Security and privacy in the internet of things

The internet of things (IoT) is a technology that has the capacity to revolutionise the way that we live, in sectors ranging from transport to health, from entertainment to our interactions with government. This fantastic opportunity also presents a number of significant challenges. The growth in the number of devices and the speed of that growth presents challenges to our security and freedoms as we battle to develop policies, standards, and governance that shape this development without stifling innovation. This paper discusses the evolution of the IoT, its various definitions, and some of its key application areas. Security and privacy considerations and challenges that lie ahead are discussed both generally and in the context of these applications.

[1]  Ronald J. Vetter,et al.  Internet Kiosk- Computer-Controlled Devices Reach the Internet , 1995, Computer.

[2]  D. Richard Kuhn,et al.  Role-Based Access Control ( RBAC ) : Features and Motivations , 2014 .

[3]  David R. Kuhn,et al.  Role-Based Access Control (RBAC): Features and Motivations | NIST , 1995 .

[4]  Donn B. Parker,et al.  Fighting computer crime - a new framework for protecting information , 1998 .

[5]  Kevin Ashton,et al.  That ‘Internet of Things’ Thing , 1999 .

[6]  Rick Huhn,et al.  Security Standards for the RFID Market , 2005, IEEE Secur. Priv..

[7]  Susan B. Barnes,et al.  A privacy paradox: Social networking in the United States , 2006, First Monday.

[8]  Stephen A. Weis Privacy Enhancing Technologies , 2006, IEEE Security & Privacy Magazine.

[9]  Geoff Mulligan,et al.  The 6LoWPAN architecture , 2007, EmNets '07.

[10]  Scott Dick,et al.  A Survey and Analysis of the P3P Protocol's Agents, Adoption, Maintenance, and Future , 2007, IEEE Transactions on Dependable and Secure Computing.

[11]  David E. Culler,et al.  Transmission of IPv6 Packets over IEEE 802.15.4 Networks , 2007, RFC.

[12]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[13]  Boris Skoric,et al.  Strong Authentication with Physical Unclonable Functions , 2007, Security, Privacy, and Trust in Modern Data Management.

[14]  G.-J. Schrijen,et al.  Physical Unclonable Functions and Public-Key Crypto for FPGA IP Protection , 2007, 2007 International Conference on Field Programmable Logic and Applications.

[15]  Scott Dick,et al.  P3P Adoption on E-Commerce Web sites: A Survey and Analysis , 2007, IEEE Internet Computing.

[16]  Y. S. Feruza,et al.  IT Security Review: Privacy, Protection, Access Control, Assurance and System Security , 2007 .

[17]  Zheng Yan,et al.  Trust Modeling and Management: From Social Trust to Digital Trust , 2008 .

[18]  Jun Zhang,et al.  Security Patch Management: Share the Burden or Share the Damage? , 2008, Manag. Sci..

[19]  Lorrie Faith Cranor,et al.  P3P deployment on websites , 2008, Electron. Commer. Res. Appl..

[20]  Elfed Lewis,et al.  Security for wireless sensor networks: A review , 2009, 2009 IEEE Sensors Applications Symposium.

[21]  Scott Dick,et al.  A large-scale empirical study of P3P privacy policies: Stated actions vs. legal obligations , 2009, TWEB.

[22]  Amardeo Sarma,et al.  Identities in the Future Internet of Things , 2009, Wirel. Pers. Commun..

[23]  E. Kennedy,et al.  SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION , 2009 .

[24]  Jorge S. Cardoso The Internet of Services , 2009, ICSOFT.

[25]  Inhyok Cha,et al.  Trust in M2M communication , 2009, IEEE Vehicular Technology Magazine.

[26]  Stamatis Karnouskos,et al.  The cooperative Internet of Things enabled Smart Grid , 2010 .

[27]  Dieter Hayn,et al.  The Internet of Things for Ambient Assisted Living , 2010, 2010 Seventh International Conference on Information Technology: New Generations.

[28]  Audun Jøsang,et al.  Privacy Policy Referencing , 2010, TrustBus.

[29]  Andreas Nettstraeter,et al.  The Internet of Things in Logistics , 2010 .

[30]  David Hutchison,et al.  Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines , 2010, Comput. Networks.

[31]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[32]  Abhranil Maiti,et al.  Improved Ring Oscillator PUF: An FPGA-friendly Secure Primitive , 2011, Journal of Cryptology.

[33]  Mariarosaria Taddeo,et al.  The case for e-trust , 2011, Ethics and Information Technology.

[34]  Ramjee Prasad,et al.  Identity Management Framework towards Internet of Things (IoT): Roadmap and Key Challenges , 2010, CNSA.

[35]  Li Li,et al.  The applications of WiFi-based Wireless Sensor Network in Internet of Things and Smart Grid , 2011, 2011 6th IEEE Conference on Industrial Electronics and Applications.

[36]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[37]  Florian Michahelles,et al.  An Architectural Approach Towards the Future Internet of Things , 2011, Architecting the Internet of Things.

[38]  Klaus Wehrle,et al.  Security Challenges in the IP-based Internet of Things , 2011, Wirel. Pers. Commun..

[39]  Jaydip Sen,et al.  Internet of Things - Applications and Challenges in Technology and Standardization , 2011 .

