INTERNET OF THINGS A STUDY ON SECURITY AND PRIVACY THREATSMd .docx

INTERNET OF THINGS: A STUDY ON SECURITY AND
PRIVACY THREATS
Md Husamuddin
Dept. of computer science
College of CS and IT, Al-Baha University
Al-Baha, Kingdom of Saudi Arabia
Dr. [email protected]
ABSTRACT
The current world is driven by new, developing technologies.
This has resulted in a variety of smart devices in the society
that has impacted positively on the lives of people in the
community. However, the organization has been experiencing
threats and cyberattacks that mostly targets the private
information. Therefore, in this paper, my discussion is centered
on the different applications of the internet of things as well as
security threats that are involved.
Keywords: security, privacy.
INTRODUCTION
The Internet of things is the most significant of the future of the
internet. IoT has a global network through which ant object can
connect with the other devices that are also linked on the
internet. These devices include computers, tabs, cell phones,
among many others. Generally, the internet of things is a system
made up of connected things. This machine contains a
microchip that connects all the methods related to it.
Microchips serve the function of tracking the surrounding of the
network and to give the report in case of any findings pertaining
to the internet. The meaning of PC wrongdoing and cloud

wrongdoing will be come to out to the IoT wrongdoing, which
talks to any malignant development that incorporates the IoT
worldview as within the IoT contraptions, organizations, or
correspondence channels can be a subject, thing, or gadget
recognized with the infringement. To investigate these sorts of
cases, it is required to execute computerized crime scene
examination technique within the IoT to choose the substances
around an event. The meaning of a capable and adjust IoT
progressed lawful sciences method is still at its unimaginable
intrigued (Husamuddin, 2015). The most significant part of IoT
is that it makes it possible for different entities to be
communicated and to be accessed via the internet. This is very
economical as a result, attracts many devices to be connected to
the internet (Balte &Patil,2015). Research shows that more than
40 billion devices in 2019 got connected, and a higher risk of
this is expected in the current year.
SECURITY REQUIREMENTS
The rate at which technologies are emerging is so high, and this
has lead to threats as well as a privacy issue. The smart devices
arising from this technology will interact with other devices and
transmit information in the network (Balte, &Patil,2015). If a
computer gets infected, the effects ripples to other devices in
the system; thus, the whole internet infrastructure would be at
risk. As soon as an attack spot has been identified, it is feasible
to enumerate the safety vulnerabilities and risk prone regions
requiring defense-in-intensity protection. Such safety refers to a
typically used approach to protect important data on company
networks wherein security controls are set up at a couple of
tiers of the IT information technology infrastructure. The
critical security issues are the validity of data, the privacy of
data, accountability of data, and accessibility of data. The
highlighted points are the main security concerns that are
related to the privacy of the information in the network.
Without suitable security and assurance defending frameworks,

IoT fog can't be grasped in any case of its esteem. The
inconvenience does not fair begin from the interoperability
issue, however in expansion the planning ask of security
courses of action (Varga, P., Plosz, S., Soos, G., & Hegedus,
2017).
IOT TECHNOLOGIES AND SECURITY THREATS
Wireless Sensor Network (WSN)
The sensor wireless network is a technique that comprises of a
variety of small cells that are called sensor nodes and other
computing components called actuators. The primary purpose of
sensor nodes is to facilitate data processing and communication.
This technique can be applied in fields such as healthcare,
military, logistics, and many others (Botta, 2020). this network
is prone to attacks since it acts as a transimmitio channel for
broadcasting. The major threats to this network include;
physical attacks from hackers due to the fact that this network
can’t stop unauthorized physical access. Node replication. In
this, the id of the node is moved to a network together with a
sensor resulting in disruption of the network performance.
Sinkhole attack. This is where an intruder takes possession of
the node from the internet and then attracts the traffic from the
neighbor nodes. As a result, this can lead to the alteration of the
information such as deleting or the changing of the data.
Another threat to this network is service attack denial. The
services to the legitimate user are made unavailable by the
intruders. Another technology and its security threats are Radio
Frequency Identification Technology that consists of a specific
identity on the tags, and this is incorporated to the object
(Botta, 2020). This tag serves as an identifier for the purpose.
This technique is mostly applicable to the healthcare field.
CONCLUSION

IoT is among the significant emerging technologies in the
world.the data transmitted through the sensors carry sensitivity
information that needs protection from the attackers. To
archive, this IoT technology must incorporate services such as
encryption, access control for a real-time, end to end
environment as well as critical infrastructure protection. This
will make it possible for the consumers to control tasks
automatically and effectively using IOT technology. In the
future, more changes pertaining to the security of smart devices,
as well as privacy measures of communication in IOT, will
advance and this will win the trust of the operators. Threats
involved in this technique include tag cloning, tag swapping
that consists of the process of replacing two tags that are of
different products with each other, physical data modification,
and service denial to the legitimate user.
BIBLIOGRAPHY
Balte, A., Kashid, A., &Patil, B. (2015). Security Issues in the
Internet of Things (IoT): A Survey. International Journal of
Advanced Research in Computer Science and Software
Engineering, 5(4), 450-455. ISSN: 2277, 128X.
SHIELDING IOT AGAINST CYBER-ATTACKS: AN EVENT-
BASED APPROACH USING SIEM
Daniel Díaz López,1 María Blanco Uribe,1 Claudia Santiago
Cely,1 Andrés Vega Torres,1 Nicolás Moreno
Guataquira,1 Stefany Morón Castro,1 Pantaleone
Nespoli,2 and Félix Gómez Mármol.
ABSTRACT
The massive growth in the internet of things has led to a variety
of machines in diverse industries. However, there is presently
inadequate security for these new smart objects in the market.

This has risen the need for safety solutions to these issues, and
the most desirable techniques have been developed to offer a
solution to this problem. This paper proposes the best security
solution derived from the management of security events that
clearly determines any malicious activity on this model.
Different vulnerabilities relating to this technique are pointed
out so that solution measures can be undertaken. In this paper,
three attack events are generated, exploited vulnerabilities, and
the response that could be launched to solve and curb the attack
on IoT devices. This paper generally proposes the best approach
that can be used to protect the IoT ecosystem.
Keywords: Privacy, security, and trust on the internet of things
INTRODUCTION
IoT devices have rapidly grown and have attracted attention
from several fields in the society. It is an emerging technology
in the decade is with the capability to be developed to perform
efficiently as intended. The main area of concern in this paper
is the proposal security method that can be applied in IoT to
deal with security issues affecting the performance of this
technology. When mulling over the IoT contraptions, it is basic
to get it that, comparative to a few other contraptions, security
can't be guaranteed. IoT security is certifiably not a combined
suggestion of secure or temperamental. Or maybe, it is
profitable to conceptualize IoT security as a run of contraption
weakness (Rodriguez-Mota, A., Escamilla-Ambrosio, P. J.,
Happa, J., & Nurse, 2016). Detailed security events of IoT and
the proposed security to each scenario. Another sector focuses
on the security issues for the IoT devices and the last part about
the proposed security measures. The suggestions of a cyber
assault by means of the web may result within the collapse of
communications networks; the disappointment of electronic
keeping money and major online shops including eBay and
Amazon; the frustration of transport systems, counting discuss

control computers and railroad frameworks; and also the
disappointment of the facility grid, shutting down control
supplies and causing broad power outages. Advanced framework
is especially defenseless to assault. Cyber assaults are difficult
to distinguish and indeed harder to shield against (Corones, S.,
& Lane, 2010). IoT incorporates interconnection a huge number
of contraptions from various producers and businesses and
execution framework for the most part shifts on different
applications and client necessities, heterogeneity of
contraptions and information is of imperative noteworthiness. In
like way, designing has been the establishment of IoT system,
and routine web plan ought to be changed to address IoT
challenges (Yelamarthi, Abdelgawad 2017).
IOT ATTACK SURFACES
This comprises the enablers that are the communication
protocols and channels and targets that are the data and the
processes needed to operate an incident on the IoT devices. The
incident threat on the surface primarily depends on the
connection among variables of the devices. In this issue, once
the attack surface has been determined, the vulnerabilities and
the areas of risks that need protection are identified and
protective measures adopted. The most common surface attacks
include the device web interface, administrative interface,
device network services, cloud web interface, mobile
application, and many others (Yelamarthi, Abdelgawad 2017).
From these vulnerabilities, it is frank that the IoT infrastructure
is vulnerable to security threats from a variety of contexts.
Right now, may be a major investigate opportunity in different
locales, among them Security. Along these lines, right presently
has been presented a novel way to bargain with security
examination for the IoT systems, counting the progression of a
visual dialect structure for the depiction of IoT components and
their blend, a framework to recognize veritable circumstances
where models can be attempted, and a strategy to grant security

courses of action. The heterogeneous thought of the IoT talks to
a major test for the different accomplices locked in with the
advancement of the supporting development and rules
(Rodriguez-Mota, A., Escamilla-Ambrosio, P. J., Happa, J., &
Nurse, 2016).
IOT VULNERABILITIES
Data security in the objects of IoT can be clear comprehended
through the concepts of integrity, confidentiality, and
availability of the information. These are the principles that
underline this technique, and they tend to represent the measure
of the safety levels that this model has implemented.
Unfortunately, these attributes are violated due to the
vulnerabilities associated with this technique. These
vulnerabilities are the ones that increase the surface
attack(“Gartner’s 2016). These vulnerabilities include
cryptography, physical access, device control, and
authentication problems, as discussed in the previous article.
Within the IoT setting, not as it were the client may get to the
information but the authorized question. This requires tending
to two critical viewpoints: to begin with, get to control and
authorization component and moment confirmation and
character administration (IdM) mechanism. The IoT gadget
should be able to confirm that the substance (individual or other
gadgets) is authorized to get to the benefit. The authorization
makes a difference decide if, upon recognizable proof, the
individual or gadget is allowed to get a benefit (Abomhara, M.,
2015).
STATE OF THE ART
Security Information and Event Management (SIEM)
The show cutting edge of the middleware for IoT examines
different ways to bargain with offer assistance a parcel of the

functionalities to work in IoT space. Be that because it may, no
one covers the total course of action of functionalities to meet
the prerequisite of IoT-middleware as broke down here for any
sharp or unavoidable condition (Soma Bandyopadhyay, Munmun
Sengupta, Souvik Maiti, Subhajit Dutta, 2011). This is a model
that reveals the happening of a system, network, or service
showing the breach of information that occurred as well as
offering the security solution to the problem that occurred. The
security event comes from the firewalls, virtual private
networks, intrusion prevention systems, servers, routers, among
others (“Gartner’s 2016). security event management is adopted
to ensure monitoring, normalization, reporting, and integration
of the security incidents. Security event management (SEM)
merge with Security information system (SIM) to facilitate
management of log and to give report so as to update security
information and event management (SIEM). Hence, the SIEM
helps in the discovery of threats and to respond to security
incidents through a deep study of the security issues from a
range of activities as well as sources of data throughout an IT
structure or system. SIEM provides a long period of security
occasions and proper reporting of any security incidents in the
IoT technique.
CONCLUSION
The IoT technology is accompanied by great beneficial
opportunities in the market places. There are a variety of
advanced applications to promote productivity and the quality
of this technology. In this paper, security measures in the IoT
devices have been conducted, and responsive tests also
revealed. The most common security events, attack surfaces,
and vulnerabilities have also been discussed. SIEM system is
the model that has been adopted to generate correlation
guidelines to detect security incidents as well as the responsive
measures.

