Security, Privacy and Trust for Smart Mobile-Internet of Things (M-IoT): A Survey

With an enormous range of applications, Internet of Things (IoT) has magnetized industries and academicians from everywhere. IoT facilitates operations through ubiquitous connectivity by providing Internet access to all the devices with computing capabilities. With the evolution of wireless infrastructure, the focus from simple IoT has been shifted to smart, connected and mobile IoT (M-IoT) devices and platforms, which can enable low-complexity, low-cost and efficient computing through sensors, machines, and even crowdsourcing. All these devices can be grouped under a common term of M-IoT. Even though the positive impact on applications has been tremendous, security, privacy and trust are still the major concerns for such networks and an insufficient enforcement of these requirements introduces non-negligible threats to M-IoT devices and platforms. Thus, it is important to understand the range of solutions which are available for providing a secure, privacy-compliant, and trustworthy mechanism for M-IoT. There is no direct survey available, which focuses on security, privacy, trust, secure protocols, physical layer security and handover protections in M-IoT. This paper covers such requisites and presents comparisons of state-the-art solutions for IoT which are applicable to security, privacy, and trust in smart and connected M-IoT networks. Apart from these, various challenges, applications, advantages, technologies, standards, open issues, and roadmap for security, privacy and trust are also discussed in this paper.


I. INTRODUCTION
Mobile-Internet of Things (M-IoT) offers vendors a utility for providing smart services to their users by forming a highly sustainable, secure and cost-effective network [1] [2] [3]. The smart M-IoT paves a way for incorporating a large set of services like healthcare, business monitoring, strategic planning, public safety communications, weather forecasting, navigation, reconnaissance, and data acquisition. Security and efficiency of these services are the main objectives of organizations aiming at the spread of smart M-IoT. M-IoT focuses on userspecific commercialization, where users pay as per their active applications while offering them with flexible and dynamic procedures for the selection of a service [4] [5] [6]. In order to enhance the security, utility and lifetime of services, most of the established business enterprises are looking forward to procuring long range and low power solutions for connecting V. Sharma  billions of devices to their core networks without much dependence on the existing infrastructure. Such an ideology allows for easier management and configuration of M-IoT networks and associated devices. Solutions like Low Power Wide Area Network (LPWAN), Long Range Wide Area Network (LoRaWAN) and Narrow Band-IoT (NB-IoT) are efficient in deploying M-IoT networks [7]- [10]. However, at the moment, both the technologies are rival to each other and their applicability and use cases are subject to the decisions of deploying companies and the regulations of the countries involved in their development. With better reach and ease of deployment over existing cellular setup, NB-IoT and Long Term Evolution for Machines (LTE-M) are under consideration as their unification will enhance the types of applications for M-IoT by adopting service strategies similar to mobile networks [11] [12]. The major interests of some leading organizations have been towards the establishment of a different spectrum which is also obtained as a dedicated range from their allocated space or frequency band. Technologies like Software-Defined Networking (SDN) and Network-Function Virtualization (NFV) provide an altogether different way for deploying these networks in a secure way [13] [14] [15]. With a centralized controller, a common node helps to monitor the network, whereas network slicing through NFV will help to distribute the implementation and management of SDNs. M-IoT can operate as a separate slice, and a local or global controller can manage the related activities. Procedures like secondary authentication and group authentication can be seen as potential solutions for ensuring security in smart M-IoT. However, the effective implementation of rules and policies at the control layer due to the configuration complexity and artifacts requires intelligent solutions that can be assured by using certain aspects of optimization, machine learning or artificial intelligence.
In smart M-IoT, security refers to the protection of the infrastructure from potentially hazardous components and users, which may exploit the network with vulnerabilities, based on the known/unknown cyber attacks. For privacy, it deals with the preservation of lawfulness in sharing the information aboutand-between the involved devices. Since smart M-IoT will be dealing with a lot of connected components, maintenance of isolation in traffic patterns and establishing anonymity of users becomes an utmost requirement. Trust refers to the faithfulness in the identification of devices for communication. It further involves the reputation-building between the devices and the infrastructure leading a way to make the network secure while preserving its privacy.
Current market trends have shown that despite several solutions for establishing M-IoT communications, the end to end security will be one of the major concerns for the mobile operators. Identification of new cyber threats, which consist in zero-day attacks is another major requirement of the security industry [16] [17]. It is estimated that M-IoT will hit the market by 2025 with maximum revenue being generated from the security, privacy and trust-based services. Even the major role players will be a low power long range communication models, which can be evaluated around 15+ billion dollars at the same time [18]. Thus, it is required that the existing state-of-the-art must be followed and evaluated on the basis of performance metrics and parameters that enhance the security, privacy, and trust in M-IoT.

A. Advantages and Applications of Smart M-IoT
Smart M-IoT focuses the applications which help in regulating the daily works of their users. Smart M-IoT provides a different set of applications in largely diversified areas such as a smart factory, smart city, smart home, smart grid [19]- [22], healthcare, personal care, emergencies [23], as shown in Fig. 1. With smart M-IoT, it becomes easier for both users as well as business organization to accommodate and host services through intelligent architecture with effective security. In terms of market trends, business houses are looking at a huge monetary advantage from smart M-IoT networks and applications. Including these, other advantages and applications of smart M-IoT are as follows: • Formation of the contextual network through intelligent and rapid data acquisition and processing. • Self-configuring capacity and support for a large set of devices through a common interface. • Support for human to device and device to device communication with lower overheads and low-complexity. • Information management, processing, and validation and data flow management across a wide range of the network.
• Support for real-world applications such as driverless cars, urban-surveillance, smart retailing, industrial Internet, and even provisioning of application base for Augmented Reality (AR)/Virtual Reality(VR) services. • Low-cost deployment and development of personal applications as well as private networks and clouds. • Requires low-frequent maintenance and can be operated through distant mode. On-site evaluations may be subject to special requirements and upgrades. • Supports crowdsourcing as well as edge-computing models by forming an on-demand network in case of public safety communications. • Industrial automation and personalized control formations through light-weight and low-complex Integrated Development Environments (IDEs). Further, M-IoT also helps in tracking the traffic-flows by incorporating transmissions over dynamic nodes, such as drones, smart cars, autonomous bicycles and rail networks.

B. Utilities, Contributions and Structure of this Survey
This survey covers a majority of the content related to security, privacy, trust-management and protocols for smart M-IoT networks. The content presented in this article is competent compared to the existing surveys and is different in terms of comparative study, which will help its readers follow the parameters and ideology of existing works. Further, this survey can be used by the researchers at any level; especially new researchers can gain a lot from the comparisons and the roadmap sections. Academicians can follow this article to teach new trends related to security of M-IoT and its advancements. This work can help industry researchers to follow what has been done and what can be carried further while deploying applications related to M-IoT. The open challenges presented in the lateral part of this article will help to define problem statements and can be used as a rationale for continuing research on security, privacy and trust aspects of M-IoT. This is a comprehensive survey that collectively covers security, privacy, and trust for smart M-IoT, which otherwise are presented as individual topics in the existing surveys. The tabular studies provide a single source to understand the novelty and reach of existing state-of-the-art solutions for smart M-IoT. The roadmap and comparisons with the related survey articles along with key contents to follow for enhancing the knowledge of this subject are given in Section II. Section III presents characteristics, challenges, technologies and standards, an overview of security, privacy and trust along with their methodologies for evaluation. Section IV gives details on secure frameworks for smart M-IoT, Section V discusses the security aware protocols, Section VI presents privacy preservation approaches, Section VII gives details on trust management approaches, Section VIII discusses physical layer security and Section IX gives details on the handover security for smart M-IoT networks. Research Challenges, open issues, and future directions are presented in Section X. Finally, Section XI concludes this article. The details of abbreviations and key terms used throughout the paper are presented in Appendix. Table II

Tables
Descriptions Appedix. Table II Abbreviations and Key Terms. Appedix. Table III Comparison with Related Survey Articles. Appedix. Table IV Some key contributions to follow for security, privacy and trust in smart M-IoT. Appedix. Table V Types of attacks in M-IoT. Appedix. Table VI State-of-the-art frameworks applicable to M-IoT security. Appedix. Table VII State-of-the-art protocols for M-IoT security. Appedix.Table VIII State-of-the-art approaches for data privacy in M-IoT. Appedix. Table IX State-of-the-art approaches applicable for trust management in M-IoT. Appedix. Table X State-of-the-art approaches for physical layer security in M-IoT. Appedix. Table XI Proactive authentication mechanisms for secure handovers. Appedix. Table XII Approaches for secure handovers in M-IoT.

II. ROADMAP AND COMPARISON WITH RELATED SURVEY ARTICLES
Fig. 2 helps to follow the roadmap of different surveys presented over the period of time that can be used for selecting an appropriate approach for justifying the requirements of M-IoT networks in terms of security, privacy, and trust. In addition to this, Appendix. Table III provides comparative evaluations and reachability of existing studies which are closely related to the survey presented in this article. There are limited works that focus on the details of M-IoT. Only a few of them have written in parts about such requirements and technologies for supporting communications in smart M-IoT. Despite the limited literature in this direction, some of the key and broad surveys have been selected which provides sufficient material to be followed for covering the aspects related to security, privacy, and trust. From the comparisons, it is evident that the closely related survey is the one provided by Feng et al. [24], but it covers major portions related to Mobile Crowdsourcing (MC), which is not so tightly related to the requirements of smart M-IoT. The other studies in [25]- [37] do not focus on major considerations which are mandatory to form a highly secure, private and trustworthy M-IoT networks. Sicari et al. [38], Arias et al. [39] and Yang et al. [40] have discussed the concepts related to M-IoT, but do not cover enough details on the security, privacy and trust management in smart M-IoT. In addition to these, there are no comparative strategies provided for discussing the protocol and framework security in any of these surveys, which is a major limitation. Further, handoffs are the major part of mobile-oriented networks, which are not evaluated in the existing studies. Thus, the necessity of such a study, in-depth evaluations and conceptual-reachability of the proposed survey will help researchers to gain insight into the requirements of secure communications in smart and connected M-IoT. In addition, Appendix.

