معماری امنیتی برای اینترنت اشیا: تحلیل و بهبود مدل سه‌لایۀ ابر اینترنت اشیا

شیردل, محمد; امیری, مقصود; افشار‌کاظمی, محمدعلی; ﻣﻌﺘﺪل, ﻣﺤﻤﺪرﺿﺎ

doi:10.22034/aimj.2025.512942.1631

معماری امنیتی برای اینترنت اشیا: تحلیل و بهبود مدل سه‌لایۀ ابر اینترنت اشیا

نوع مقاله : مقاله پژوهشی

نویسندگان

محمد شیردل ¹

مقصود امیری ²

محمدعلی افشار‌کاظمی ³

ﻣﺤﻤﺪرﺿﺎ ﻣﻌﺘﺪل ⁴

¹ دانشجوی دکتری، گروه مدیریت فناوری اطلاعات، واحد علوم و تحقیقات، دانشگاه آزاد اسلامی، تهران، ایران

² استاد، گروه مدیریت صنعتی، دانشکدۀ مدیریت و حسابداری، دانشگاه علامه طباطبائی، تهران، ایران

³ دانشیار، گروه مدیریت صنعتی، دانشکدۀ مدیریت، واحد تهران مرکزی، دانشگاه آزاد اسلامی، تهران، ایران

⁴ استادیار، گروه مدیریت صنعتی، واحد تهران مرکزی، دانشگاه آزاد اسلامی، تهران، ایران

10.22034/aimj.2025.512942.1631

چکیده

با گسترش تعداد دستگاه‌های هوش‌مند و برنامه‌های مرتبط، حجم چشمگیری داده تولید می‌شود که در خودکارسازی فعالیت‌های روزمره نقش مهمی ایفا می‌کند. این کلان‌داده‌ها به پردازش سریع، ذخیره‌سازی ایمن و انتقال مطمئن از طریق کانال‌های امن نیاز دارند تا از تهدیدها و حمله‌های مخرب محافظت شوند. حفاظت از حریم خصوصی، همواره یکی از چالش‌های اصلی فضای مجازی بوده و با ظهور اینترنت اشیا (IoT) این چالش ابعاد گسترده‌تری یافته است. در این مقاله، یک مدل ارزیابی مبتنی بر معماری سه‌لایۀ اینترنت اشیا، شامل لایه‌های ادراک، انتقال و کاربرد ارائه شده است. برای هر لایه، شاخص‌های عملکردی خاصی تعریف و به‌کار گرفته شده است. به‌منظور ارزیابی عملکرد سیستم، نظرهای خبرگان جمع‌آوری شد و با استفاده از روش تصمیم‌گیری تاپسیس فازی، اولویت‌بندی شاخص‌ها صورت گرفت. همچنین، مدل‌های امنیتی نظیر رمزنگاری سبک‌وزن سایمون و احراز هویت متقابل، به‌صورت جداگانه به هر لایه افزوده و تأثیر هر یک بر عملکرد کلی سیستم تحلیل شد. برای پیاده‌سازی این الگوریتم‌ها، از میکروکنترلرSTM32F4 با پردازندۀARM Cortex-M4 که توانایی پردازشی مناسب و قابلیت اندازه‌گیری دقیق شاخص‌های امنیتی و عملکردی را فراهم می‌سازد، استفاده شد. نتایج نهایی نشان می‌دهد که مدل پیشنهادی به بهبود سطح امنیت و کاهش آسیب‌پذیری در برابر حمله‌های سایبری منجر می‌شود.

کلیدواژه‌ها

معماری امنیتی

اینترنت اشیا

مدل سه لایه ابر اینترنت اشیا

عنوان مقاله English

Improving the Security of the Three-Tier IoT Cloud Model Using Simon Algorithm and Mutual Authentication

نویسندگان English

Mohammad shirdel ¹

Maghsoud Amiri ²

Mohamad Ali Afshar Kazemi ³

Mohamad Reza Motadel ⁴

¹ Ph.D. Candidate, Department of Information Technology , Faculty of Management, Science and Research Branch, Islamic Azad University, Tehran, Iran

² Prof., Department of Industrial Management, Faculty of Management and Accounting, Allameh Tabataei University, Tehran, Iran

³ Associate Prof., Department of Management, Faculty of Management, Central Tehran Branch, Islamic Azad University, Tehran, Iran

⁴ Assistant Prof., Department of Industrial Management, Faculty of Management, Central Tehran Branch, Islamic Azad University, Tehran, Iran

