Compliance Evaluation of Cryptographic Security Requirements on IoT Gateways

  • Eduardo F. Felix UFRPE
  • Fernando A. A. Lins UFRPE
  • Obionor O. Nóbrega UFRPE
  • Diego R. Gomes UFRPE
  • Bruno A. Jesus Universidade de Coimbra
  • Marco Vieira Universidade de Coimbra


The Internet of Things is one of the new trends that has been drawing attention due to its rapid dissemination and acceptance. However, not knowing whether personal data and information are secure can hamper a more widespread acceptance of this technology by users. In this context, the security of one of the main components of the IoT system, the gateway, becomes even more relevant, as it is essential in connecting heterogeneous IoT devices. The IoT gateway ends up centralizing communication and system management, thus becoming a high-value target in terms of security. To improve confidentiality, IoT gateways should use cryptographic services implemented with appropriate configurations based on organizations or technical standards accepted by the scientific community. In this context, the main objective of this paper is to evaluate the security level of IoT gateways considering encryption requirements. For this, a subset of encryption requirements suggested by international technical organizations, such as IoTSF and OWASP, is selected. This evaluation was carried out in the security assessment of four IoT gateways considering cryptographic requirements. None of the gateways achieved more than 80% compliance with the selected requirements, which raises concerns regarding the security of their users’ data.
Palavras-chave: Security, Internet of Things, Gateway, Cryptography Requirements
Como Citar

Selecione um Formato
FELIX, Eduardo F.; LINS, Fernando A. A.; NÓBREGA, Obionor O.; GOMES, Diego R.; JESUS, Bruno A.; VIEIRA, Marco. Compliance Evaluation of Cryptographic Security Requirements on IoT Gateways. In: LATIN-AMERICAN SYMPOSIUM ON DEPENDABLE COMPUTING (LADC), 11. , 2022, Fortaleza/CE. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2022 . p. 67–72.