BIBLIOGRAPHY
K. Yelamarthi, M. S. Aman, and A. Abdelgawad, “An
application-driven modular IoT architecture,” Wireless
Communications and Mobile Computing, vol. 2017, Article ID
1350929, 16 pages, 2017.View at: Publisher Site | Google
Scholar
Gartner, “Gartner’s 2016 Hype Cycle for Emerging
Technologies,” 2016. [Online].
Available: https://www.gartner.com/newsroom/id/3412017.
THE FUTURE INTERNET OF THINGS AND SECURITY OF
ITS CONTROL SYSTEMS
Misty Blowers, USAF Research Laboratory
Jose Iribarne, westrock
Edward Colbert, ICF International, Inc.
Alexander Kott, US Army Research Laboratory
ABSTRACT
The industrial evolution commenced in the 18th century in
Britain. Textile industry marked the beginning of the industrial
revolution. All the work that was performed manually were
brought down to a milling machine in the textile industry,
giving rise to the factory. In the 20th century, the second
industrial revolution took place leading to the mass
development of products. In this particular paper am going to
discuss the change that has occurred in the IoT and its future.
The future of IoT will come at a cost as it involves
technological innovations.
Key terms: Manufacturing and industry
INTRODUCTION
The future of cybersecurity highly depends on the context of the

Internet of Things. All the infrastructure and industrial
contexts, and all the cyber systems are actually all referred to
the IoT. The IoT in the future will most likely subsume the
industrial plants, housing facilities, infrastructure, and all the
methods that are under the control of ICS systems today. For
the development of IoT to take place, a few other things must
accompany its construction such as the increase in the mobility
of devices, growing of automation, ubiquitous robotics as well
as miniaturization of sensors and devices (Allen, 2005). The
future of IoT depends on the enhancement of automation of
machines. It will also involve the emergence of networking and
computing paradigms. Cybersecurity will highly benefit from
system agility in the IoT environment.
FACTORS THAT WILL AFFECT THE FUTURE OF IOT
Various factors are bound to change the future of IoT. These
factors include the building of the future of the IoT. Here
academic along with economic support will be required for the
success of innovations in the IoT and ICS field that will also be
used by others to build the IoT future. The users of the system
is another factor that will affect the future of IoT. These are the
people who will use or consume the innovative systems in
IoT(Allen, 2005). Support is also needed from collaborative
parties so as to enhance the ability of consumers to make use of
innovative products and services. There are various fields in
which I should focus on. These categories include in the first
category; materials, devices, automation, and software. In the
second category, the focus should be on industrial plant users as
well as consumers, and in the third category, the focus should
be on infrastructure and computing as well as in government
collaboration. Various challenges within the IoT are still
beneath investigated. The IoT challenges and open issues are
raised due to two fundamental reasons. These reasons for mass
gathering information for each thing within the IoT framework
and the communication among framework equipment. Gadgets

and controllers are utilized by buyers around the world for
controlling domestic lighting, reconnaissance cameras, vehicles,
and a parcel dynamically locally built up sensors. One
difference is that locally built up contraptions and controllers
are less costly, are mass-produced with commonly destitute
programming and firmware security, and are by and large
related to the Net. Web Control Systems were arranged with the
common understanding that they would have no framework
accessibility to the outside world. In any case, this is often
changing as the trade wishes to manhandle the central focus
inconvenience gave by amplifying framework accessibility.
SUMMARY
The control systems and IT are making good use of every
opportunity that facilitates the development of new hardware
devices as the IoT field continues to grow. New automation is
required due to the increase in the number of devices both in the
consumer and industrial fields. Cloud storage systems, for
example, Microsoft Purplish blue, Amazon Web Organizations
(AWS), Google Docs, and so on., are foreseen to supply
standard entryways for interconnection articles with calculation
and correspondence abilities over a wide reach out of
utilizations, organizations, and advancements. As IoT drives,
distributed computing is foreseen to supply the spine for the
around the globe information dispersal, data investigation (or
calculation) and limit (Tweneboah-Koduah, S., Skouby, K. E.,
& Tadayoni, 2017). Consequently, as automation of machines
continues to increase in the control centre of IoT,
vulnerabilities will also be on the rise both in the software and
hardware devices. In the near future, information originating
from the IoT will soon be facilitated by proxy network servers
such as mobile phones. This will be so because the current
wearables and devices have no inbuilt security and those that
have inbuilt security they have very little. An extensive
software will be required so as to support the future of IoT.