A. Characteristics of Smart Mobile IoT Networks
Smart M-IoT focuses on reliable and sustainable connectivity between the devices on the move, as shown in Fig. 3. Smart M-IoT focuses on the establishment of a trust relationship between the devices through an enhanced reputation-cycling. Dependence on Machine to Machine (M2M) communication [41], Device to Device (D2D) marking, in-built-service sharing, and energy conservation are the key characteristics of M-IoT. With the devices operating in a battery constrained environment, M-IoT characterizes on the utilization of technologies that offer a wide range but at low battery consumption. The characteristics of smart M-IoT can be summarized as follows: • M-IoT includes devices with low power, but operable up to a wide range with lower complexity and lesser resource consumptions. • Supports ultra-dense communication with a unique feature of reliability despite such a huge number of devices operating simultaneously. • M-IoT may be subjected to frequent handovers and may be involved in inter-or intra-handovers depending on their network design and deployment. • Licensed and shared spectrum usability with a primary focus on services similar to short messages. Most of the applications do not require any retraining, and configurations are automatically loaded as a part of application program. • Smart M-IoT applications and services are vendor specific.
However, the licensing of narrow bands can be governed by small-scale network organizations with core setups at the big business houses. • M-IoT operations are dependent on the synergy among the mobile operators and rely heavily on the trust-relationship for their security and distributions. • One-tap facilities for all the services, where a user just has to install and load a required feature for experiencing the applications that focus on consumer-electronics, healthcare of smart home automation. • M-IoT needs media independent support for most of the applications as some of the entities may be operating on 3G, while other may have 4G/LTE or even the upcoming 5G accessibility through mmWave functionalities. • Virtualization and privatization of services are the other main characteristics of M-IoT. Virtualization has further been leveraged through the properties of network slicing, which is one of the solutions for distributed security. • Support for immediate acquisition, decision and action are the major features of smart M-IoT. Management of information and building contextual relationships are the other unique characteristics of smart M-IoT.

B. Challenges of Smart M-IoT
Despite a huge set of advantages, there are some crucial challenges associated with the fully-functional usability of smart M-IoT applications. These include, • Complexity of design: M-IoT faces a major challenge because of design complexity for both its applications as well as network. The applications must be low-complex and must not require extra knowledge for operations by its users. Further, with the requirements of ease of use, M-IoT may cause excessive burden on the developers for designing an easy to follow and deploy environment. • Interaction policies: Smart M-IoT is governed by the rules through which applications interact with each other for facilitating the services to its users. However, the difference in the configuration and operable technology makes it difficult for using common interaction policies for all M-IoT devices. Thus, the formation of rules and generation of interaction policies through consensuses are extremely tedious in M-IoT. • Security: Independently on the technology, security has always been a concern for all types of IoT applications.
Prevention against known and unknown attacks and mitigation of zero-day possibilities are the key requirements for security solutions which aim at regulating M-IoT applications [42]. Security solutions must be light-weight and should be able to handle the tradeoffs with the performance of a device or the network. Apart from general security, these networks are also subject to crucial requirements of handover security, which can be obtained through existing authentication mechanisms while focusing either on pre-authentication or post-authentication mechanisms depending on the needs and requirements of an application. Management of insider threats and policing are other requirements of security solutions [43]- [46]. • Privacy: With most of the applications personalized in M-IoT, leakage of a users' information may pose a huge threat to the entire network and can destroy an individual's belongings. With billions of devices in place, data privacy may be a reason for huge performance overheads in these networks. Thus, it is inevitably important to support data privacy which is otherwise a key challenge for smart M-IoT. • Trust: Security and privacy are established through trustrelationships between the service providers and the users. Trust validations and support for common-reputation systems that can guarantee a low-overhead based mechanism for trust-maintenance are a huge challenge for smart M-IoT networks. • Low-complexity protocols: Different applications need different protocols to communicate, which raises concerns about compatibility issues in terms of protocol selection and arriving at a general agreement during sharing of context between the cross-platform applications. Thus, designing of low-complex protocols with high compatibility and ease of upgrading are the key challenges to handle in smart M-IoT applications. • Lifetime: Since the devices in M-IoT are operable through batteries, it is required that the applications, as well as network architectural support functions, should not cause an excessive computational burden on the devices which may deplete their resources leading to a network shutdown. Thus, enhancement of life, capacity and coverage should be managed in smart M-IoT networks. Apart from these issues, some of the key attacks in M-IoT, against which effective countermeasures are required, are listed in Appendix. Table V and the summaries of characteristics, challenges and technologies are shown in Fig. 4.

C. M-IoT Technologies, Standards, and Stacks
There are a plethora of articles that have discussed various technologies, standards, and stacks which are applicable to M-IoT. However, to make this article self-contained, general information on some of these are presented in this section. For further clarification, an illustration of a general overview of M-IoT stack is shown in Fig. 5, which can be further studied from [47] [48]; and an exemplary illustration of security, trust and privacy formations in M-IoT is presented in Fig. 6. At present, M-IoT is based on low power and  [54] and [55]. Apart from these technologies and standards, there are different types of stacks used for supporting smart mobile communications in IoT. However, the general use of stack can be application or network specific and varies as per the configurations of each device. Usually, the stack selections will be affected by the technologies adopted for communications in M-IoT. It is recommended to form compatible and ready-to-integrate models which can be easily deployed in any sort of scenarios irrespective of the device configurations, type and make. Stacks applicable for general IoT can be used for extending services in M-IoT but with modifications to their operating policies as the majority of the traffic flow is maintained on the devices that are nonstatic in nature [56]. Some of the key solutions for IoT stacks include IBM-Watson IoT [57], Microsoft Azure IoT suite [58], OpenIoT [59], OCF [60], etc.

D. Vulnerabilities in smart M-IoT
Information security is the major factor driving security in smart M-IoT. These are lead by the studies on vulnerabilities and loopholes at the hardware level, protocol-level, and application-level of M-IoT. Vulnerabilities are studied based on the mode of attack and assessment into different types of classes, related to hardware, protocol, application, software or organizational [  known vulnerabilities can be prevented by taking several countermeasures against each of the exploits, however, for unknown vulnerabilities, it is tedious to distinguish and resolve until the severity of exploits are unknown [63]. For major of the smart M-IoT, date of release or disclosure plays a crucial role in prevention and it helps to decide the window of prevention. The release of security patches and security updates are further accounted based on the disclosure dates. Usually, increasing the speed of deliverables causes an impact on the debugging phase, which may lead to several possible vulnerabilities unhandled. In smart M-IoT, most common vulnerabilities are identified as the OS level or the application level. The protocol level vulnerabilities are usually known and steps can be determined based on the deployment. However, in several cases, where protocol security is based on credentials, their theft can lead to severe consequences. Some of the key issues causing/leading to vulnerabilities, as discussed by Open Web Application Security Project (OWASP) [64]- [67] (Fig 7), for smart M-IoT are listed below: • Insecure infrastructure: One of the main causes of vulnerabilities in smart M-IoT is the insecure infrastructure that supports transmissions for the involved devices. Architectural layout plays a key role in accessing the network and prioritizing its security. The dominant mode of connections for M-IoT is a cloud, edge, fog architectures, which needs to be prevented from unauthorized access. • Common managing interface: The services which are obtained through a common managing interface are more likely to fall prey to vulnerabilities than the services which are handled by the individual servers. This can be further seen from another dimension. The exploit of vulnerabilities over a common interface may expose the additional services provisioned through it. • Insecure protocols: The protocols mounted for data sharing and authentication in smart M-IoT may be vulnerable to attacks leading to authorization and access control. Thus, the unlimited role of users and non-predetermining the security of the underlying protocol can be other issues causing vulnerabilities in smart M-IoT. • Inefficient transport and data encryption: Usually the broadcasted traffic is not encrypted to avoid performance issues. Thus, vulnerabilities related to access control, such as eavesdropping, is always possible because majority messages are not encrypted. • Cross-site scripting (XSS): Such vulnerabilities are related to insecure web access and are based on access controls such as the same-origin policy, which is applicable to all the devices in M-IoT. Self and mutated XSS are major concerns to be taken care of while dealing with these types of vulnerabilities. • Firmware insecurity: Identification and decision on firmware insecurity is not an easy task. These involve expertise and a common user may easily be fooled to disclosing his/her devices to malicious agents.  allow different processes to take control over the device and allow unauthenticated scans. Majority of them are caused by presenting the requirements of an installed application. Non-evaluation of the downloaded application and free access to control the devices leads to several application-level vulnerabilities. • User policies and patching: In the majority of the cases, vulnerabilities are exploited due to limited action from the users. Delays in updating the security settings and unawareness of the released patches lead to the majority of the vulnerabilities. Nowadays, organizations are taking several key steps to force the security updates, still, there is a gap between the user-understandings and update procedures, which lead to several exploits and threats on smart M-IoT. Key solutions and possible remedies for preventing the abovediscussed vulnerabilities are given below: • Access control: Limiting the control over device-data and allowing authorized applications to access can help limit the exploits on the known vulnerabilities. Evaluating the content to be accessed and components of shared-data can further elevate the security of devices in smart M-IoT. • Quick identification and release of patches: It is determined that mode and action and time of action play a key role in preventing a device. Thus, quick identification of vulnerability, release of security patches and installing them are major actions that can prevent against severe attacks. • Credential management: For the network-based vulnerability prevention, credential-management, its security, and protection can help to ensure security and privacy for devices. Credential management prevents access to sensitive data and keys which are necessary for encryption as well as securing the communication channels. • Firmware security: It is desired at the developer level to maintain the bug-free release of firmware. Thus, a strong debugging and evaluation against known vulnerabilities must be carried before supplying it to the users or even assemblers. • Device policy compliance: It is necessary that users must comply with the policies laid for a particular device and should not break the codes, which may allow unauthorized applications to take control over a device. Such a vulnerable device may expose the entire network and it is the responsibility of the user to maintain the functionality of the device within the laid guideless. • Script disabling: Majority of developers have shifted their focus on developing applications which do not require client-side scripts. Thus, from futuristic developers, preventing scripts can allow security against vulnerabilities without affecting the services. • Continuous application security: Identification of application security must be followed by the release of the security update or newer versions. Thus, continuous monitoring of applications is required to prevent possible vulnerabilities. Moreover, this is also an effective strategy to prevent the possibilities of zero-day threats and attacks. There are several studies that have been dedicated to vulnerabilities in M-IoT and can be followed from [68]- [75]. Based on these, it becomes inevitably important to understand the concept, issues, scope and strength of present state of security, privacy and trust for smart M-IoT.