چکیده English

With the expansion of the number of smart devices and related applications, a significant volume of data is generated, which plays an important role in automating everyday activities. This big data requires fast processing, secure storage, and reliable transmission through secure channels to protect it from malicious threats and attacks. Privacy protection has always been one of the main challenges in cyberspace, and with the emergence of the Internet of Things (IoT), this challenge has gained wider dimensions. In this paper, an evaluation model based on the three-tier architecture of the Internet of Things, including perception, transmission, and application layers, is presented. Specific performance indicators are defined and applied for each layer. In order to evaluate the system performance, expert opinions are collected and the indicators are prioritized using the fuzzy TOPSIS decision-making method. Also, security models such as Simon lightweight encryption and mutual authentication have been added to each layer separately and their impact on the overall system performance has been analyzed. To implement these algorithms, an STM32F4 microcontroller with an ARM Cortex-M4 processor has been used, which provides adequate processing power and the ability to accurately measure security and performance indicators. The final results show that the proposed model leads to improved security levels and reduced vulnerability to cyber attacks.

کلیدواژه‌ها English

Security architecture

Internet of things

Three-layer model IoT

احمدوند، بهناز و جهانشاهی، آرتین (1402). بررسی الگوی مطلوب قانون‌گذاری حفاظت از داده شخصی در بستر اینترنت اشیا در پرتو مطالعات تطبیقی، سیاست‌گذاری عمومی، 9(1)، 47- 63. https://doi.org/10.22059/jppolicy.2023.92988

رنجبر، امیرحسین (1401). مروری بر ضرورت اینترنت اشیا در پروژه‌های شهر هوشمند رویکرد نوین در توسعۀ پایدار شهری. پژوهش‌های کاربردی در مدیریت و علوم انسانی، 3(7)، 35-46. https://civilica.com/doc/1700535

شاهزاده فاضلی، سیدابوالفضل؛ قوه ندوشن، اعظم و زارع‌پور احمدآبادی، جمال (1403). بهبود سرعت سیستم تشخیص نفوذ از طریق کاهش حجم داده‌ها با استفاده از DBSCAN مبتنی بر هسته. پدافند الکترونیکی و سایبری، 12(4)، 89-102.

Alamer, A. (2024). A privacy-preserving federated learning with a secure collaborative for malware detection models using Internet of Things resources. Internet of Things, 25(5), 1-25. https://doi.org/10.1016/j.IoT.2023.101015

Al-Dulaimy, A., Jansen, M., Johansson, B., Trivedi, A., Iosup, A., Ashjaei, M., ... & Papadopoulos, A. V. (2024). The computing continuum: From IoT to the cloud. Internet of Things, 27, 101272.

Ali, B. & Awad, A. (2018). Cyber and physical security vulnerability assessment for IoT-based smart homes. Journal Sensors, 18(3), 1-17. http://dx.doi.org/10.3390/s18030817

Appel, M., Bossert, A., Cooper, S., Kußmaul, T., Löffler, J., Pauer, C. & Wiesmaier, A. (2016). Block ciphers for the iot–simon, speck, katan, led, tea, present, and sea compared.sProc. Appel Block CF, 1-37. https://tubiblio.ulb.tu-darmstadt.de/id/eprint/104856

Arvind, S. & Narayanan, V. A. (2019). An Overview of Security in CoAP: Attack and Analysis. International Conference on Advanced Computing & Communication Systems (ICACCS), pp. 655–660, https://doi.org/10.1109/ICACCS.2019.8728533

Balogh, S., Gallo, O., Ploszek, R., Spacek, P. & Zajac, P. (2021). IoT Security Challenges: Cloud and Blockchain, Postquantum Cryptography, and Evolutionary Techniques. Electronics, 10(21), 2647. https://doi.org/10.3390/electronics10212647

Behera, M., Mohapatra, S. K., Samal, U. C., Khan, M. S., Daneshmand, M. & Gandomi, A. H. (2019). Residual energy-based cluster-head selection in wsns for IoT application. IEEE Internet of Things Journal, 6, 5132–5139. http://dx.doi.org/10.1109/JIOT. 2019.2897119

Binti Harum, N., Zakaria, N. A., Emran, N. A., Ayop, Z., & Anawar, S. (2019). Smart book reader for visual impairment person using IoT device. International Journal of Advanced Computer Science and Applications, 10(2), 251-255.

Burke, D. (2018). Preventing DDOS Attacks against IoT Devices. PhD Thesis, Utica College.

