Internet of Things (IoT) is an archetype in which all varieties of objects can have sensing, networking, and processing abilities that allow them to converse with other devices. It permits things, people, and processes to be connected independent of time and location using any network. IoT evolves with the privacy and security concerns of its applications and devices. These issues are yet to be addressed by professionals, academia, and organizations. IoT devices generate a huge amount of data every second, hence, handling these data becomes a major challenge for the organizations. For implementing any application of IoT, privacy, and security concerns have to be considered at each layer of IoT architecture. Usually, there are three layers in an IoT architecture. These layers are the perception layer, network layer, and application layer. The application layer of IoT is the most vulnerable layer for attacks. Privacy and security risks are equally important and therefore, precautionary measures should be taken at each step to mitigate these risks.
IoT brings numerous security issues, such as lack of hardware and software protection, inadequate web interface insecurity, transport encryption, insu?cient authorization, system configuration, verification, access control, and information storage. The reasons behind the security issues related to IoT are lack of well-defined standards of IoT devices or systems, extremely dynamic, instable, massively varied communication mediums, platforms, protocols, and devices, portability issues of IoT connected devices. Gartner (2019) highlighted that 32% of IT leaders considered security as a top hurdle of IoT success.
Privacy issues related to IoT are breaches of sensitive user information, personally identifiable information (PII) and, unauthorized execution of functions. IoT devices become a part of people's lives and are these devices communicate with each other through the Internet. IoT applications can deliver personal as well as location information of a person to others which may promote privacy concerns. Privacy concerns can lead to advertising like personalized spam at point-of-sale locations, constructing user habit profiles, tracking user routes, and, sometimes, serious criminal activities.
IoT uses protocols like MQTT (Message Queuing Telemetry Transport) for faster and controlled communication and applies in various projects such as smart healthcare, smart home, smart parking, smart weather monitoring and, smart industries. Some ambiguities were identified in this protocol which is yet to be addressed. Traditional methods like cryptography and access control deal with external attacks like privacy breaches and data inconsistency. Researchers are proposing different security framework to handle these issues. Security frameworks for IoT are a collection of rules, protocols, and requirements that simplify the security issues during the deployment of IoT applications. The success of these frameworks mainly depends on factors related to privacy and security concerns. Blockchain can be seen as an ideal technology for the progress of IoT and industrial IoT (IIoT). IIoT is connected with a very large number of devices, which are more complex and heterogeneous. Hence, IIoT nodes are more susceptible to privacy and security risks. With the help of blockchain technology and security tools and techniques, IIoT privacy and security issues can be addressed.