Devices should be equipped with protection enough to safeguard
personal data, and thus IOT devices need to be designed.
SOLUTIONS
Manufacturing will evolve in one way or the other so as to meet
the need of the many changes in the globe. It is predictable that
with the growing population, there will be a shortage of
resources and products to meet consumer needs. Some of the
solutions to curb the above risk are resilience self-adaption in
which means that instead of more resources been designed,
there should an increase in resilience. A resilient product may
be prone to malware attacks but can recover fast from the
incident. Thus, normal functioning of such a device is achieved
faster (Atzori, & Morabito,2010). Mixed trust systems should
also be developed. A mixed trust system is the kind of a system
that is flexible and modifiable and those who can tolerate
untrusted hardware and software. The use of Big Data Analytics
is another solution to the future of IoT. This system is
independent and predictive for it is able to anticipate a malware
attack within a given time and doesn't require human
intervention so as to operate (Atzori, & Morabito,2010).
Proactive threat responsiveness is another solution to the future
of IoT.
BIBLIOGRAPHY
Allen, J. (2005) Governing for Enterprise Security (CMU/SEI-
2005-TN-023). Pittsburgh, PA: Software Engineering Institute,
Carnegie Mellon University
Atzori, L., Iera, A., & Morabito, G. (2010). The internet of
things: A survey. Computer networks, 54(15), 2787-2805
SAFEGUARDING THE IOT

BEING SECURE, VIGILANT, AND RESILIENT IN THE
CONNECTED AGE
by Irfan, Sean Peasley, and Perinkolam
ABSTRACT
IoT objects are not only smart objects but also connected. That
is, they are able to transmit the data they produce. The IoT has
done away with human control and can comfortably operate
with the power of people. As it is transferred from one smart
object to the other in the IoT, there is a possibility of the
information being compromised. Data breaches can occur and
expose highly private and personal data. IoT producers ignored
to execute a generous security system within the contraptions,
security pros have cautioned the potential peril of tremendous
amounts of unbound gadgets meddle with the Internet. In this
discussion, various paradigms that can be used to manage cyber
risks are discussed. The ascent of the IoT holds magnificent
assurance to change over individual's lives by making society
progressively profitable in various districts, tallying
essentialness, transportation, medical services, trade,
manufacturing (Chen, D., Bovornkeeratiroj, P., Irwin, D., &
Shenoy, 2018).
Keywords: Secure, vigilant, and resilient
INTRODUCTION
As advancements in technology continue to happen, and as
connectivity increases, the risk of cybersecurity is also
increasing and is proven to be a threat to all the users of IoT.
Cars’ locations can be hacked, and even the control systems of
the vehicle can be hacked. If the control systems of a vehicle
are hacked, and the car moves against the will of the user, then
the life of people are at serious risk (Pangburn, 2013). The
emphasis is on taking care of the specialized issues recognized

with building up the IoT with small thought to the issues of
spurring powers to grasp, sharing of critical worth over
organize clients, and estimation of extraordinary impact. The
IoT has gone ahead to create information value loop so as to
deal with the issue of insecurity. All objects are being turned as
a source of information on that particular object by IoT. The
creation of value in the form of an object or a service has led to
the development of a value chain in which information about all
the activities of a product is seen, thus the emergence of a value
loop. This information value loop needs to be protected
adequately through a framework, as discussed below.
THE PARADIGM FOR RISK MANAGEMENT
Secure; the first thing in the protection process is to ensure that
data and systems are protected and secured against breaches and
compromises. The most effective form of protection is that
which controls approaches, layers, and types. This is because
cyber attackers use the slightest weaknesses in a system to hack
it. A weakness that the organization could not imagine existed.
Sensors are hardened more and more so as to secure them
against deliberate or accidental manipulation. Software
firewalls should also be installed so as to protect the systems
against hackers. Vigilant; in this paradigm, an organization
should ensure frequent verification of security system so as to
ensure that they are still functioning and that they have not yet
been attacked (Pangburn, 2013). Software are prone to
degradation due to age if they stay for a long time. This
verification is also essential because attacks keep on mutating
so as to fit in new systems, and thus the security systems should
be checked regularly. Resilient; a resilient system should also
be adopted by organizations. A resilient system recovers data
quickly, and therefore even-after a cyber attack, an organization
can resume its normal operations faster as the breech is being
dealt with.

CONCLUSION
In summary, we can conclude that the IoT products are at high
risk of malware attacks, and individuals and organizations
should do everything in their power to ensure that they secure
their devices against being attacked by hackers, which can use
the breeched dat to harm them. We at that point layout the
protection suggestions of untrusted IoT gadgets interfacing to
certainly trusted systems, and conceivable future inquiries about
bearings to relieve these protection suggestions (Chen, D.,
Bovornkeeratiroj, P., Irwin, D., & Shenoy, 2018). Various
strategies can help in securing devices and systems against
cyber-attacks, as discussed above.
BIBLIOGRAPHY
D. J. Pangburn, “How easily can a moving car be hacked?”
Motherboard, June 28, 2013, http://motherboard.vice.
com/blog/how-easily-can-a-moving-car-be-hacked, accessed Feb
29, 2020.
Hewlett-Packard, Internet of Things research study, 2014,
www8.hp.com/h20195/v2/GetDocument. aspx?docname=4AA5-
4759ENW, accessed April 2015; Arik Hesseldahl, "A hacker's
eye view of the Internet of Things," Re/code, April 7, 2015,
http://recode.net/2015/04/07/a-hackers-eye-view-of-the-
internet-of-things/, accessed Feb 29, 2020.
REFERENCES
Bin Sulaiman, R. (2019). Future Threats to Internet of Things
(IoT) Security & Privacy: A Survey. SSRN Electronic
Journal. doi: 10.2139/ssrn.3509352
Masoodi, F., Alam, S., & Siddiqui, S. (2019). Security &
Privacy Threats, Attacks and Countermeasures in Internet of
Things. International Journal Of Network Security & Its
Applications, 11(02), 67-77. doi: 10.5121/ijnsa.2019.11205

Ficco, M. (2019). Internet-of-Things and fog-computing as
enablers of new security and privacy threats. Internet Of
Things, 8, 100113. doi: 10.1016/j.iot.2019.100113
Yang, Y., Wu, L., Yin, G., Li, L., & Zhao, H. (2017). A survey
on security and privacy issues in Internet-of-Things. IEEE
Internet of Things Journal, 4(5), 1250-1258
Riggins, F. J., & Wamba, S. F. (2015, January). Research
directions on the adoption, usage, and impact of the internet of
things through the use of big data analytics. In 2015 48th
Hawaii International Conference on System Sciences (pp. 1531-
1540). IEEE.
Bandyopadhyay, S., Sengupta, M., Maiti, S., & Dutta, S. (2011).
Role of middleware for internet of things: A study. International
Journal of Computer Science and Engineering Survey, 2(3), 94-
105.
Bandyopadhyay, S., Sengupta, M., Maiti, S., & Dutta, S. (2011).
A survey of middleware for internet of things. In Recent trends
in wireless and mobile networks (pp. 288-296). Springer,
Berlin, Heidelberg.
Rodriguez-Mota, A., Escamilla-Ambrosio, P. J., Happa, J., &
Nurse, J. R. (2016, November). Towards IoT cybersecurity
modeling: From malware analysis data to IoT system
representation. In 2016 8th IEEE Latin-American Conference on
Communications (LATINCOM) (pp. 1-6). IEEE.
Chen, D., Bovornkeeratiroj, P., Irwin, D., & Shenoy, P. (2018,
July). Private memoirs of iot devices: Safeguarding user privacy
in the IoT era. In 2018 IEEE 38th International Conference on
Distributed Computing Systems (ICDCS) (pp. 1327-1336).
IEEE.
Abomhara, M. (2015). Cyber security and the internet of things:
vulnerabilities, threats, intruders and attacks. Journal of Cyber
Security and Mobility, 4(1), 65-88.
Corones, S., & Lane, B. (2010). Shielding critical infrastructure
information-sharing schemes from competition law. Deakin L.
Rev., 15, 1.
Varga, P., Plosz, S., Soos, G., & Hegedus, C. (2017, May).

Security threats and issues in automation IoT. In 2017 IEEE
13th International Workshop on Factory Communication
Systems (WFCS) (pp. 1-6). IEEE.
Lee, K., Kim, D., Ha, D., Rajput, U., & Oh, H. (2015,
September). On security and privacy issues of fog computing
supported Internet of Things environment. In 2015 6th
International Conference on the Network of the Future (NOF)
(pp. 1-3). IEEE.
Tweneboah-Koduah, S., Skouby, K. E., & Tadayoni, R. (2017).
Cyber security threats to IoT applications and service domains.
Wireless Personal Communications, 95(1), 169-185.
Trends in cloud computing
TRENDS IN CLOUD COMPUTING
ABSTRACT
Cloud computing involves the use of remote servers that are
hosted on the Internet. The technology has been a game-changer
in the world of technology as it has dramatically influenced the
aspect of storing, processing, and also managing data. Besides,
technology has witnessed a couple of trends that have attracted
the attention of crucial technology players. In line with this, the
paper will investigate the various trends in cloud computing.
Keywords: cloud computing, social networking, Security, IaaS,
PaaS, SaaS.
INTRODUCTION
Cloud computing is one of the newest areas of interest in the
world of computing. The technology entails the use of cloud
services to store, manage, process, and even ensure that data is
secure. Cloud computing involves the use of remote servers that

are hosted on the Internet. As a result, the technology has seen
an increased reduction of the use of physical servers and
computers by companies in storing, managing, and also
processing their data. In recent days, technology has witnessed
several changes or, rather, trends that will be covered briefly in
the paper. Cloud is a collective term for a massive number of
possibilities and developments. It is more of a practical
innovation than an invention that combines several other
inventions to become something compelling and new. Cloud
computing puts together and merges several technologies that
already exist together, where they include virtualization, time-
sharing, web interactivity, browser interface, and high
bandwidth networks. Cloud computing helps companies and
businesses to transform their initial existing server
infrastructures to form a dynamic environment that leads to the
expansion and reduction of the server’s capacity. A cloud
computing platform, configures, depravations, and reconfigures
the servers. Many issues arise firm adopting the cloud
computing platform, and the articles below discuss some of the
main issues associated with cloud computing.
LITERATURE REVIEW
Different studies, such as Varghese & Buyya (2018), recognize
that cloud computing is one of the booming technologies. The
technology has witnessed immense growth rates over the last
couple of years. Notably, more companies and institutions
continue to adopt cloud services. Besides, the use of Iaas, Paas
as well as SaaS continues to increase.
Additionally, Varghese & Buyya (2018) express their optimism
that the revenue earned from cloud technology will continue to
grow. Also, cloud services will continue to advance. For
instance, different companies have embarked on the process of
adopting private and hybrid technologies, which are much
significant in storing, processing, and also managing big
company data. Cloud asserts that conceptually the "cloud" at the
Internet conceals to be had computing resources and offers an
elegant interface, through which customers might be capable of

using the whole World Wide Web as a powerful personal laptop.
The evolution of computing into six stages: the mainframe, the
microcomputer, the LAN, the Internet, grid computing, and
cloud computing(Voas & Zhang 2009).
METHODOLOGY
Cloud computing has dramatically been evolving, with higher
data being generated. Cloud service has resulted in excessive
communication being created between various cloud servers that
are inexpensive, thus leading to more, better, and more
excellent connectivity with billions of connected computers and
computer users.
FINDINGS
Cloud computing seems to have practically taken over many
industries in the world, including building management,
transportation, energy, healthcare, precision agriculture, and the
likes. The options of connectivity by internet cloud services
seem to be increasing by a hugely significant amount for
application developers and electronic engineers. Computers
significantly connected do not necessarily provide the benefit of
the connection to people. However, the network connected to
the devices tends to receive information that they gather from
the environment, which tends to be the source of success. Cloud
services that are provided from the connectivity help the
devices to offer information that is valuable by acting upon and
reaching out to the world. The connected devices are not limited
to given computers that the organizations own but are able to
span from devices of every personal individual that are used or
the big one through the services of internet cloud services.
Khan, N., & Al-Yasiri, A. (2016). discusses the security threats
that are associated with cloud computing being adopted in
organizations and businesses. Cloud computing is seen to allows
organizations to outsource their total process in information

