Dalton Cézane Gomes Valadares

Dalton Cézane Gomes Valadares, Luiz Antonio Pereira Silva, Daniel Hindemburg de Miranda Marques et al.

The exponential growth of the Internet of Things (IoT) has integrated connected devices into various sectors like smart cities, digital health, and Industry 4.0, generating vast amounts of real-time data to support intelligent decision-making. However, this widespread adoption is fundamentally challenged by significant security risks, primarily due to the inherent computational limitations of devices, lack of standardization, and an expanding attack surface. Given that security is paramount to ensuring trust in these environments, this paper presents a comprehensive survey and a multi-dimensional analysis of the IoT threat landscape. It describes 28 common attacks, ranging from traditional threats, such as Man-in-the-Middle, to specialized IoT exploits, including node replication and skimming. To provide a structured understanding of these risks, we employ the STRIDE model for functional threat classification alongside the CVSS framework for quantitative criticality assessment. Furthermore, the research establishes a robust mapping between these threats and five foundational vulnerability classes (Process, Code, Communication, Operation, and Device), uncovering the specific technical entry points exploited by adversaries. Beyond threat identification, the survey presents state-of-the-art mitigation techniques and discusses emerging paradigms and research gaps, working as a roadmap for future investigation and providing a consolidated technical foundation for both researchers and practitioners aiming to build resilient and secure IoT ecosystems.

Marciano da Rocha, Dalton Cézane Gomes Valadares, Angelo Perkusich et al.

With the evolution of computer systems, the amount of sensitive data to be stored as well as the number of threats on these data grow up, making the data confidentiality increasingly important to computer users. Currently, with devices always connected to the Internet, the use of cloud data storage services has become practical and common, allowing quick access to such data wherever the user is. Such practicality brings with it a concern, precisely the confidentiality of the data which is delivered to third parties for storage. In the home environment, disk encryption tools have gained special attention from users, being used on personal computers and also having native options in some smartphone operating systems. The present work uses the data sealing, feature provided by the Intel Software Guard Extensions (Intel SGX) technology, for file encryption. A virtual file system is created in which applications can store their data, keeping the security guarantees provided by the Intel SGX technology, before send the data to a storage provider. This way, even if the storage provider is compromised, the data are safe. To validate the proposal, the Cryptomator software, which is a free client-side encryption tool for cloud files, was integrated with an Intel SGX application (enclave) for data sealing. The results demonstrate that the solution is feasible, in terms of performance and security, and can be expanded and refined for practical use and integration with cloud synchronization services.

Dalton Cézane Gomes Valadares, Matteus Sthefano Leite da Silva, Andrey Elísio Monteiro Brito et al.

The Internet of Things (IoT) field has gained much attention from industry and academia, being the main subject for numerous research and development projects. Frequently, the dense amount of generated data from IoT applications is sent to a cloud service, that is responsible for processing and storage. Many of these applications demand security and privacy for their data because of their sensitive nature. This is specially true when such data must be processed in entities hosted in public clouds, where the environment in which applications run may not be trusted. Some concerns are then raised since it is not trivial to provide the needed protection for these sensitive data. We present a solution that considers the security components of FIWARE and the Intel SGX capabilities. FIWARE is a platform created to support the development of Smart Applications, including IoT systems, and SGX is the Intel solution for Trusted Execution Environment (TEE). We propose a new component for key management that, together with other FIWARE components, can be used to provide privacy, confidentiality, and integrity guarantees for IoT data. A case study illustrates how this proposed solution can be employed in a realistic scenario, which allows the dissemination of sensitive data through public clouds without risking privacy issues. The results of the experiments provide evidence that our approach does not harm scalability or availability of the system. In addition, it presents acceptable memory costs when considering the benefit of the privacy guarantees achieved.