{"id":"https://openalex.org/W4407937669","doi":"https://doi.org/10.1109/jiot.2025.3545737","title":"A Systematic Review for Evaluating IoT Security: A Focus on Authentication, Protocols and Enabling Technologies","display_name":"A Systematic Review for Evaluating IoT Security: A Focus on Authentication, Protocols and Enabling Technologies","publication_year":2025,"publication_date":"2025-02-25","ids":{"openalex":"https://openalex.org/W4407937669","doi":"https://doi.org/10.1109/jiot.2025.3545737"},"language":"en","primary_location":{"id":"doi:10.1109/jiot.2025.3545737","is_oa":true,"landing_page_url":"https://doi.org/10.1109/jiot.2025.3545737","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},"type":"review","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1109/jiot.2025.3545737","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5091904896","display_name":"Jameel Shehu Yalli","orcid":"https://orcid.org/0009-0006-2602-4862"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Jameel Shehu Yalli","raw_affiliation_strings":["Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia"],"raw_orcid":"https://orcid.org/0009-0006-2602-4862","affiliations":[{"raw_affiliation_string":"Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5042993941","display_name":"Mohd Hilmi Hasan","orcid":"https://orcid.org/0000-0002-4065-3968"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Mohd Hilmi Hasan","raw_affiliation_strings":["Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058893452","display_name":"Low Tang Jung","orcid":"https://orcid.org/0000-0002-2059-5107"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Low Tang Jung","raw_affiliation_strings":["Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5116420505","display_name":"Abdulrasheed Ibrahim Yerima","orcid":"https://orcid.org/0000-0002-2255-5731"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Abdulrasheed Ibrahim Yerima","raw_affiliation_strings":["Department of Geoscience, Universiti Teknologi PETRONAS, Seri Iskandar, Perak, Malaysia"],"raw_orcid":"https://orcid.org/0000-0002-2255-5731","affiliations":[{"raw_affiliation_string":"Department of Geoscience, Universiti Teknologi PETRONAS, Seri Iskandar, Perak, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5106356673","display_name":"Dahiru Adamu Aliyu","orcid":"https://orcid.org/0009-0009-9803-3604"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Dahiru Adamu Aliyu","raw_affiliation_strings":["Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5059132448","display_name":"Umar Danjuma Maiwada","orcid":"https://orcid.org/0000-0001-7679-3674"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Umar Danjuma Maiwada","raw_affiliation_strings":["Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5092088366","display_name":"Safwan Mahmood Al-Selwi","orcid":"https://orcid.org/0009-0000-2742-213X"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Safwan Mahmood Al-Selwi","raw_affiliation_strings":["Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5113097983","display_name":"Mujeeb Ur Rehman Shaikh","orcid":"https://orcid.org/0000-0001-6035-8168"},"institutions":[{"id":"https://openalex.org/I203899302","display_name":"Universiti Teknologi Petronas","ror":"https://ror.org/048g2sh07","country_code":"MY","type":"education","lineage":["https://openalex.org/I203899302"]}],"countries":["MY"],"is_corresponding":false,"raw_author_name":"Mujeeb Ur Rehman Shaikh","raw_affiliation_strings":["Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia"],"raw_orcid":"https://orcid.org/0000-0001-6035-8168","affiliations":[{"raw_affiliation_string":"Department of Computing, Universiti Teknologi Petronas, Seri Iskandar, Malaysia","institution_ids":["https://openalex.org/I203899302"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":8,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":18.0903,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.99219785,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"12","issue":"12","first_page":"18908","last_page":"18928"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10273","display_name":"IoT and Edge/Fog Computing","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10273","display_name":"IoT and Edge/Fog