technology, thus enabling them to focus more on their main and
core business, thus able to enhance innovation and productivity
in the services they offer to their customers. There are more
benefits that are seen to be gained after adopting cloud
computing like the cut down on the major costs that a business
incurs over IT infrastructure with them not losing the
customers’ needs focus. Despite the many advantages that can
be associated with a company adopting the cloud computing
framework, the implementation is seen to be faced with some
challenges due to issues relating to privacy and security. The
article summarizes a combination of several interviews that
were conducted with security experts and cloud developers, and
the results reviewed Khan, N., & Al-Yasiri, A. (2016). There
were many security issues and threats that a company exposes
itself to after adopting the cloud computing framework. The
study in this article well elaborates and offers an understanding
of the future and current, privacy, and security challenges that
cloud computing are associated with. Most of the security and
privacy issues identified well offer the right attribute of what
cloud computing is.
Over time, there has been continuous growth concern and
awareness towards cloud computing, especially on the issue of
information security. The article well shows the continued
growth in the usage and awareness of Security Algorithms into
data processes and systems.
Figure 1: Layard Cloud Architecture
Khan, N., & Al-Yasiri, A. (2016), well presents an overview
and comparison of different algorithms together with the
Cryptographic algorithm offering a great emphasis on
Symmetric algorithms that ought to be used for services and
applications that are cloud-based and require a link and data
encryption. The asymmetric and symmetric applications are

reviewed with there being an emphasis on Symmetric algorithms
in consideration of security issues that one should use for
cloud-based services and applications which require a link and
data encryption. The article identifies that with the emergence
of cloud computing as a new technology aspect in the
technology industry, private and public corporate and enterprise
organizations are either using the services of cloud in the
processor as a service for them to get to their end goal despite
them facing privacy, security, and data theft issues. Therefore,
the use of security algorithms and their implementation is
crucial for the cloud, and they need to be utilized properly in
order to ensure the best security is offered to the end-user Khan,
N., & Al-Yasiri, A. (2016).
According to Yoo, S. K., & Kim, B. Y. (2018), shows the use of
artificial intelligence, big data and new communication and
information technologies which have led to the improved
business competitiveness and sustainable developments. It is
evident from the article that cloud services were seen and
classified as having special requirements of the system for the
organization of a business can it be represented by cloud
computing architectures layers that are different like software
as a service. The article also highlights that the IT environment
services undergoes continuous changes thus companies are
required to recheck and reconsider business models. The article
is recommendable because it shows and advises companies on
what is right to do in relation to their cloud computing effect
that they receive in their company or business as well as it
advices on which is the right cloud computing system to adopt
to their business model. In reference to the aspect of the model
of decision making, the article advices and recommends the
cloud computing system to be adopted. The critical variables in
the decision areas in the hierac8hical structure is well
elaborated in terms of its environment, organization, technology
as well as other attributes of decision making for the adoption
of cloud computing. The research also offers an explosive

comparative analysis between providers and demanders of the
adoption of cloud computing. The article is helpful because it
continues to offer and suggest important factors to the top
management support system, the compatibility and competitive
pressure associated with the adoption of the cloud. For more
understanding please take a look on figure 2.
Figure 2: The Cloud Computing Adoption Model
The article investigates the advancement of the consumers
process of adoption and the technological innovations
associated with the services of cloud computing. It focuses on
the continued increase rate of the role of big data and cognitive
computing that affects the adoption of technologies that are
emerging. As more worldwide consumers continue using mobile
computing, the online advertisement role continues to be
examined to help understand the affects and effects of cloud
computing in relation to the marketing fields Ratten, V. (2020).
There is thus a great discussion on how the value of social
capital can be put to place to improve the adoption of cloud
computing technologies especially those that highlight the
mindset of consumers and their importance. The article well
highlights this mindsets of consumers and how cloud computing
can be used to alleviate the consumers concerns as well as meet
to offer solution as the cloud computing. Emerging innovations
as a result are well discussed and elaborated Ratten, V. (2020).
The Nandgaonkar, S. V., & Raut, A. B. (2014) defining cloud
computing to be a massively scalable, configurable resource
that is on-demand as a computing model where it is seen to be
the latest discussion in the information sector. The article shows
that cloud computing offers cloud infrastructure in more of a
distributed compared to a dedicated infrastructure which is seen
to allow clients to have access that is complete and full to the
reliable and scalable resources with continued high
performance. Therefore, everything is seen to be provided to the
client over the Internet as a utility service. IoT tagged objects

