kheir, N & Urien, P 2017, A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System. in JE Ferreira, T Higashino & A Musaev (eds), Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017., 7979802, Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017, Institute of Electrical and Electronics Engineers Inc., pp. 105-112, 37th IEEE International Conference on Distributed Computing Systems Workshops, ICDCSW 2017, Atlanta, United States, 5/06/17. https://doi.org/10.1109/ICDCSW.2017.22

A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System. / Dorsemaine, Bruno; Gaulier, Jean Philippe; Wary, Jean Philippe et al.
Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017. ed. / Joao E. Ferreira; Teruo Higashino; Aibek Musaev. Institute of Electrical and Electronics Engineers Inc., 2017. p. 105-112 7979802 (Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System

AU - Dorsemaine, Bruno

AU - Gaulier, Jean Philippe

AU - Wary, Jean Philippe

AU - Kheir, Nizar

AU - Urien, Pascal

PY - 2017/7/13

Y1 - 2017/7/13

N2 - In this paper, we propose a new approach to manage the threats brought by an IoT infrastructure to a legacy information system (IS). We first give a state of art for information security properties in IoT and IS based on standards such as ISO 16982 and ISO 27005 and a previously published taxonomy. Then we detail an innovative method, based on the evaluation of threats brought by an IoT infrastructure onto an IS. It is represented as a qualitative matrix between IoT infrastructure threats and the Security properties of the IS. The method is then applied to the use case of connected light bulbs. Thanks to this approach, it is possible to logically organize threat management while integrating an IoT infrastructure into an IS.

AB - In this paper, we propose a new approach to manage the threats brought by an IoT infrastructure to a legacy information system (IS). We first give a state of art for information security properties in IoT and IS based on standards such as ISO 16982 and ISO 27005 and a previously published taxonomy. Then we detail an innovative method, based on the evaluation of threats brought by an IoT infrastructure onto an IS. It is represented as a qualitative matrix between IoT infrastructure threats and the Security properties of the IS. The method is then applied to the use case of connected light bulbs. Thanks to this approach, it is possible to logically organize threat management while integrating an IoT infrastructure into an IS.

KW - Internet of Things

KW - information systems

KW - security

KW - threat management

U2 - 10.1109/ICDCSW.2017.22

DO - 10.1109/ICDCSW.2017.22

M3 - Conference contribution

AN - SCOPUS:85027526291

T3 - Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017

SP - 105

EP - 112

BT - Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017

A2 - Ferreira, Joao E.

A2 - Higashino, Teruo

A2 - Musaev, Aibek

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 37th IEEE International Conference on Distributed Computing Systems Workshops, ICDCSW 2017

Y2 - 5 June 2017 through 8 June 2017

ER -

Dorsemaine B, Gaulier JP, Wary JP, Kheir N, Urien P. A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System. In Ferreira JE, Higashino T, Musaev A, editors, Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017. Institute of Electrical and Electronics Engineers Inc. 2017. p. 105-112. 7979802. (Proceedings - IEEE 37th International Conference on Distributed Computing Systems Workshops, ICDCSW 2017). doi: 10.1109/ICDCSW.2017.22

A New Threat Assessment Method for Integrating an IoT Infrastructure in an Information System

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this