E. Security, Privacy, and Trust for smart M-IoT
Because of a difference in mode of deployment and applicability, security, privacy, and trust of M-IoT devices are of utmost importance. These differences in the characteristics of involved devices raise an alarming factor for securing and isolating each user's operations as the variation in behavior and operations of each device may lead to different kind of threats based on their specifications [76]. Thus, it is important to study all the aspects related to the security, privacy, and trust of smart M-IoT networks. Majority of the threats occur due to inadequate configurations of security properties and some of them are the vulnerabilities that remain undetected over a course of time due to the negligence of their developers [77] [78]. Minimizing data acquisition, supporting M2M routing, resolving hidden terminals and encryption can help to secure and privatize each user's data and information.
F. Methodologies for Analyses of Security, Privacy, and Trust in Smart M-IoT An approach is secure for the time being it is not broken, which means security is difficult to analyze as there are no direct simulators and emulators to be used for evaluation of a system for these requirements. Visualization is another big issue for such requirements. Visualization of trust can be obtained as it is comparatively easier to define trust as a metric between the communicating entities; whereas security and privacy are governed by rules and policies which can only be evaluated in an attacker environment. Creation and demonstration of such an environment are difficult as it requires a lot of automation, which is not applicable to most of the available tools. Majority of the solutions are formally analyzed using BurrowsAbadiNeedham (BAN) logic, which is operated on belief theory [102] [103]. Some approaches follow reduction techniques, while others simply rely on evaluating the computational cost of operations. Apart from these, some other methods include formal semantic evaluations, equational theory, etc [104]. Cryptographic solutions can be evaluated using random oracle model, inductive methods, provable security, etc [105]- [107]. Model checking and theory of proving are used by some approaches for evaluating the flow of their solution. There are certain tools available which can be used for these evaluations like, Automated Validation of Internet Security Protocols and Applications (AVISPA), A Computational Logic for Applicative Common Lisp (ACL2), ProVerif, Scyther, etc [108]- [111]. Irrespective of these evaluations, it is recommended that solutions should conduct certain case studies while presenting outputs of their proposed schemes and should demonstrate the effects on the performance of the system and the network.

IV. SECURE FRAMEWORKS FOR SMART M-IOT
M-IoT networks are vulnerable to a different set of attacks which can be launched due to improper configurations and deployment strategies. It is required that these networks are deployed with ultra-reliable formations, which help to hinder launching of any unknown as well as known attacks. Further, security implications, assessment, and threat modeling can help to identify any such possibilities at a prior, which may support prevention against intruders during the operations of IoT devices [112] [113] [114]. Siboni et al. [115] highlighted the importance of a framework for securing the content in wearable IoT devices, which are considered as an important part of M-IoT systems. The authors developed an innovative testbed setup for evaluating the security policies of dynamic IoT devices. The need of the hour is to provide such a framework that can be used for supporting the security requirements of Cyber-Physical Systems (CPS) that heavily rely on M-IoT devices for their regular operations [116]. Authorization, privacy as well as physical security and anonymity should be the core aspect of frameworks, which primarily focus on the security of smart M-IoT networks [117] [118]. Although the existing frameworks provide a base for network formations, these have to be operated with a different set of schemes, protocols, as well as policy-mechanisms for a fully-reliable and secure network establishment.
The smart frameworks should also support the cryptic techniques, that can be built into its system through separate modules [119] [120] [121]. Deployment of M-IoT through SDNs and use of smart IDS are the future aims of the present systems, which tend to facilitate the security of applications operating over low-powered devices [122] [123]. Use of newer concepts, such as fog architecture, Internet of drones, catalytic computing and osmotic computing, can be considered as a base for developing frameworks that can sustain the burden of security as well as the performance at the same time [124]- [128]. Based on the security requirements, a taxonomy is presented which classifies the security frameworks for smart M-IoT, as shown in Fig. 8. The details of these classifications are presented below:

A. Access Control and Authorization-based Framework
The security of devices in M-IoT is subject to the management of accessibility and authorization for using particular services as well as personal data. This type of frameworks helps to limit the control over the usability of network components and provides strong mechanisms for securing the users. The strength of its security lies in the novelty of architecture used for supporting convergence services to M-IoT users. There are some works in this direction, which highlights the main features of access control and management along with user and service authorizations. However, the majority of them operates on general IoT scenario and lacks evidential commitment on their applicability to smart M-IoT scenarios. The access control and authorization-based frameworks can be further classified into three main types as shown below: • Policy/Rule-based: The main aspects of such type include user authentication, device authentication, resource authorization, Constrained Application Protocol (CoAP) access control and etc. The solutions in this direction focus on acquisition and control over services and user modules to infrastructure security of its network. The main property of this type is the formation of governing conditions, on the basis of which, certain rules and policies are defined for securing the users and services. Solutions in [79]- [84] focus on providing frameworks which utilize user and device authentication through policy and rules over device operations in different network setups. • Behaviour-based: This type of access control and authorization depends on the mode of the user's interaction with other users and entities in the network. The operational activity of the users is taken into account for access control Behaviour-based [85], [86] Hybrid [87], [88] Prediction-based [89] Probability-based [90], [91] Standard-based [92] Primary [93], [94] Secondary [95] Grouped [91] Time-bound [86], [96] Resource-bound [80], [83], [97] Hybrid [85] On-site [98]- [100] Off-site [46], [99], [101]  and defining conditions of authorization for demanded services. Such types of security frameworks are well suited for modern services such as smart building, smart cities, and smart factory [85], [86].
• Hybrid: There are certain solutions for access control and authorization, which form policies or rules by using behavioral aspects of the network entities to ensure its security and continuity in operations. Such types of frameworks are termed as hybrid access control and authorization-based frameworks. Credential-based services and intelligent solutions use such kind of mechanism for ensuring security in a network [87], [88].

B. Risk-Assessment-based Framework
Identification of potential conflicting components and users through detection modeling is mainly studied under riskassessment-based frameworks for security in smart M-IoT. Such kind of frameworks helps to pre-identify any potential risks involved in leveraging services through a particular aspect of the network. These aspects may include situational awareness of every involved entity of the network. Based on the mode of identification, risk-assessment-based frameworks can be further classified into three main types as shown below: • Prediction-based: The Framework which identifies and manages risk through predictive or estimated evaluations of the network components are termed as prediction-based risk assessment frameworks [89]. Such type of frameworks considers prior and current states to identify the mode of operations and uses decision modeling to arrive at a decision of potential risks in the network. • Probability-based: In probabilistic-based, the network is evaluated for different kind of operations which are executed over a period of time. Then, each process is operated with a probabilistic model which then helps to finalize the probabilistic cost of the networks, while providing knowledge about the factors which dominates the most and can affect the performance as well as security policies. The most common aspect of such frameworks is to identify attack success possibilities in a network while using parameters like false positives, false negatives, accuracy, recall, and precision as considered in [90], [91]. • Standard-based: Most of the organizations have a predefined set of conditions which are to be fulfilled by every framework which aims to provide a special kind of services to its users. Majority of these conditions are the benchmark and supported by standards organizations such as International Organization for Standardization (ISO), Institute of Electrical and Electronics Engineers (IEEE), International Telecommunications Union (ITU). These organizations provide guidelines for every framework to justify its security considerations for the defined services.
One of the examples can be the forensic study of a framework for its applicability to support on-demand services to the mobile users [92].