generate data that is high, and therefore cloud computing
becomes a key to store the unpredictable generated data from
the tagged devices. The article continues to discuss the
evolution of cloud computing. The information is important in
helping one have a great background in understanding where
cloud computing evolved from. The article offers great exposure
to the different forms of cloud deployment models by
continuing to offer an understanding of the characteristics of
cloud computing as well as the different models. Something
outstanding about the article is that it gives a discussion on the
cloud computing actors. It well shows that the NIST based
reference cloud computing model gives information about the
major participants, including their functions, actions,
characteristics, uses, and standards of each participant that is in
the cloud paradigm. The article offers very crucial information
like the major cloud actors that are found in the architecture of
the cloud. They include the cloud provider, cloud broker, cloud
auditor, cloud carrier, and cloud consumer. The information is
able to teach one the whole connectivity of cloud happens
Nandgaonkar, S. V., & Raut, A. B. (2014).
According to Knorr, E. (2017) offers two ways in which cloud
computing can be defined and understood. The first one is
where workloads are seen to be run remotely over the Internet
by the provider's data centers, which in most cases are
commercial like that one of Microsoft Azure and Amazon Web
services and in the current days, businesses are seen to use more
than one of these clouds. The other meaning that is brought out
in this article is about cloud computing is on how it works. It
explains that this form of cloud computing and how it works
offers a great advantage of agility, which is the ability to store,
compute and network resources to the needed workloads and get
into the abundance of services that are rebuilt. The article also
well explains the different forms of cloud computing, which
include the different services and functions offered by cloud
computing, the difference between public cloud, hybrid cloud,

and the private cloud. The article offering all these definitions
and differences gives the reader a chance to clearly understand
and differentiate these concepts appropriately. The article
continues to offer a great elaboration on the benefits that one
gains or a company gains after using cloud computing. The
article is a very informative one in terms of explaining the
management of cloud computing platforms. It is seen to
eliminate the installation steps, and setups as the client of the
cloud accessing the hardware resources stay and coexist on
different platforms in a distributed form or way. Power
consumption, excessive heat reduction, and energy optimization
in the cloud environment greatly differentiate it from ordinary
or traditional computing, which is seen to be eco-friendly.
Figure 3: Cloud computing Architecture(google)
Wang, Y., Chen, R., & Wang, D. C. (2015) Overtime, it is
evident that the use of cloud computing has been on arise and it
will continue to increase going forward. According to this
article, it shows that cloud computing is a tool technology that
enables the users to access and configure software storage,
hardware and software applications where they put processes
directly from the internet or web. The article points out a very
important fact that the prevalence of the use of mobile devices
like the tablets and smart phones have led to the adoption of
fast internet access using the 4Gs and 3Gs communications that
are linked in the cloud computing in the form of a mobile. The
devices are seen to have cheap, fast and direct link to the
internet thus making it easier to download and upload
applications and programs into the online network storage and
internet services.
Figure 3: Cloud Computing Applications (google)
The records frameworks offices on this undertaking might be
evidence contrary to SaaS, as they may catch lost administration
quality if structures are aiming to the cloud, (Black,

Mandelbaum, Grover, and Marvi, 2010). The figure for
distributed computing procedures can be controlled inside the
financial association by utilizing way of the issues inside the
writing. This delivery approach of data frameworks grants
readiness in the arrangement of organization assignments,
flexibility, and adaptability inside the versatility of
administrations, and especially expense financing conservation
(Ahuja and Rolli, 2011) and overhead obtainment monetary
reserve funds (Nimsoft, 2011) a period. This system licenses
productiveness money related investment funds in the
reconciliation of long range interpersonal communication
innovation. (Boulton, 2011). Most companies in bosses have in
any event one cloud organization. (Dark, and Mandelbaum, and
Grover, and Marvi, 2010).
SaaS(Software as a service)
I If it gives software program application services, the
utilization of a single recurrence of the application runs on the
cloud services, and more than one client's customers or
purchaser enterprises. The most routinely analyzed case of SaaS
is even though numerous phenomenal models have improved
showcase, which consolidates the Google Apps giving of
fundamental business organization contributions that join email
and word preparation. Indeed, even notwithstanding the way
that drove the meaning of cloud processing with the guide of
utilizing limited years, it currently works with the asset of using
its partner, which can be divided through method for a stage as
an organization. (Puri et al., 2019).
PaaS(Platform as a corporation)
Stage as a bearer unites a layer of software and make accessible
it as an organization that might be utilized to gather better
acknowledgment contributions. There are, in any event, two
perspectives on PaaS temporary at the attitude of the maker or

client of the inputs. Somebody creating PaaS execution
produces a stage through teaming up an OS, middleware,
software, or maybe an improvement domain that is sooner than
provided to a benefactor as a supplier. For example, any
individual growing a PaaS introducing would conceivably put
together it with respect to a hard and fast of computerized
hypervisor machines that envelop an incorporated advancement
condition, a Web stack and asset for included programming
dialects which incorporate Perl or Ruby. Somebody the
utilization of PaaS may see an outlined organization. This is
outfitted to them through an API. The benefactor communicates
by means of a method for the stage through the API, sooner than
the stage does what's important to control and scale itself to
give a specific level of administration.
IaaS (Infrastructure as a service)
Infrastructure as a supplier parts simple stockpiling and figure
abilities as consistent contributions over the system. Servers,
carport structures, switches, switches, and different structures
are joined together and made accessible to holder remaining
burdens that run from application parts to unbalanced run of the
mill by and large execution processing applications. Business
tests of IaaS envelop, whose significant item is a line of
virtualized servers that furnish you with the money for a
particularly accessible available to come into work for the
foundation. It coordinates memory and I/O devices, carport and
figuring usefulness directly into a computerized resources pool,
and offers stockpiling sources and virtualization administration
for the entire business endeavor. This is a way of facilitated
equipment, and the client pays after they utilize the equipment.
For instance, Amazon Web Service and IBM Blue Cloud all rent
the foundation as assistance. The benefit of IaaS is that the
individual best need low worth equipment and rent figuring
capacity and carport capacity in accordance with his need,
significantly decreased the pace of the equipment. As of now,