Canedo, J. & Skjellum, A. (2016). Using machine learning to secure IoT systems. Annual Conference on Privacy, Security and Trust (PST), pp. 219–222, IEEE. https://doi.org/10.1109/PST.2016.7906930

Chen, J., Touati, C. & Zhu, Q. (2019). Optimal secure two-layer IoT network design. IEEE Transactions on Control of Network Systems. https://doi.org/10.1109/TCNS.2019.2906893

Choi, J., In, Y., Park, C., Seok, S., Seo, H. & Kim, H. (2018). Secure IoT framework and 2D architecture for End-To-End security. Journal of Supercomputing, 74(8), 3521–3535. https://link.springer.com/article/10.1007/s11227-016-1684-0

Djenna, A., Harous, S. & Saidouni, D.E. (2021). Internet of Things Meet Internet of Threats: New Concern Cyber Security Issues of Critical Cyber Infrastructure. Applied sciences, 11(10), 4580. https://doi.org/10.3390/app11104580

Dovom, E. M., Azmoodeh, A., Dehghantanha, A., Newton, D. E., Parizi, R. M. & Karimipour, H. (2019). Fuzzy pattern tree for edge malware detection and categorization in IoT. Journal of Systems Architecture, 97, 1–7. https://doi.org/10.1016/j.sysarc.2019.01.017

Grassi, P., Garcia, M. & Fenton, J. (2017). DRAFT NIST Special Publication 800-63-3 Digital Identity Guidelines. National Institute of Standards and Technology, Los Altos, CA. https://doi.org/10.6028/NIST.SP.800-63-3

Halgamuge, M. N. & Niyato, D. (2025). Adaptive edge security framework for dynamic IoT security policies in diverse environments. Computers & Security, 148(2),17-38. http://dx.doi.org/10.1016/j.cose.2024.104128

Ismail, Sh., Nouman, M., Dawoud, D. W. & Reza. H. (2024).Towards a lightweight security framework using blockchain and machine learning. Blockchain: Research and Applications, 5(1), 1-12. http://dx.doi.org/10.1016/j.bcra.2023.100174

Kamaludeen, N. B. A., Lee, S. P. & Parizi, R. M. (2019, July). Guideline-based approach for IoT home application development. In 2019 international conference on internet of things (iThings) and IEEE green computing and communications (GreenCom) and IEEE cyber, physical and social computing (CPSCom) and IEEE smart data (SmartData) (pp. 929-936). IEEE.

Khan. Y., Su’ud, M.B.M., Alam, M.M., Ahmad, S.F., Salim, N.A. & Khan, N. (2023). Architectural Threats to Security and Privacy: A Challenge for Internet of Things (IoT) Applications. Electronics (Switzerland), 12(1), 88-108. https://doi.org/10.3390/electron ics12010088

Kirikkayis, Y., Winter, M. & Reichert, M. (2024). A User Study on Modeling IoT-Aware Processes with BPMN 2.0. Information 2024, 15, 229.

Krishnamurthy, V., Jothi, S. & Karuppiah, S. V. (2023). HO-DQLN: Hybrid optimization-based deep Q-learning network for optimizing QoS requirements in service oriented model. Expert Systems with Applications. 227(12). https://doi.org/10.1016/j.eswa.2023.120188

Li, Y., Shi, L., Cheng, P., Chen, J. & Quevedo, D. E. (2015).Jamming Attacks on Remote State Estimation in Cyber-Physical Systems: A Game-Theoretic Approach. IEEE Transactions on Automatic Control, 60(10), 2831–2836. http://dx.doi.org/10.1109/TAC.2015.2461851

Liu, H., Yang, B. & Liu, T. (2014). Efficient Naming, Addressing and Profile Services in Internet-of-Things Sensory Environments. Ad Hoc Networks, 18, 85–101. http://dx.doi.org/10.1016/j.adhoc.2013.02.008

Mashal, I., Alsaryrah, O., Chung, TY., Yang, C Z., Kuo, WH. & Agrawal, D. P. (2015). Choices for interaction with things on Internet and underlying issues. Ad Hoc Networks, 28, 68–90. https://doi.org/10.1016/j.adhoc.2014.12.006

Mazhar, T., Talpur, D. B., Shloul, T. A., Ghadi, Y.Y., Haq, I., Ullah, I., Ouahada, K. & Hamam, H. (2023). Analysis of IoT Security Challenges and Its Solutions Using Artificial Intelligence. Brain Sci., 13, 683. https://doi.org/10.3390/brainsci13040683

Ngu, H., Gutierrez, M., Metsis, V., Nepal, S. & Sheng, Q. Z. (2016). IoT Middleware: A Survey on Issues and Enabling Technologies,” IEEE Internet of Things Journal, vol. 4, no. 1, pp. 1–20. https://doi.org/10.1109/JIOT.2016.2615180