C. Authentication-based Framework
Authentication of the users and devices in smart M-IoT is of utmost importance and highly crucial. It is required that all the services are provided only to the users which authenticates themselves with the security servers usually Authentication, Authorization, and Accounting (AAA) in any network. These security servers ensure the safety of other legitimate and authenticated users by providing a secure mode of communications. One of the crucial aspects of authentication is the positioning of authentication-server along with the number of passes required to reach it. The mode of authentication is quite vast, but for smart M-IoT, it can be classified into primary mode of authentication, the secondary mode of authentication and group-authentication. The choice among each of them depends on the types of device, network architecture and types of services to be supported by the involved entities. The details on each of them are provided below: • Primary: The authentication which is performed with the core of any network while using the secure channels between the entity and the authentication server is known as primary mode [93], [94]. Such kind of authentication is much secure but often suffers from the consequences of long paths and requirements of route optimizations.
Despite its advantage of providing robust security, it often causes additional overheads if each time an entity has to be authenticated through it even in the cases it is always present in the perimeter of the same network. However, the majority of existing solutions prefer a primary mode of authentication because of the ease of deployment and maintenance. • Secondary: Usually, networks which have data to be constrained in a particular periphery or premises opt for the secondary mode of authentication. Such a model is responsible for securing a particular set of nodes which are entitled to communication within the zone of the secondary authentication server [95]. Secondary authentication also uses an initial primary authentication for registering its services and users to the core of the network and after initial phases, all the security concerns are managed by it.
With the evolution of smart networks, it is preferred to use a hybrid mechanism as it helps to provide a flexible as well as robust security that too with lower overheads. • Grouped: Another mode of authentication can be the group authentication, which entitles similar entities to be authenticated as a group through a common gateway. Group authentication depends on the type of devices involved in a group, and procedure of authentication depends on their type. Some groups with highly crucial devices may involve strong authentication while the ones with limited resources may require light-weight authentications so as to prevent any excessive utilization of their resources [91].

D. Secure Services-based Framework
Type of services affects the security of a network. Some services may require light-frameworks which are easy on resources while others may require fast processing frameworks which operate with lesser delays and fewer overheads. Such type of frameworks is usually related to the authentication facilities supported for managing the security of the network as the authentication phase is itself responsible for resource consumption and delays. Based on the requirements of services, these frameworks can be classified into time-bound, resourcebound, and hybrid frameworks as explained below: • Time-bound: The frameworks which operate with time as a crucial entity in securing the services and the users of a network are studied as a time-bound services-based framework. As studied in [86], [96], such frameworks are lightweight and highly fast in processing and evaluation of security policies. Usually, such frameworks perform periodic evaluations on the time consumed in authenticating users and allocating communication uplink for data transmissions. Evaluation time, discovery time, and authentication time are the crucial parameters in timebound security frameworks. • Resource-bound: Most of the devices in smart M-IoT are low on resources and suffer from the threat of average lifetime. Usually, their lifetime is driven by the energy and memory consumed by the services operational on each device and often the mandatory services consume the majority of their services [80], [83], [97]. Thus, it becomes important to develop frameworks which focus on the security while keeping a control on the utilization of M-IoT resources with a limited burden on the operational control and activity of the device. Such type of frameworks uses checkpoint mechanism to manage the resource consumption for the security of M-IoT applications. • Hybrid: Nowadays, the smart applications tend to be time-bound as well as resource-bound. Thus, there is a requirement of frameworks which can apply both these features while forming a hybrid services-based framework that can use both the resource-checkpoints as well as periodic evaluation of security policies for securing activities in smart M-IoT. Accessibility and response time can be considered as mutual parameters for accessing the performance of such frameworks [85].

E. Anomaly Detection-based Framework
Identification of false users, false services and false entities in a network is studied under this category. It is a responsibility of security framework to identify communities and users which pose potential risks to legitimate users of the network. Further, such a classification helps to manage the flow of information as well as limit the accessibility of users with harmful properties and high risks to network services. Anomaly detections are performed by checking the correctness of a device or user against the predefined policies of accurate operations. On a broader side, such frameworks can be classified into on-site and off-site evaluators with the description as given below: • On-site: The real-time evaluation of the users for legitimate and accurate operations is classified as on-site or real-time anomaly detection. Such type of detections is performed by deploying real-time Intrusion Detection System (IDS) which dedicated sniffs the traffic without breaking its flow and without any excessive overheads [98]- [100]. Majority of evaluations are conducted through sandboxes which do not reveal their identity to the users and prohibits anomaly users from accessing the services across the network. • Off-site: In some cases, real-time evaluations may pose an excessive burden on the network and it is difficult to analyze the high flow of data. Such networks are evaluated off-site at their respective data centers which check for the presence of any abnormal activity for each of its users. Usually, such type is suitable for scenarios which allow delayed transactions without affecting the services such as payment gateways or smart-phone updates [46], [99], [101]. In addition to above, anomaly detections can be classified as periodic or continuous depending on the time and procedure of detection.

F. Summary and Insights
In this section, we have summarized different types of frameworks, which help to secure the operations as well as the network layout of smart M-IoT. The summarized study divides the existing solutions into five broad categories and Classification of secure protocols in smart M-IoT
V. SECURITY-AWARE PROTOCOLS FOR SMART M-IOT It is to be considered that with the introduction of new technologies for communications, the links between the M-IoT devices have grown up to many Gigabits, which means the window to perform security operations has further decreased, and it is extremely challenging for the researchers to accommodate existing security policies in such a short timing window. Thus, protocols for M-IoT security are yet to be revolutionized on the basis of their applicability and reachability for M-IoT applications.
Security protocols prevent unauthorized attempts for using resources or data in a defined network [27] [158]. Communications in M-IoT are usually handled by the dissemination protocols like CoAP, Advanced Message Queuing Protocol (AMQP), Message Queuing Telemetry Transport (MQTT), Domain Name Server-Service Discovery (DNS-SD), etc [159], whereas security is supported either by enhancing the features of these protocols; or by using existing security protocols with the routing schemes; or by designing novel security and communication schemes which are usually specific to applications [160] [161]. Such solutions may operate well in one scenario and may fall prey to different types of attacks if their application area is changed.
The success of the security protocols is affected by the compliance degree of a user with the recommended settings [162] [163]. It is required that security protocols should not affect the performance and their operations (like encryption and decryption) should be completed without many overheads.
Protection of Peer to Peer (P2P) and Peer to Multi-Peer (P2MP) links is one of the major challenges while designing protocols for the security of M-IoT. Protocols can be protected either by following asymmetric mode or symmetric mode in their key operations. The location of AAA server and its optimized placement are other issues to be resolved in M-IoT. Moreover, Route optimizations are additional concerns which have to be taken care by the security protocols.
Previously known protocols, like Secure File Transfer Protocol (SFTP), Secure Sockets Layer (SSL), Hypertext Transfer Protocol Secure (HTTPS), Session Initiation Protocol (SIP), can be adopted for network security while authentication can be governed by Authentication and Key Agreement (AKA) as it is one of the standard protocols used for security in 3G. Some other crucial protocols include Extensible Authentication Protocol  [140].
The security protocols in smart M-IoT can be studied by classifying them into routing-based, authentication-mode based, authentication-hierarchy-based, and property-based mechanisms, as shown in Fig. 9. The details are as follows: A. Secure routing-based There are a plethora of solutions, which focus on providing secure routing for smart M-IoT applications. The routing schemes which are available for general networks, be it reactive or proactive, holds true for smart M-IoT setups. Existing routing mechanisms can be used while leveraging the security guidelines to secure the communications between the M-IoT users. From a broader point of view, the secure routing-based protocols can be classified into following types: • Route Optimization (RO)-based relaying: Finding shortest paths and reducing the path of authentication can be attained through optimized relaying in the networks. Such RO-based relaying often removes dependencies from the intermediate entities to provide low-overhead based solutions for security [129]. • Trust-based relaying: Finding nodes on the basis of trust calculations and using them for transmissions are another kind of security protocols. Such protocols use trust as a weighted metric for calculating paths between the users in M-IoT [130].
• Cluster-based relaying: In some scenarios, network entities operate in a group while depending on a core entity which acts as their head leading to the formation of multiple clusters in the network. There are certain routing protocols which aim to support the security of communication between the cluster heads allowing secure relaying between the nodes with lesser overheads and computational complexity [131]. Clustering is effective in case the protocols depend on group-based authentication, however, in primary and secondary modes of authentication, it may cause excessive overheads. • Secure-Medium Access Control (MAC) based relaying: Control over timing policies and accessibility of user operations lead to the requirements of a secure MAC based relaying for users in smart M-IoT. Such relaying protocols use command over congestion window and packet forwarding policies to control the flow of packets as well as uses cryptographic solutions for securing its relaying procedures [132], [133]. - [136]. Such a relaying can be effective in scenarios where the resources are limited and the lifetime of the network is of utmost importance. • Topology-based relaying: Identification of nodes on the basis of their location and checking the path of authentication before transmissions lead to the formation of secure topology-based routing [137]. Such protocols are effective where the dynamic nature of nodes is crucial and often changes. However, it is difficult to control such scenario and topology-aware relaying is often combined with mobility-management procedures for attaining a secure and fast relaying. • IP-based relaying: This is the core relaying mechanism for the majority of the mobile applications as it uses Mobile IPv6 (MIPv6) and Fast Mobile IPv6 (FMIPv6) procedures to support the selection of nodes. Further, the security in such protocols is provided by proxy-mechanisms and can be seen in various proxy-based protocols such as Proxy Mobile IPv6 (PMIPv6) and F-PMIPv6 [138]- [140]. Such relaying solutions can be combined with media independent schemes to form Media Independent Handover (MIH)-PMIPv6 relaying with specific implementation over smart M-IoT applications. • Mobility-based relaying: Mobility management is often studied as a part of handovers; however, existing routing schemes can be classified on the basis of mobility management. Such schemes are responsible for securing the path of the nodes when they are moving in an intraor inter-mode of a given authentication server. Mobility management schemes can be studied as distributed, centralized, semi-distributed or even hierarchical [129], [141], [142].