Computing","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9968000054359436,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8221640586853027},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.5977278351783752},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5938319563865662},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5303030014038086},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.5297974944114685},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.4787423014640808},{"id":"https://openalex.org/keywords/cryptographic-protocol","display_name":"Cryptographic protocol","score":0.44418495893478394},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.43635112047195435},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.3074871599674225}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8221640586853027},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.5977278351783752},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5938319563865662},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5303030014038086},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.5297974944114685},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.4787423014640808},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.44418495893478394},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.43635112047195435},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.3074871599674225},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/jiot.2025.3545737","is_oa":true,"landing_page_url":"https://doi.org/10.1109/jiot.2025.3545737","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1109/jiot.2025.3545737","is_oa":true,"landing_page_url":"https://doi.org/10.1109/jiot.2025.3545737","pdf_url":null,"source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":132,"referenced_works":["https://openalex.org/W72752761","https://openalex.org/W1531357090","https://openalex.org/W1596213081","https://openalex.org/W1976269387","https://openalex.org/W2002294620","https://openalex.org/W2029758586","https://openalex.org/W2039456366","https://openalex.org/W2058401212","https://openalex.org/W2076604688","https://openalex.org/W2079983098","https://openalex.org/W2105103777","https://openalex.org/W2111619626","https://openalex.org/W2118602800","https://openalex.org/W2129272575","https://openalex.org/W2140260379","https://openalex.org/W2155779722","https://openalex.org/W2180492195","https://openalex.org/W2181590530","https://openalex.org/W2290351359","https://openalex.org/W2297516582","https://openalex.org/W2392235604","https://openalex.org/W2478640228","https://openalex.org/W2541835027","https://openalex.org/W2542420012","https://openalex.org/W2546496699","https://openalex.org/W2560195950","https://openalex.org/W2562513205","https://openalex.org/W2573048514","https://openalex.org/W2597386693","https://openalex.org/W2600203493","https://openalex.org/W2605021725","https://openalex.org/W2608333876","https://openalex.org/W2738698128","https://openalex.org/W2750688159","https://openalex.org/W2761295607","https://openalex.org/W2765386572","https://openalex.org/W2791844003","https://openalex.org/W2791969307","https://openalex.org/W2795482797","https://openalex.org/W2801678809","https://openalex.org/W2889531475","https://openalex.org/W2890076025","https://openalex.org/W2902289258","https://openalex.org/W2913096757","https://openalex.org/W2943089161","https://openalex.org/W2944931339","https://openalex.org/W2945846547","https://openalex.org/W2951099140","https://openalex.org/W2954885714","https://openalex.org/W2962819974","https://openalex.org/W2965710869","https://openalex.org/W2980253766","https://openalex.org/W2981672202","https://openalex.org/W2990606942","https://openalex.org/W2997523101","https://openalex.org/W3002364925","https://openalex.org/W3008439638","https://openalex.org/W3015471529","https://openalex.org/W3030614390","https://openalex.org/W3033002057","https://openalex.org/W3093117838","https://openalex.org/W3095166844","https://openalex.org/W3095887065","https://openalex.org/W3106015623","https://openalex.org/W3126226315","https://openalex.org/W3133065136","https://openalex.org/W3138917762","https://openalex.org/W3154603256","https://openalex.org/W3162199680","https://openalex.org/W3187367467","https://openalex.org/W3188554269","https://openalex.org/W3192880923","https://openalex.org/W3196833029","https://openalex.org/W3196834371","https://openalex.org/W3200276483","https://openalex.org/W3211829217","https://openalex.org/W4205304407","https://openalex.org/W4210779665","https://openalex.org/W4211041919","https://openalex.org/W4213043598","https://openalex.org/W4220959955","https://openalex.org/W4225620913","https://openalex.org/W4226398874","https://openalex.org/W4236093450","https://openalex.org/W4280530734","https://openalex.org/W4280650176","https://openalex.org/W4283523512","https://openalex.org/W4283820151","https://openalex.org/W4285114535","https://openalex.org/W4288640495","https://openalex.org/W4289333755","https://openalex.org/W4308888444","https://openalex.org/W4311277365","https://openalex.org/W4313389144","https://openalex.org/W4313887637","https://openalex.org/W4313892524","https://openalex.org/W4316039105","https://openalex.org/W4317103720","https://openalex.org/W4318046977","https://openalex.org/W4318825500","https://openalex.org/W4322753700","https://openalex.org/W4323261902","https://openalex.org/W4327767789","https://openalex.org/W4360603373","https://openalex.org/W4362496304","https://openalex.org/W4379141734","https://openalex.org/W4380763450","https://openalex.org/W4381389900","https://openalex.org/W4382770023","https://openalex.org/W4386132186","https://openalex.org/W4386257552","https://openalex.org/W4386379604","https://openalex.org/W4387546383","https://openalex.org/W4388895097","https://openalex.org/W4390421222","https://openalex.org/W4391696993","https://openalex.org/W4391855929","https://openalex.org/W4393396173","https://openalex.org/W4394564324","https://openalex.org/W4394932765","https://openalex.org/W4394932784","https://openalex.org/W4398174014","https://openalex.org/W4399147141","https://openalex.org/W4399989640","https://openalex.org/W4405794272","https://openalex.org/W4406262931","https://openalex.org/W4406263758","https://openalex.org/W6679262636","https://openalex.org/W6680876379","https://openalex.org/W6682502337","https://openalex.org/W6759562694","https://openalex.org/W6853338262"],"related_works":["https://openalex.org/W2034419863","https://openalex.org/W2296396257","https://openalex.org/W3007106793","https://openalex.org/W2289378658","https://openalex.org/W2132505069","https://openalex.org/W1531360494","https://openalex.org/W2054202867","https://openalex.org/W2093529019","https://openalex.org/W1965515427","https://openalex.org/W1982325601"],"abstract_inverted_index":{"The":[0,167],"idea":[1],"of":[2,5,53,58,83,178],"the":[3,54,66,74,100,131,152,176],"Internet":[4],"Things":[6],"(IoT)":[7],"is":[8,95],"to":[9,90,103,110,137,175,189],"connect":[10],"objects":[11,28],"and":[12,41,70,88,129,163,169,180,187],"smart":[13],"devices":[14,26,136],"with":[15,23,73,160],"any":[16],"digital":[17],"element":[18],"seamlessly":[19],"at":[20],"anytime,":[21],"anywhere,":[22],"anything.":[24],"These":[25],"or":[27],"are":[29],"characterized":[30],"by":[31,115],"low":[32],"power":[33],"consumption,":[34],"lower":[35],"bandwidth":[36],"usage,":[37],"limited":[38,42],"processing":[39],"power,":[40],"memory":[43],"capacity.":[44],"This":[45,97,149],"article":[46,150],"presents":[47],"a":[48,80,124,155,183],"systematic":[49],"literature":[50],"review":[51,104],"(SLR)":[52],"state-of-the-art":[55],"security":[56,147,196],"challenges":[57],"IoT":[59,94,135,146,195],"systems":[60],"designed":[61],"for":[62,145,154,185],"authentication.":[63],"It":[64,122],"reports":[65],"strengths,":[67],"weaknesses,":[68],"threats,":[69],"attacks":[71],"associated":[72],"proposed":[75],"authentication":[76,158],"models.":[77,197],"In":[78],"addition,":[79],"comprehensive":[81],"analysis":[82,170],"IoT-compatible":[84],"protocols,":[85],"enabling":[86],"technologies,":[87],"countermeasures":[89],"mitigate":[91],"risk":[92],"in":[93,133,171],"investigated.":[96],"study":[98],"uses":[99],"PRISMA":[101],"methodology":[102],"peer-reviewed":[105],"articles":[106],"published":[107],"from":[108],"2014":[109],"2023,":[111],"studying":[112],"100+":[113],"papers":[114,119],"selecting":[116],"approximately":[117],"10":[118],"each":[120],"year.":[121],"provides":[123],"detailed":[125],"overview":[126],"that":[127],"contrasts":[128],"compares":[130],"advances":[132],"securing":[134],"date":[138],"while":[139,193],"identifying":[140],"remaining":[141],"open":[142],"research":[143],"questions":[144],"designs.":[148],"highlights":[151],"need":[153],"survey":[156],"integrating":[157],"models":[159],"compatible":[161],"protocols":[162],"other":[164],"lightweight":[165],"technologies.":[166],"examination":[168],"this":[172],"work":[173,192],"contribute":[174],"body":[177],"knowledge":[179],"serve":[181],"as":[182],"roadmap":[184],"researchers":[186],"practitioners":[188],"improve":[190],"their":[191],"designing":[194]},"counts_by_year":[{"year":2026,"cited_by_count":8},{"year":2025,"cited_by_count":9}],"updated_date":"2026-06-19T17:40:00.097472","created_date":"2025-10-10T00:00:00"}