Applied Sciences (Nov 2024)
Securing the Future of Web-Enabled IoT: A Critical Analysis of Web of Things Security
Abstract
The Web of Things (WoT) represents a significant advancement on the Internet of Things (IoT), where web technologies are integrated to enhance device interoperability and accessibility. While this integration offers numerous benefits, it also introduces new and complex security challenges. This paper presents a critical analysis of WoT security, examining the ecosystem’s vulnerabilities and associated threats. Our contributions include an in-depth analysis of existing threat enumeration methodologies, highlighting misconceptions and inefficiencies that may weaken security measures. We further conduct a comprehensive survey of critical threats within the WoT environment, detailing potential attack vectors and misuses linked to these threats. To address these security gaps, we propose a set of defenses tailored to each identified threat, providing a holistic view of the WoT’s security landscape. We also develop abstract architectural models of the WoT using UML, serving as foundational tools for understanding the interactions and risks within WoT systems. Finally, we model a specific attack scenario, demonstrating how attacks unfold in real-world WoT environments and the importance of defense strategies. These findings aim to guide the development of secure WoT systems, ensuring robust defenses against evolving security threats.
Keywords