Paranjothi, A., Tanik, U., Wang, Y. & Khan, M. S. (2019). Hybrid-vehfog: A robust approach for reliable dissemination of critical messages in connected vehicles. Transactions on Emerging Telecommunications Technologies, 30(6), 35-55. http://dx.doi.org/10.1002/ett.3595

Puthal, D., Nepal, S., Ranjan, R. & Chen, J. (2016). Threats to networking cloud and edge datacenters in the Internet of Things. IEEE Cloud Computing, 3(3), 64–71. http://dx.doi.org/10.1109/MCC.2016.63

Qi, P., Chiaro, D. & Piccialli, F. (2025). Small models, big impact: A review on the power of lightweight Federated Learning. Future Generation Computer Systems, 16, 1-15. https://doi.org/10.1016/j.future.2024.107484

Ray, P P. (2018). A Survey on Internet of Things Architectures. Journal of King Saud University - Computer and Information Sciences, 30, 291– 319. https://doi.org/10.1016/j.jksuci.2016.10.003

Ren, J., Guo, H., Xu, C. & Zhang, Y. (2017). Serving at the edge: A scalable IoT architecture based on transparent computing. IEEE Network, 31(5), 96–105. https://doi.org/10.1109/MNET.2017.1700030

Said, O. & Masud, M. (2013). Towards internet of things: survey and future vision. International Journal of Computer Networks, 5(1), 1–17. https://www.researchgate.net/publication/297141894

Sakhnini, J., Karimipour, H., Dehghantanha, A., Parizi, R. M. & Srivastava, G. (2019). Security aspects of internet of things aided smart grids: A bibliometric survey. Internet of Things, 14, 1-19. https://doi.org/10.1016/j.IoT.2019.100111

Salah, Kh. & Khan, M. (2018). IoT Security: Review, Blockchain Solutions, and Open Challenges. Future Generation Computer Systems, 82, 395–411. http://dx.doi.org/10.1016/j.future.2017.11.022

Santos, J., Rodrigues, J. J., Silva, B. M., Casal, J., Saleem, K. & Denisov, V. (2016). An IoT-Based Mobile Gateway for Intelligent Personal Assistants on Mobile Health Environments. Journal of Network and Computer Applications, 71, 194–204. https://doi.org/10.1016/j.jnca.2016.03.014

Sethi, M., Arkko, J. & Keränen, A. (2017). End-to-End Security for Sleepy Smart Object Networks. Annual IEEE Conference on Local Computer Networks-Workshops, pp. 964–972. https://doi.org/10.1109/LCNW.2012.6424089

Sethi, P., & Sarangi, S. R. (2017). Internet of things: architectures, protocols, and applications. Journal of electrical and computer engineering, 2017(1), 9324035.

Srivastava, G., Parizi, R. M., Dehghantanha, A. & Choo, K.-K. R. (2019). Data sharing and privacy for patient IoT devices using blockchain. Smart City and Informatization, (iSCI 2019), pp 334–348.

Taherdoost, H. (2023). Security and Internet of Things: Benefits, Challenges, and Future Perspectives. Electronics, 12, 1-19. https://doi.org/10.3390/electronics12081901

Wang, D., Ming, J., Chen, T., Zhang, X. & Wang, C. (2018). Cracking IoT Device User Account via Brute-force Attack to SMS Authentication Code. In Proceedings of the First Workshop on Radical and Experiential Security, pp. 57–60. http://dx.doi.org/10.1145/3203422.3203426

Wang, H., Wang, Y., & Jin, J. (2024). Application of multimodality perception scene construction based on Internet of Things (IoT) technology in art teaching. PeerJ Computer Science, 10, e2047.

Wu, M., Lu, TJ., Ling, FY., Sun, J. & Du, HY. (2010). Research on the architecture of internet of things,” 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), 5, 483–507. http://dx.doi.org/10.1109/ICACTE.2010.5579493

Yang, Y., Wu, L., Yin, G., Li, L. & Zhao, H. (2017). A survey on security and privacy issues in Internet-of-Things. IEEE Internet Things, 4, 1250–1258. https://doi: 10.1109/JIOT.2017.2694844

Zarca, A. M., Bernal Bernabe, J., Farris, I., Khettab, Y., Taleb, T. & Skarmeta, A. (2018).Enhancing IoT security through network softwarization and virtual security appliances. International Journal of Network Management, 28(5), 20-38. https://doi.org/10.1002/nem.2038

Zhang, W., Meng, Y., Liu, Y., Zhang, X., Zhang, Y. & Zhu, H.( 2018). Homonit: Monitoring Smart Home Apps from Encrypted Traffic. ACM SIGSAC Conference on Computer and Communications Security, pp. 1074–1088, ACM. https://doi.org/10.1145/3243734.3243820