B. Authentication mode-based
Similar to authentication-based frameworks, authentication protocols allow identification of legitimate users which can interact with each other for acquiring particular services over the network. Authentication protocols help to validate the users for transmissions in M-IoT. The vulnerability and importance of M-IoT demand the employment of exceedingly reliable methods in the design of secure systems. Authentication protocols are one of the most important design parameters. These protocols help to achieve a reliable trust and security for exchange information. On the basis of mode of operations, the authentication protocols can be classified into following two types: • Proactive: Authentication protocols which focus on preverification of the users before beginning the transmissions are termed as proactive authentication [140], [141], [143]. Such schemes are highly reliable but sometimes slower in operations. Thus, these are often the primary preference of setups that focus on the services over smart M-IoT. • Reactive: Authentication protocols which focus on the on-demand verification of the users and support a direct linking between the network users are termed as reactive authentication [144]. Reactive authentication is fast in operations, but is usually, vulnerable to a lot of network attacks which raises a question about their secure usability for smart M-IoT. However, with modern solutions like crowdsourcing and blockchains, reactive protocols can easily be extended and secure for their usability in smart M-IoT setups.

C. Authentication hierarchy-based
Authentication involves multiple entities which secure themselves by verifying each other either directly or through an Authentication Server (AS). On the basis of operations and hierarchy, authentication protocols can be classified into oneway or two-way authentication based protocols.
• One-way authentication: One-way authentication involves user-side verification with respect to the rules provided by the governing server (AAA or AS) [145]. The genuineness of the users is proved by the properties which are only shared by the user itself. • Two-way authentication: Two-way authentication involves both user-sides as well as server-side verifications [146], [147]. The genuineness of the users, as well as the servers, is proved through their respective properties which are shared amongst them. Two-way authentication can further be extended into different modes of handshakes depending on the level of security to be verified before beginning the transmissions.

D. Property-based
Security protocols can also be classified on the basis of properties which are used for securing the transmissions between the nodes. Based on some key requirements, the security protocols can be categorized on the basis of following properties: • Freshness-based: Freshness means that messages exchanged in a session are generated specifically for a particular session. The attacker cannot use the previous session for messages. Freshness based protocols are used for communication between the two parties by establishing a secure channel on the basis of the freshness of sessions. The receiver believes that the obtained information is fresh and authenticated. Freshness is achieved by updating keys and sessions through consistent changes in parameters like seeds, nonce and sequence numbers of involved entities in smart M-IoT. Approaches based on freshness of keys and sessions are discussed in [129], [139], [147]- [153]. • Encryption-based: Encryption is an interesting piece of technology that works by scrambling data or information so it is unreadable by attackers. Encryption is a keybased approach to combine confidentiality and integrity, and provides a secure mechanism against external threats such as chosen plaintext and chosen ciphertext attacks. Encryption based protocol ensure the confidentiality of sharing information between the users in smart M-IoT [129], [137], [139], [146], [147], [149]- [157]. • Access-based: Limiting the users from accessing a particular service is one of the key requirements of smart M-IoT applications. Protocols which can help to define role to every user and control their activity are classified into access-based security protocols. There are a lot of existing solutions, which aim at enhancing the security of the mobile network by limiting the user operations while using the policies for information flow, management, and control [129], [146], [147], [149]- [157]. A highly stabilized access control protocol can prevent misleading or eavesdropper from gaining access to crucial information in smart M-IoT. • System Integrity-based: System integrity protection is a necessary step to ensure a high level of security. As discussed in [115], [139], [146], [147], [149], [152], [156], [157], development of system integrity protection protocols can help to manage information disturbances and prevent attacks. The involved parties in smart M-IoT setups want to assure that all the remote data they receive is from systems that satisfy the users' integrity requirements. Therefore, it is important that system integrity based protocols can protect the information results from being polluted by attackers.

E. Summary and Insights
In this section, we presented a detailed study on securityaware protocols for smart M-IoT. Following the abovediscussed classification, some major contributions to security protocols which are applicable to M-IoT are highlighted in Appendix. Table VII. The existing protocols are evaluated on the basis of system integrity, freshness, confidentiality, mutual authentication, access control, overheads, encryption, and non-repudiation. Apart from these, several schemes can be followed from SPORE [183], which is a repository of security protocols.. Over the last decade, protocols have been improvised by utilizing security as a crucial metric to decide a

VI. PRIVACY PRESERVATION APPROACHES FOR SMART M-IOT
Data in M-IoT is highly crucial as well as sensitive and any eavesdropping may result in leakage of users' personal information [184] [185]. With data processing reaching a fine granularity level, it becomes tedious to privatize the content as new issues arise because of many dependencies on the platform used for transmissions. The collection and control of data are two of the main reasons that increase threat-level for data privacy in M-IoT [186] [187] [188]. With the difference in architectural deployment, smart M-IoT possesses large-scale implications for removing issues which may leak the entire information of the networks. Most of the approaches fail to support access control and authorization while deploying applications for smart M-IoT networks. Reducing the reachability of every user and keeping a watch on the amount and level of contents accessed by an individual can help in privacypreservation [189] [25] [190].
Encryption of data for every link can further help this cause, however, with the networks attaining a high-speed property, it becomes necessary to support both encryption and decryption at a rapid pace [191]. Majority of the intermediate procedures should be done on the cipher itself, as this will help to prevent any unauthorized decryption of the text being shared between M-IoT devices. Further, approaches can use customized identifiers for creating policies for maintaining the anonymity of access between its users. Along with these, prevention of hidden terminals is another major requirement for privacy-preservation [192]- [195].
Practical problems like network partitioning and isolations increase the risks of leakage of data and it is necessary to formulate approaches that can help to identify such issues before-hand and with low-complexity [196]- [200]. Data privacy can be guaranteed by using solutions, which prevent sniffing and do not yield any information even if discovered by intermediates [201] [202] [203]. This can be further enhanced by using non-store approach, which refers to the immediate forwarding of the data without consuming the excessive time stamp as well as keeping the freshness of the keys. Privacy can further be assured by preventing third party-based evaluations as these may disclose the encryption mechanisms of the entire route as well as of the traffic [204].
Distribution of incoming traffic not only prevents DoS or DDoS but also helps to make sure about the identification of any eavesdropper that may be listening to the incoming or outgoing traffic [205] [206]. Updating security policies, maintenance of logs and refining network architecture at regular intervals for the detected traffic and anomalies can further help in privacypreservation of M-IoT networks [207]. Some of the major contributions on data privacy in IoT, which are applicable to M-IoT architecture, are discussed in Appendix. Table VIII. These schemes can be further classified into four major types, encryption-based, architecture-based, protocol-based and toolbased privacy preservation, as shown in Fig. 10. The details of each of these are provided below:

A. Encryption-based
Privacy is mainly the protection of personal information of users and devices in smart M-IoT. Disclosure of information can be protected through encryption of data which prohibits any eavesdropper from obtaining any knowledge even if he or she is able to capture the majority of its parts. Encryption-based schemes are not different from usual encryption algorithms. Thus, the existing solutions can be classified into traditional encryption schemes on the basis of algorithm or mechanism used by them for protecting the data. These types are as follows: • Symmetric encryption: The symmetric key encryption relies on the same key for encryption and decryption i.e. the key used for the encryption and the decryption should be same at both the parties. Symmetric-key encryption is essentially the same as a secret code that each of the two entities must know in order to encrypt and decrypt information. The symmetric key encryption has the major problem of exchange overheads of keys between the two parties, especially with maintaining trust when encryption is used for authentication and integrity checking [169]. • Asymmetric encryption: Asymmetrical encryption is also known as public key cryptography, uses two keys to encrypt or decrypt of a plain text. The secret keys are exchanged over the Internet or a large network. The message encrypted by a public key can only be decrypted using a private key and similarly, data encrypted using a private key can only be decrypted using a public key [170]- [177]. Asymmetric encryption is far better in ensuring the security of information transmitted during communication. • Homomorphic encryptions: Homomorphic encryptions allow complex mathematical operations to be performed on encrypted data without compromising the encryption. The encrypted data set is transformed into another data set by preserving relationships between elements in both sets. Studies conducted on the topic of Homomorphic encryption in [178]- [180] highlight their applicability over the smart M-IoT.

B. Architecture-based
Privacy preservation schemes can also be marked on the basis of architecture used for deployment and operations. Generally, the existing solutions depend on a centralized mechanism, but with solutions like blockchain which primarily uses public key operations, the architectural deployments become distributed.
• Centralized: Approaches which use a controller or centralized entity as a key enabler for privacy-preservation are studied in this type. Centralized solutions are effective from the monitoring perspective, but these pose a threat to a single point of failure which is difficult to sustain for any network [181]. Especially, in smart M-IoT, if all the traffic is regulated by the centralized authority, it becomes necessary to develop schemes which will define the policies of load management as well as prevent excessive utilization of resources for the traffic coming from a single source. • Distributed: Such schemes depend on the distributed and flat nature of architectures and prevent a common point of failure as privacy preservation is initiated by the user or a node which are abstracted from other components of the network. In some scenarios, multiple nodes are used for defining policies for privacy preservation. However, the success of such approaches depends on their compliance degree and synergy in supporting common algorithms for a large set of nodes [166] [182].

C. Protocol-based
As discussed in the protocol section, privacy can be supported by defining rules which are operated as a part of conditions and help to decide on the sharing of information between the users. Protocol-based privacy is easier to achieve and an efficient way for networks that operate in close proximity to each other [154], [166]. Such schemes are extremely useful for networks using crowdsourcing and can be used as broadcast mechanisms for blockchain-based distributed solutions for privacy preservations.

D. Tool-based
Such an approach is easier to manage as it only involves process like masking, tagging or user-controlled policies [130], [167], [168]. Tool-based privacy is governed by the properties and services offered by the application platforms running for smart M-IoT. However, the correctness of such solutions is dependent on the legitimacy of the service providers and their honesty which cannot be measured through any tool and depends on the level of commitment to their users.

