Public defence in Computer Science, M.Sc. Narges Yousefnezhad

Secure IoT Systems in Product Lifecycle Information Management
cybersecurity and information security

Title of the doctoral thesis: Secure IoT Systems in Product Lifecycle Information Management

Opponent: Adjunct Professor Susanna Pirttikangas, University of Oulu, Finland
Custos: Adjunct Professor Kary Främling, Aalto University School of Science, Department of Computer Science

The thesis is publicly displayed 10 days before the defence in the publication archive Aaltodoc of Aalto University.

Electronic thesis

Public defence announcement:

This dissertation has studied the security challenges over the lifecycle phases of IoT (Internet of Things) products by identifying and addressing the security requirements, issues, and solutions most relevant for each phase. Accordingly, new security architecture has been defined and implemented that individually ensures user security and product security and manages the entire IoT product lifecycle.

The thesis first reviews the literature on IoT product lifecycle security and investigates security problems and their potential solutions in each phase of the IoT lifecycle in order to identify security gaps in the IoT ecosystem. In the second step, the thesis develops an integrated identity management system for providing interoperability between IoT companies and proposed a security architecture covering the ongoing process of the lifecycle. The architecture identifies the security breaches occurring during the lifecycle. This is achieved by considering security principles on two levels, product-side security and client-side security, in order to differentiate between the security goals related to the product and user clients, respectively. As the third step, Client-side security is handled by combining common authentication and authorization methods. For Product-side security in IoT environments, as the fourth step, the thesis develops Machine Learning approaches and algorithms for product identification.

In summary, this thesis contributes to the development of identification and authentication approaches for improving the security of clients and products over all lifecycle phases in IoT systems. At the same time, the thesis attempts to inject smartness into the security approaches by means of Machine Learning techniques. This is a valuable scientific advancement that paves the way to fully cover a variety of security aspects during the initial lifecycle stages of IoT systems as well as when these systems proceed to later stages of life.

Contact details of the doctoral student: [email protected], 0465741415

  • Published:
  • Updated: