4.6.1. Security

Security is essential for any organization to protect its environment, systems, devices and applications from outside attacks. Data and communication technologies are increasing every day. Therefore, data and information security are necessary tasks [81]. In addition to data, its transmission over the network should also be protected. Although technology has evolved and security mechanisms have improved, attackers have still found many ways to breach the security level [38,39]. With the increasing number of IoT devices, new security issues have emerged. For real-time applications, the most important thing is to keep the WSN secure. The network and its associated router or hub should enforce an access control mechanism to prevent unauthorized users. Each node connected to another node is security relevant, whether it is a restricted device or a smart device. Acceptance, confirmation, categorization, trust, and information security are the most important security requirements to be considered in IoT networks and WSN. It is challenging to provide security measures for flexible detection devices. Therefore, protecting information from dictatorial forces or illegal access is called security [82,83].

### 4.6.2. Data Confidentiality and Privacy

Data confidentiality is a significant issue in IoT and network security. In IoT frameworks, the client gains access to the information and system managemen<sup>t</sup> in an unintended environment due to issues such as the use of sensor nodes. Attackers can physically capture them and extract data using an energy analysis attack [84]. Refurbished devices made from these captured devices can launch new attacks and violate security. Therefore, the IoT device should verify whether or not the user or device has been granted permission to access the system. The practice of controlling access to data by granting or denying permission based on a set of laws. Many devices/clients must be authenticated by managemen<sup>t</sup> to access the system. Data confidentiality and access are the main issues in the Internet of Things (IoT). Researchers are trying to figure out how to handle the personalities of customers, items/articles, and devices in a secure manner. Due to the ubiquitous nature of IoT and WSN systems, privacy and confidentiality are major concerns in IoT devices and frameworks. Some issues, such as sniffing and spoofing, unauthorized access, data changing, forging, and unapproved alteration of IoT and WSN nodes, pose significant uncertainties in IoT. An attacker can use various IoT devices and applications to capture sensitive and personal data that is visible to outsiders.

### 4.6.3. Data Acquisition and Transmission

The primary goal of IoT is to collect data and transmit it to where it is needed in a network. Sensors are the devices used to collect data from the environment to transmit it to the base station. After the raw data is collected, it is sent to the Sink Hub for processing. Data collection and transmission are other problems in IoT and WSN because data is exposed and modified during transmission. Data acquisition is an energy-consuming process, so extra care must be taken during gathering and transmission. Intruders can steal the data during transmission if it is not encrypted or transmitted over a secure channel. The intruder can take over a node and reprogram it with a malicious code, damaging the entire network. Therefore, security is required for this process. Sometimes intruders attack the databases of organizations to violate the confidentiality of the data [85]. Also, the intruder may destroy the node or collect important or unusual information that could be used against the system. For this reason, researchers present many security mechanisms. They protect end-to-end communication links using one-time-pad (OTP) encryption method and also identify the vulnerabilities in the DBMS application using SEPTIC method.
