Abstract
The zero-trust principle explicitly verifies that the authentication and authorization of all actions are performed regardless of the requesting user's credentials or permissions. This chapter presents the details of a mechanism that is capable of mitigating physical data exfiltration attacks, with a focus on physical vulnerabilities that can be exploited by insiders to acquire unauthorized access to sensitive information. First, it provides a critical review of recent prominent related literature around data exfiltration and the technologies utilized to perform it with a review of the current academic research. The chapter then proposes a defense mechanism that can protect systems against physical methods of data exfiltration attacks. Next, it critically analyzes the proposed defense mechanism and determines its viability as a solution that could be used for real-world scenarios of protecting against data exfiltration attacks.
| Original language | English |
|---|---|
| Title of host publication | Security and Privacy in the Internet of Things |
| Subtitle of host publication | Architectures, Techniques, and Applications |
| Publisher | wiley |
| Pages | 57-89 |
| Number of pages | 33 |
| ISBN (Electronic) | 9781119607755 |
| ISBN (Print) | 9781119607748 |
| DOIs | |
| State | Published - 3 Dec 2021 |
| Externally published | Yes |
Bibliographical note
Publisher Copyright:© 2022 The Institute of Electrical and Electronics Engineers, Inc.
Keywords
- Data exfiltration attacks
- Defence mechanisms
- Physical data exfiltration mitigation
- Zero trust security principles
ASJC Scopus subject areas
- General Engineering
- General Computer Science