Google cloud software program has most delegates, together
with Google Docs Google Apps, Google Sites, and Google App
Engine. (Hari, Krishnaa, and Kiranb, and Muralia, and Pradeep
Kumar, 2016).
The assess recommends lost in-power area, and case examines
concerning cloud processing appropriation systems, in contrast
with those on cloud figuring reception factors. However,
quantitative research and applied articles appeared to be
predominant. However, there is theoretical research that has not
been tried. For instance, a gander at proposed a cloud
hypothetically figuring reception appraisal form that thinks
about gauges for settling on the cloud supplier; however, this
adaptation has not been tried experimentally yet. Accordingly,
moreover, subjective investigations wish to be embraced to find
further issues and test the previous hypothetical inclinations
concerning this region observationally. Therefore, this triggers
inquiries regarding the IS explore round table Or alternately,
These inquiries should be examined very well the utilization of
two or three individual cases look into in exceptional settings,
nations, and ventures to all the more likely perceive cloud
registering selection components and systems.
IMPLICATION FOR RESEARCH
The main concept in question remains on how the trends in
cloud technology will remain active and progressive all the
time. The answer brings the relationship between cloud
computing and the emerging trends in cloud computing in an
attempt to retain the future Internet. Great and large usage of
cloud computing has acted as a boost and catalyst for the
deployment and development of scalable applications of internet
servers in the business modules (Puri et al., 2019). Cloud
computing has become a great future in internet technologies
that are closely affiliated with one offering the other a platform
or its success. Numerous benefits are being derived and being

gained from cloud computing as new trends are being
converged.
ANALYSIS
Trends in cloud computing provides companies with a platform
to prepare and equip themselves for the future in the world of
technology. The trends lay a platform for players in the industry
to assess and determine what the likely changes in the sector
are. As such, companies will be in a good position to roll out
the necessary unfractured as well as hire the required skills for
the effective implementation of the technology (Stoica et al.,
2018).
Figure 4: Overview of cloud computing
CONCULSION
The emerging trends in cloud computing have greatly impacted
the technological world as they continue to make cloud services
more effective day in day out. The development of reliable
cloud servers continues to make it easier to manage, store, and
process data. Users are able to easily scale the storage as the
generated data keeps increasing, and the amount of storage paid
is consumed together with Cloud Computing. The speed of
cloud services and also the security of the data continue to
become better.

REFERENCES
Atlam, H. F., Alenezi, A., Alharthi, A., Walters, R. J., & Wills,
G. B. (2017, June). Integration of cloud computing with
the Internet of things: challenges and open issues. Physical and
Social Computing (CPSCom) and IEEE Smart Data
(SmartData) (pp. 670-675). IEEE.
Puri, V., Tromp, J. G., Le, C. V., Nguyen, N. G., & Le, D. N.
(2019). The Vital Role of Fog Computing in the Internet of
Things. Security Designs for the Cloud, IoT, and Social
Networking, 153-163.
Stoica, M., Mircea, M., Ghilic-Micu, B., & Uscatu, C. R.
(2018). From a Smart Education Environment to an Eco-
School through Fog & Cloud Computing in IoT
Context. Informatica Economica, 22(4), 5-14.
Varghese, B., & Buyya, R. (2018). Next-generation cloud

computing: New trends and research directions. Future
Generation Computer Systems, 79, 849-861.
Khan, N., & Al-Yasiri, A. (2016). Identifying cloud security
threats to strengthen the cloud computing adoption
framework. Procedia Computer Science, 94, 485-490.
Nandgaonkar, S. V., & Raut, A. B. (2014). A comprehensive
study on cloud computing. International Journal of Computer
Science and Mobile Computing, 3(4), 733-738.
Yoo, S. K., & Kim, B. Y. (2018). A Decision-Making Model for
Adopting a Cloud Computing System. Sustainability, 10(8),
2952.
Ratten, V. (2020). Cloud computing technology innovation
advances: a set of research propositions. In Disruptive
Technology: Concepts, Methodologies, Tools, and Applications
(pp. 693-703). IGI Global.
B. Hari, Krishnaa., & Dr.S. Kiranb., & G. Muralia,b., & R.
Pradeep, Kumar, Reddy, a,b.
(2016) Security Issues in Service Model of Cloud Computing
Environment. (246-247). International Conference on
Computational Science.
Figure References
Layered Architecture. (n.d.). [Photograph]. Retrieved from
https://www.capgemini.com/wp-
content/uploads/2017/07/Trends_in_Cloud_Computing_Secure_
Journey_to_the_Cloud_____a_Matter_of_Control.pdf
cloud computing. (n.d.). [Photograph]. Retrieved from
https://www.highperformance.net.au/wp-content/uploads/Cloud-
Computing-Technology-1.jpg
Cloud computing Architecture. (n.d.). [Photograph]. Retrieved
from https://html.scirp.org/file/9-1730656x2.png

Mobile cloud computing architecture. (n.d.). [Photograph].
Retrieved from
https://onlinelibrary.wiley.com/doi/full/10.1002/wcm.1203

INTERNET OF THINGS A STUDY ON SECURITY AND PRIVACY THREATSMd .docx

Recommended

Recommended

More Related Content

Similar to INTERNET OF THINGS A STUDY ON SECURITY AND PRIVACY THREATSMd .docx

Similar to INTERNET OF THINGS A STUDY ON SECURITY AND PRIVACY THREATSMd .docx (20)

More from vrickens

More from vrickens (20)

Recently uploaded

Recently uploaded (20)

INTERNET OF THINGS A STUDY ON SECURITY AND PRIVACY THREATSMd .docx