Only legal users should be allowed to access the system or sensitive information [16] .


The privileges of device components and applications should be limited as so they are able to access only the resources they need to do their addressed tasks [25] .


Information transmission between the nodes should be protected from intruders [18] .


Related information should not be tampered [19] .

Availability and Continuity:

In order to avoid any potential operational failures and interruptions, availability and continuity in the provision of security services should be ensured [26] .