E. Summary and Insights
In this section, we summarized the privacy-preservation approaches for smart M-IoT on the basis of encryption, architecture, protocols, and tools. Data privacy is achievable through message protection and protocols can be used for authorizing applications and users before accessing personalized data of the smart M-IoT owner. Privacy can be attained through novel security protocols as well as positioning of AAA that can ensure the end to end data privacy.
Policy-based, identity-based, ID-based, attribute-based encryptions and Public Key Infrastructure (PKI) can be the major enables for privacy preservation. Solutions, like blockchain and tangle (directed acyclic graph), can be used for preserving privacy through transactions between smart M-IoT users. The choice of encryption plays a key role as it affects the policies of session management between end to end devices based on the factors like freshness, integrity and perfect forward secrecy, which are attainable through secure key operations. More advances are expected in tool-based privacy preservation as well as personalized management as users are becoming much aware and demand personalized settings for each operation.

VII. TRUST MANAGEMENT APPROACHES FOR SMART M-IOT
M-IoT aims at maintaining a secure relationship between the entities involved in service provisioning as well as data dissemination [229] [230]. Most of the trust-enabled networks establish a reputation system based on a centralized entity that can help to check whether a particular node in the network can be relied upon or not. Such evaluations of reliability are an integral part of trust management systems [231]. With a billion of devices, the complexity of maintaining trust increases and it becomes relatively difficult to handle such an enormous number of devices, which leads the network into attacks by false reputation enhancement of an intruder [232].
Most of the trust management systems are governed by policies which are decided on the basis of the configurations of the network as well as the types of services supported by the M-IoT devices [233]. Trust management depends heavily on

Classification of trust management approaches in smart M-IoT
Architecture-based Decision-based Property-based Third party-based Centralized [208] Distributed [209] Hierarchical [130], [210], [211] Policy-based [212], [213] Rule-based [214], [215] Reputation-based [216]- [218] Behaviour-based [219], [220] Heuristic-based [221], [222] Pattern-based [223] Anomaly-based [224], [225] Hybrid [226] Certificate-based [227], [228] Rating-based [217] [130] the distributed computations as slow computations may cause excessive overheads which are a hazard for secure systems. Crowdsourcing, computational offloading, dividing of service accessibility, distributed policy formations, distributed trust maintenance, and D2D computations, help in reducing the overheads and complexities associated with the building of trustrelaying systems for M-IoT [234]- [237]. Trust-based solutions for smart M-IoT can be classified into following types, as shown in Fig. 11: A. Architecture-based Trust in smart M-IoT is attainable through a unique implementation of architecture while placing each entity in such a way that it provides a pathway for believing each other before communications. On the basis of architectural setup, trust management approaches can be classified into following three types: • Centralized: It constitutes an entity which is present at the center of a given network and is responsible for handling trust computations for the entire network [208].
The problem with such a deployment is the risk of single point of failure. • Distributed: It constitutes trust evaluation through distributed entities which prevent a single point of failure. Distributed trusts are usually operated as P2P or P2MP, but not peer to all [209]. • Hierarchical: It constitutes calculations by using a layered architecture which focuses on evaluating trust for entities on each layer [130], [210], [211]. This allows selection of accurate nodes in the next order of hierarchy.

B. Decision-based
Trust is a decision-based entity, which in some cases is marked by following certain principles of communications.
Node management and selection of next hop are two of the examples of decision-based trust management. On the basis of ideology, decision-based trust management can be categorized into following two types: • Policy-based: Using conditions to take a decision on the situation of entities is treated as a policy-based solution.
The policy-based approach often results in a centralized or hierarchical solution as a governing body is required to form the policies for evaluating trust of the involved entities in smart M-IoT [212], [213]. • Rule-based: Using conditions to evaluate given information for generating relevant knowledge regarding the trust of an entity is treated as a rule-based solution. The rulebased approach utilizes any type of architecture; however, it always has dominance for deciding rules or a consensus model for arriving at a common decision while formulating principles of trust evaluations [214], [215].

C. Property-based
Trust is itself a property of a device in smart M-IoT. However, this core property can be classified into sub-categories through which trust can be ensured in any type of network as explained below: • Reputation-based: Reputation is a fundamental concept in several situations which can be involved in the interaction between mutually distrusting parties [216], [217].
Reputation-based trust relies on a "soft computational" approach to formulate the problem of trust. The trust systems rely on the basic idea of analyses and combination of paths and networks of trust relationships. Trust and reputation systems play a significant role in decision support for Internet-mediated service provisioning. Reputationbased trust management helps to mitigate the security complications of smart M-IoT [218].
• Behaviour-based: Behaviour-based trust models include a fixed evaluation scheme. The scheme uses the knowledge of behaviour in previous interactions and derives the trustworthiness of an entity [219], [220]. The behaviourspecific knowledge can be obtained from the feedbacks and recommendations. • Heuristics based: Heuristics are used to aid the decision or estimation process by evaluating indirect trust of an agent into the direct trust estimation. The decision formulation is handled with the estimation through metrics [221], [222]. • Pattern-based: A set of design patterns are used for designing systems with the explicit intention of increasing trust between entities. The behavioural patterns are followed to achieve a sustainable trust. Patterns are used to solve recurring problems in trust-based communications for smart M-IoT. Patterns have been developed in a range of disciplines for a variety of domains to make a trust model. The patterns can be obtained by behaviour, rules, policy, flow etc [223]. • Anomaly detection based: The anomalies are abnormal behavior which is intended to affect the systems. Anomalies can be detected based on their own signatures and settings. The rules and threat modeling can be done with the help of system behaviors and signatures. Anomalies are inspected over the high malicious network traffic to improve the detection accuracy of trust model [224], [225]. Signaturebased IDS are the well-known anomaly detection systems in smart M-IoT networks. • Hybrid: Such a trust management system which combines all the above-discussed solutions as a single mechanism is a part of hybrid trust management in smart M-IoT. Hybrid approaches use all the existing property-based approaches and choose the one which suits best to the given conditions and configurations [226].

D. Third party-based
Depending on external mode for calculating trust is one of the prominent solutions of modern day networks. Such a solution uses mechanisms like deep learning, data analytic, neural networks or AI for evaluating the trust of communicating entities. Based on the outputs from third-party evaluations, there can be two main types: • Certificate-based: Providing certificate of assurance on successful evaluation of required trust is easier and a comprehensive solution, which is also capable of providing a detailed report on the operations of a device [227], [228]. Third parties use certain policies, cookies, and cached entries to ensure trust while generating certificates for the required device in a smart M-IoT. • Rating-based: In certain scenarios, third parties are involved in giving ranking or ratings to each individual involved in the formation of the network. Such an approach is termed as rating-based trust management. A threshold is marked on the basis of some predetermined score and each entity is evaluated against this threshold value [217] [130].

E. Summary and Insights
In this section, we provided a detailed classification of trust management approaches for smart M-IoT. Trust relationships not only secure the M-IoT but also help in building reliable CPS. Evaluation of trust by using a limited set of metrics is a challenge for M-IoT, however, such a system offers huge scalability and can be operated with less management and better control [28]. Incorporation of software security, privacy control, and security constraints further strengthen the trust modeling in M-IoT. Along with these, trust-based solutions can be modeled into secure communication systems through security protocols, which use encryption policies for defining new security schemes by using a similar model of trust-relaying systems [238] [31] [239].
To summarize, a detailed state-of-the-art comparative study on various trust management schemes is presented in Appendix. Table IX, which can be extended for their use in the smart M-IoT environment. The table helps to understand the key features and parameters focused by most of the existing solutions along with their core ideology for maintaining trust between the IoT entities.

VIII. PHYSICAL LAYER SECURITY FOR SMART M-IOT
Unlike traditional security solutions, which focus on the logical aspects of the networks, physical security is hardest and difficult to follow because of a difference in the type and make of an M-IoT device. With each device following a different set of parameters and configurations, it becomes difficult to provide a common solution which can withstand the Channel State Information (CSI) requirements of the entire network while securing the physical transmission of the network [254] [255] [256]. Network coding and multiplexing approaches usually rely on cryptographic solutions only to reduce the complexity of physical layer; however, this makes the system vulnerable to different types of attacks that can be launched over the used mechanisms. With devices being operated on battery, physical layer security becomes far more challenging and should be attained with lesser overheads as well as a lesser number of computations. A highly burdened operation may deplete the energy resources and an operational M-IoT network becomes of no use. The types of technology, 3G, 4G/LTE or upcoming 5G, play a crucial role in selecting an approach that can fit into the physical configurations as well as can support the load at a dedicated frame size [255] [257] [258].
Designing of security schemes on the physical layer may seem to be difficult, but it provides all set of new opportunities for improving the QoS as well as QoE for the end-users. The strength of the physical layer security depends on the adversary model which is used for evaluating the developed solution [254] [259]. Such solutions are usually driven by the assumptions of the CSI as well as device type and may or may not stand once new vulnerabilities are discovered over a course of time [260] [261] [262]. The existing solutions can be broadly classified into two main types, service-based physical layer security, and channel-based physical layer security, as shown in Fig. 12. The details on both of these are presented below:

A. Service-based
Physical layer security in smart M-IoT can be obtained through service management, control over interference issues and performing accessibility management. Based on the services supported by the smart M-IoT, physical layer security can be studied in three parts: • Cryptographic: The solutions, which use cryptographic mechanisms for preventing any eavesdropping, are studied in this type. As discussed in [240], [241], these systems combine physical layer properties with cryptographic mechanisms to ensure the safety of communication between the devices in M-IoT. Such a security is complex to attain but powerful in applicability. • Access Control and Transmissions: The solutions, which control the signal possessions by the users as analyzed in [242]- [246], are studied in this type. Access control and transmission based solutions are generally low complex and focus on interference management along with control over secrecy probability. • Jamming: There are certain solutions as provided in [247]- [249], which prohibit users from unintentional uplink or downlink in a specified zone. These approaches are responsible for energy-efficient security at the physical layer.

