1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview
7 Security threats/vulnerabilities to IoT devices and gateways
7.1 Security threats/vulnerabilities to IoT devices
7.2 Security threats/vulnerabilities to IoT gateways
8 Security requirements
8.1 Authentication
8.2 Cryptography
8.3 Data security
8.4 Device platform security
8.5 Physical security
Annex A Mapping list between Internet of things security requirements and
security threats/vulnerabilities
Appendix I – Security capabilities for the Internet of things
I.1 Overview
I.2 Security capabilities for sensor/device
I.3 Security capabilities for gateways
I.4 Security capabilities for network
I.5 Security capabilities for platforms/service
Appendix II – Use cases of applying security requirements for Internet of
things devices and gateways
II.1 Use case of authentication – Vulnerability to man in the
middle attack
II.2 Use case of cryptography domain – Weak cryptography
algorithm
II.3 Use case of data security and cryptography domain – Weak
integrity checking of sending data
II.4 Use case of device platform security domain – Weak coding
against exploit
II.5 Use case of physical security domain – Inner interface
vulnerability in a printed circuit board
Bibliography