B. Channel-based
Physical layer solutions which emphasize the security of channel used for communications are dependent on the signal alterations and induction of bit codes into the transmission medium. Such solutions should operate with a low-complexity and their operations must be completed in few nanoseconds. The success of these solutions depends on the type of communication setup used for transmissions and the approaches used for securing the bits. Based on the mode of operations, these can be classified into modulation-based and encodingbased solutions: • Modulation-based: Such schemes changes the signal properties (Amplitude, Phase, or Frequency) for preventing any eavesdropping on the transmitted data. In general, secure-spectrums can help to attain modulation-based channel security in smart M-IoT. These solutions are performed by using carrier waves [250] [251]. • Encoding-based: Using different codes for the security algorithms at the physical layer helps to secure the traffic and such an approach is classified into encoding based solution. These are performed through binary codes [252] [253].

C. Summary and Insights
In this section, we summarized the existing studies into two main categories of physical-layer approaches namely, servicebased and channel-based solutions. These solutions were further studies by classifying them on the basis of cryptographic mechanism, access control and transmission policies, jamming facilities, modulation, and encoding. From the study, it is evident that channel estimation, M2M modeling, fading losses, noisy models, energy-constraints are some of the crucial aspects to be taken care of while deploying security solutions for physical layer in M-IoT [275]- [278].
Physical security of the M-IoT network is also impacted by the burden of devices and interference-management, which are driven by the density of the network. Most of the physical layer security solutions are driven by Signal-to-Interference Ratio (SIR), Signal-to-Interference-plus-Noise Ratio (SINR), secrecy, outage policies, and transmit energies. Despite a plethora of approaches for IoT's physical layer security, there are only a few solutions which can withstand the requirements of M-IoT; thus, a comparison study is presented in Appendix. Table X, which helps to understand the reach and level of security provided by the existing solutions.

IX. HANDOVER SECURITY FOR SMART M-IOT
Handovers can be hard, soft, horizontal, vertical, terminal and network controlled, and terminal and network initiated. The handovers allow the shifting of radios between the same or different media in a network. M-IoT devices undergo handoffs once they leave their service-space and enter an area governed by a different entity. Most of the handovers in M-IoT are vertical that require efficient security measures for the protection of links during their switching [279] [141] [280]. There is a huge requirement of trust as well as seamless shifting of services across the terminals while performing handoffs and mobility management in the network [281] [282]. Usually, the M-IoT networks focus on using an Access Point (AP), M-IoT device, AS, and core terminals for shifting services across the network [140]. Most of the networks require seamless services and faster authentication which can be obtained through proactive mechanisms [283]. These proactive approaches define pre-determined system model over which the authentication is performed and verified against the attacker models. Most of the approaches are selected on the basis of handoff latency, and time consumed in laying off their services onto the next terminals along with their cost of operations [284].

A. Initiation-based
Handovers are operated through a governing entity which initiates the procedures of attachment and detachment of a node in the network. Based on the initiation, the handovers authentication procedures can be divided into following two types: • Host-initiated: When the service consuming entity starts the procedures of handovers, the type of handovers is marked as host-initiated. Host-initiated handovers consume much signaling and might have a weak security because of a failure in the identification of requests which may come from an anomaly node [263]. • Network-initiated: When the service providing entity starts the procedures of handovers, the type of handovers is marked as network-initiated. This type of handover is low complex and more secure in because of control by a centralized authority [264]. However, security layouts and architectural complexity can affect the performance of such handovers.

B. Architecture-based
As discussed earlier, the handovers authentication procedures can also be studied from the architectural point of view and can be distinguished into following two types: • Centralized: This includes the authentication procedures, which are driven by a centralized authority. SDN-based or topology-based authentications are usually centralized in nature and consequently pose a risk of single point of failure [265]. Further, centralized layout increases the security path, which requires RO approaches for increasing the performance. • Distributed: This includes solutions like blockchain-DMM, P2P, P2MP and crowdsourcing like authentications which can help to remove the dependencies on a single entity in smart M-IoT [264], [266]. Moreover, location privacy is another factor to be considered for mobility of M-IoT. It helps to maintain the anonymity of user location and its specifications. Considering the inclusion of location-based services in M-IoT, use of location-privacy solutions helps to protect the system at the network as well as the user's end [289] [290] [291]. M-IoT can also be facilitated by using location-privacy through obfuscation [292]. This will also allow the extension of M-IoT to opportunistic scenarios. Liao et al. [293] developed a trajectory-protecting solution, which supports location-based service privacy for IoTcloud systems. The authors rely on K-Anonymity Trajectory (KAT) algorithm, which shows low complex simulated results. Location-privacy can also be considered as an additional metric for trust evaluation [294] [295]. Such solutions are facilitated by hybrid security architectures and uses different algorithms for different modules of the architecture.
With the involvement of crowdsources in M-IoT, locationprivacy is a dominant metric to be considered for protecting location-based threats and prevent issues related to backward broadcasting or tunneling [296] [297] [298]. Especially, for the inclusion of such solutions to M-IoT, it is desired to developed novel key distribution and credential management system that can elongate the efforts for location-based privacy preservation.
Handover authentication mechanisms can be classified on the basis of property which governs their security aspects. These include • IP-based: This includes authentication mechanisms followed by the majority of mobile applications as it uses proxy procedures to support the security of nodes in smart M-IoT. PMIPv6 and F-PMIPv6 are among the popular solutions for secure and seamless handovers [129], [140], [267], [268]. • Reliability-based: Approaches like [141], [269], which not only provides strong authentication but also supports the reliability of connections, are studied under this category. Such approaches help to sustain the connections for longer durations without affecting compromising the security considerations of the network. • Encryption-based: Authentication solutions, which focus on using encryption-based solutions for security, are studied under this type. Encryption based handovers help to protect the user data as well as the control information which is passed between the entities laying off from a zone of one entity and moving into the zone of other entity [129], [269], [270]. • Uniform: Such types of handovers authentication are more prominent in LTE and LTE-A networks as these can be used for all types of networks [271], [272]. This is one of the most suitable handovers procedures for smart M-IoT networks. Such mechanisms are low-complex, computationally-inexpensive and highly secure solutions for mobile security. • Media-Independent: Such types of handovers rely on the security governed by IEEE 802.21a-2012 for supporting security along with media independence while shifting services from one entity to another in an inter-handover mode [273], [274], [299], [300]. Amalgamation of MIH solutions with F-PMIPv6 techniques is gaining popularity because of their low complexity and high security [142].

D. Summary and Insights
In this section, we surveyed solutions for secure handover of smart M-IoT devices. The devices can perform intra-or interhandover depending on the layout of the network. Proactive authentication plays a key role in securing service layoffs between the devices and can ensure long-sessions without disrupting the services of a user under movement. Distributed security protocols play a considerable role in managing nodes under high mobility scenarios by preventing unnecessary passes to the core for re-authentication of devices.
Handoff latency, discovery time, bandwidth support, mutual authentication, and overheads are some of the key metrics to be considered for selecting an efficient handover scheme for M-IoT, as shown in Appendix.Tables XI and XII. There are plenty of solutions which have diversified the security aspects of handovers and provide a wide range of services for handling billions of IoT devices. Despite this, the majority of them fails on the aspect of performance and does not account for the tradeoff between the security and Quality of Experience (QoE).
Thus, new approaches are required that can take into account these requirements of security as well as the performance before their final deployment and testing while causing minimum overheads during handoffs.

X. RESEARCH CHALLENGES, OPEN ISSUES AND FUTURE DIRECTIONS
Security, privacy, and trust are supported through specific requirements of a system, which are the open challenges to be resolved in M-IoT. Most of the challenges and issues can be acquired from the studies presented in [24]- [40], [301]- [306]. From these studies, it is noticeable that the major open issues to be resolved for M-IoT are: • Satisfaction of the security requirements: It is of utmost importance that any approach which aims to facilitate security, privacy and trust in M-IoT must satisfy certain security requirements that are listed below: -Mutual Authentication: Security agreement between each entity in M-IoT is of utmost importance. Each device must be able to identify the correctness of every other device involved in transmission. The trust relationship between the devices can help to attain the requirements of mutual authentication. -Secure Key Exchange: Security keys are the pillar for preventing attacks in a network. It is a must that keys are exchanged secretly over a secure channel and must not reveal at any instance of operations. -Session Key Management: This is a requirement which helps to secure the communication between the M-IoT devices. It is necessary for an approach to use a secure key which is different from other keys while communicating with a particular device in a network. Session keys must be renewed consistently for preventing any attacks because of lack of key freshness. -Perfect Forward Secrecy: In a communication setup, capturing of long-term keys should not be able to generate past session keys. This helps to secure previous contents and also protect future compromises and password sharing. • Performance tradeoff: Apart from the security requirement, it is required that a solution should not compromise the performance of the system and must be capable of handling the performance tradeoffs due to computational burden of security mechanisms. The approaches must be able to handle the implementation overheads during continuous operations. and damage through non-compromising models is required as this can help to manage the false-occurrences caused by the criminal aspects of M-IoT users. Models like blockchain, distributed mobility management, and crowdsourcing can be used for management of insider threats in a system. Future aspects of M-IoT are quite vast as it has to deal with a lot of dependencies of the underlaid architecture. Network designing and placement of components play a key role in providing security in M-IoT; whereas privacy has a lot to do with an individual as well as the service providers. Trust is built on the backbone of security and privacy and its management is as crucial as other services. Till date, two of the major aspects to achieve in trust management is its visualization and formal way of expressing for a large set of users. Even in the lights of different solutions, there are no standard mechanisms which can help to visualize trust as a property of a device. Thus, future approaches must consider formally defining trust and building some standard rules which should operate together with the security and privacy considerations for enhancing the practicality of M-IoT services to users. In lieu of various properties of existing solutions as discussed throughout this article, following key points can be used for directing further research on different aspects of smart M-IoT. Network monitoring should emphasize the resource-based evaluation of the involved devices so as to prevent service halts and offer ultra-reliable QoE to its users. New tools can be developed which can analyze the traffic passes between the devices. In addition, security of network monitors is to be considered for preventing any eavesdropping on the ethically gathered data. Monitoring tools and procedures should possess encapsulation as a key property and prevent and disclosure of type and make of equipment even if the attacker possesses maximum data [307] [308]. • Vulnerability Assessment: For secure operations, it is of utmost importance that the entire network is consistently monitored for potential vulnerabilities that may lead to different types of threats. Such a task can be attained by defining security policies for each entity in the network and building profilers which can help to assess devices in case of weird behavior or functioning [309]. Vulnerability assessment can help to determine the influence of attack on a particular set of entities [69]. The vulnerability assessments should be conducted at both the user-side and network-side. User-side evaluations should be abstracted and must not consume excessive operations and must be low on overheads; network-side evaluations should be conducted with zero-maintenance time and any service halts. Anomaly detection, community classification and attacker marking are the main targets of vulnerability assessment [99]. All of these are open issues and their applicability are subject to application and operational scenarios. • Policies for Zero-day Attack: Zero-day attacks in software modules of M-IoT are the key threats to its security. It is difficult to identify such possibilities unless made public by the attacker. Most of these are identified during the development stage, but some of these are marked during the regular testing operations. It becomes the liability of service providers and software-distributors to provide security patches as soon as vulnerabilities are identified. Further, providing customer knowledge and making mandatory to download and install security updates should be considered for effective countermeasures against such attacks [310]- [312].  [314]. Pre-authentication mechanisms and multi-registration phases can help to attain these requirements. However, performance and overheads are the major issues attached to such provisioning, and any approach controlling the accessibility must not cause performance overheads and should not disturb the regular operations of the network.

B. Privacy related future research directions
• Prevention of Device Profiling: Data gathering is one of the key requirements of modern day organizations to provide a personalized experience to its users. However, the process of data gathering and information analysis may cause different types of threats by deliberately breaching the privacy of users. Collection of data and using it for evaluating user behavior and controlling the preferences may allow a threat to confidentiality and integrity of an individual; further, hold on information by an eavesdropper leads to vulnerable conditions, which violates the network policies [315] [316]. Thus, to overcome such issues, it is required that futuristic solutions should not allow unauthorized device profiling and information gathering procedures must be controlled by the service providers. In addition, no selling of data should be done as this violates the personal space of an individual. Use of device profiling for advertisements for generating revenues is fine, but it should not affect the preferences of an individual. • Control over Data Gathering: M-IoT devices are sensitive to information and data across their network is delicate to threats. Classification of data and generating knowledge by data-processing disclose different types of vulnerabilities, which are the tools of hackers for exploiting the network and its users. Approaches are required that prohibits uncontrolled data gathering and limits the service providing apps from collecting excessive information other than the required ones. Data gathering procedures should be controlled by app hosting platforms and as per the individual is concerned, they must be provided with knowledge of using authenticated sources to prevent any enforced data gatherings [170] [174]. • Personalized Settings: Every application, be it open source or proprietary, must provide preferential settings to its users, where they can manage and control the amount of information to be shared across the M-IoT platforms. It is necessary that every user should be able to monitor the amount of information and extend up to which his/her information is used and for what purposes. Personalized settings should be supported by access management, accountability and authorization controls. • Managing Information Flow: For sufficiently high privacy settings, every entity in M-IoT must be provided with facilities for managing information flow. These information flows should be manageable remotely, thus, different techniques and solutions can be developed for such requirements which pave a way for controlling the information flow even being present on-site. Development of toolkits and apps for information flow are other future research challenges in smart M-IoT. Further, these can be used with AI techniques to perform a priori probabilistic checks on the occurrence of attacks for a particular set of settings.
C. Trust related future research directions • Dedicated Node Management: Trust is a compliance degree between the entities to ensure accurate operational behavior in the network. M-IoT is dedicated to operating networks which will heavily depend on the crowd sources for the majority of their operations. Such a dependency raises a crucial requirement of node management and control over the service-relationships between the devices. Research must be conducted in this direction while ensuring how the devices will interact on basis of what policies they can accurately judge each others' correctness [317] [318]. It is required that certain solutions must be developed that can provide dedicated node management at a fine granular level while leveraging the properties of existing solutions for trust management. Different type of protocols can be designed that takes situational awareness as one of the key properties for ensuring trust-aware communications in M-IoT. In addition, contextual behavior monitoring and aspect-based classification can help to ensure trust-compliance between the entities of M-IoT. • Trust Visualization and Markings: There are a huge set of applications and approaches which emphasize on computing trust in different types of network as per the requirements of the applications. But the majority of these fail to provide any conceptualization on the visualization process which helps to easy identification of service-law violators. It is required that research must be conducted in this direction while finding a benchmark which can be used as a backbone for trust-visualization and markings [217]. In addition, facilities must be provided to check trust roles and authorization activities across the network. • Anomaly Detection and Recovery: Anomaly detection is the other key aspect of trust maintenance solutions. Futuristic research must focus on providing enhanced, ondemand and real-time facilities for detecting anomalies. This must accompany the solutions which can help to recover the users which are marked as anomalies by allowing them to re-justify their associations with the networks' terms and conditions and their flow control [99]. It is required that trust evaluations must lift themselves from the traditional reputation-based systems as such facilities can easily fall prey to Sybil attacks and may mislead the trust-maintenance process. • Distributed Evaluations and Trust offloading: Apart from trust-management, the approaches are required which can operate in a distributed manner and yet provide competitive results as that of centralized solutions. This will help to prevent any single point of failure [126], [217], [219], [319]. Such solutions can be fixated on different offloading techniques which can be operated in parallel to data evaluations and does not interfere with the regular network operations. Development of distributed IDS and crowd-sourced IDS can be crucial solutions for attaining distributed evaluations as well as trust offloading.

D. Necessity of Amalgamation
Security, privacy, and trust in M-IoT go hand in hand. A breach of policies of one may lead to attack through other. Security policies must be strong enough to prevent any unauthorized access to the personal information of an individual in M-IoT and privacy policies must ensure that the data is always shared with the trusted party. Such an activity is also operational in reverse and holds true for any sort of network formations in smart M-IoT. The necessities for amalgamating these solutions can be accounted for following points: • Prevention against Cyber Spies: Combining all the aspects of security, privacy and trust for smart M-IoT ensure protection against cyber bullies, spies, and service breachers [73], [320], [321]. These three requirements ensure that the network is operating in closed perimeter even its operations are distributed across the huge cyber network.
Here, close perimeter refers to the path lengths and routes which can be tracked down easily and conterminously without many overheads.  [326] with lower dependencies and controlled cohesion and coupling amongst their software solutions. Thus, it becomes inevitably important to develop solutions, which hold true justifications for security, privacy, and trust at the same instance and at the same level.

XI. CONCLUSIONS
Security solutions must be able to fortify authentication, confidentiality, integrity, freshness, access control and authorizations for M-IoT devices and its platforms, whereas privacy must support information protection for every device and its users. Both of these requisites can be obtained by building trust relationships across the networks. However, there exists a mixture of approaches that consider one of these requisites but ignore the other requirements. Previous studies have lighted such issues and withal compared the majority of them on the substructure of different parameters. However, prior studies have shown a constrained role in evaluating security, privacy and trust especially for keenly intellective and connected M-IoT networks. This paper considered the shortcomings of existing literature and provided an in-depth evaluation of different approaches which fixates on the crucial aspects of security, privacy, and trust.
This article covered the concept and ideology of smart M-IoT networks and its devices followed by their applications, advances, challenges, characteristics, technologies, and standards. Then the literature evaluations were presented for approaches which emphasized secure frameworks, data-privacy, secure protocols, physical layer security, and handover protections for smart M-IoT. Next, different ways for analyzing the security, privacy, and trust in M-IoT were discussed followed by roadmap and open issues along with highlights of some pertinent materials which can be followed for improving understandings in this direction of research. This study has highlighted the requirements of new solutions, which can collectively resolve the issues related to security, privacy, and trust in smart M-IoT without compromising the performance and complexity of operations.   This approach provides a mechanism for mutual authentication of nodes in Internet of vehicles. The authors illustrated their approach through a verified proof of concept and illustrated lower-delay approach for message evaluations through trust properties.
SDN-based security framework [Gonzalez et al. 2016] [84] Security framework for IoT in grid using SDN

Number of messages, OpenFlow modifications
This framework builds a cluster model for IoT devices through SDN. The common controller is employed to form an intrusion detection and prevention system by using predefined rules on the controller. This framework helps in privacy-preservation and maintain security of devices in a multi-hierarchical cloud formation on the basis of ontology, which is formulated over token and encryption assertions.
Continued on next page   Authentication for e-governance applications ---   [169] Symmetric key encryption techniques IoT -