[40]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[41]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[42]  Michele Zorzi,et al.  Health care applications: a solution based on the internet of things , 2011, ISABEL '11.

[43]  Peter Friess,et al.  Internet of Things Strategic Research Roadmap , 2011 .

[44]  Flora Malamateniou,et al.  Enabling data protection through PKI encryption in IoT m-Health devices , 2012, 2012 IEEE 12th International Conference on Bioinformatics & Bioengineering (BIBE).

[45]  Miad Faezipour,et al.  Progress and challenges in intelligent vehicle area networks , 2012, Commun. ACM.

[46]  Alexis Olivereau,et al.  Trustworthy Infrastructure Services for a Secure and Privacy-Respecting Internet of Things , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[47]  Ulrich Greveler,et al.  Multimedia Content Identification Through Smart Meter Power Usage Profiles , 2012 .

[48]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[49]  Ramjee Prasad,et al.  Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things , 2012, J. Cyber Secur. Mobil..

[50]  Jiafu Wan,et al.  Security in the Internet of Things: A Review , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[51]  Xian-Yi Chen,et al.  Research on Key Technology and Applications for Internet of Things , 2012 .

[52]  Chunling Sun Application of RFID Technology for Logistics on Internet of Things , 2012 .

[53]  Patrick Schaumont,et al.  A Robust Physical Unclonable Function With Enhanced Challenge-Response Set , 2012, IEEE Transactions on Information Forensics and Security.

[54]  Óscar García-Morchón,et al.  Securing the IP-based internet of things with HIP and DTLS , 2013, WiSec '13.

[55]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[56]  Yacine Challal,et al.  A Systemic Approach for IoT Security , 2013, 2013 IEEE International Conference on Distributed Computing in Sensor Systems.

[57]  Chih-Lin Hu,et al.  Design and Implementation of Media Content Sharing Services in Home-Based IoT Networks , 2013, 2013 International Conference on Parallel and Distributed Systems.

[58]  Marlin H. Mickle,et al.  The impact of the internet of Things on implanted medical devices including pacemakers, and ICDs , 2013, International Instrumentation and Measurement Technology Conference.

[59]  Grant Blank,et al.  A New Privacy Paradox: Young People and Privacy on Social Network Sites , 2014 .

[60]  Athanasios V. Vasilakos,et al.  A survey on trust management for Internet of Things , 2014, J. Netw. Comput. Appl..

[61]  Marco Balduzzi,et al.  A security evaluation of AIS automated identification system , 2014, ACSAC.

[62]  Geir M. Køien,et al.  Security and privacy in the Internet of Things: Current status and open issues , 2014, 2014 International Conference on Privacy and Security in Mobile Systems (PRISMS).

[63]  John A. Stankovic,et al.  Research Directions for the Internet of Things , 2014, IEEE Internet of Things Journal.

[64]  Klaus Wehrle,et al.  Privacy in the Internet of Things: threats and challenges , 2014, Secur. Commun. Networks.

[65]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[66]  Arkady B. Zaslavsky,et al.  Context Aware Computing for The Internet of Things: A Survey , 2013, IEEE Communications Surveys & Tutorials.

[67]  Lilian Bossuet,et al.  New paradigms for access control in constrained environments , 2014, 2014 9th International Symposium on Reconfigurable and Communication-Centric Systems-on-Chip (ReCoSoC).

[68]  Scott R. Peppet Regulating the Internet of Things: First Steps Toward Managing Discrimination, Privacy, Security & Consent , 2014 .

[69]  Jeffrey M. Voas,et al.  Imagineering an Internet of Anything , 2014, Computer.

[70]  A. Neely,et al.  Internet of Animal Health Things ( IoAHT ) Opportunities and Challenges , 2015 .

[71]  Vinton G. Cerf,et al.  Access Control and the Internet of Things , 2015, IEEE Internet Comput..

[72]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[73]  Michael Meier,et al.  Security and Privacy Policy Languages: A Survey, Categorization and Gap Identification , 2015, ArXiv.

[74]  Viacheslav Shkodyrev,et al.  Aspects of Smart Manufacturing Via Agent-Based Approach , 2015 .

[75]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[76]  J. Morrish,et al.  Business models for machine-to-machine (M2M) communications , 2015 .

[77]  Anurag Agarwal,et al.  The Internet of Things—A survey of topics and trends , 2014, Information Systems Frontiers.

[78]  Muhammad Waseem,et al.  A Review on Internet of Things (IoT) , 2015 .

[79]  Kyung-Sup Kwak,et al.  The Internet of Things for Health Care: A Comprehensive Survey , 2015, IEEE Access.

[80]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[81]  Towards a definition of the Internet of Things ( IoT ) , 2015 .

[82]  Ahmad-Reza Sadeghi,et al.  Security and privacy challenges in industrial Internet of Things , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[83]  In Lee,et al.  The Internet of Things (IoT): Applications, investments, and challenges for enterprises , 2015 .

[84]  Felix Wortmann,et al.  Internet of Things , 2015, Business & Information Systems Engineering.

[85]  Klaus Wehrle,et al.  A comprehensive approach to privacy in the cloud-based Internet of Things , 2016, Future Gener. Comput. Syst..

[86]  Muthucumaru Maheswaran,et al.  Security Challenges and Approaches in Internet of Things , 2016 .

[87]  Jiri Hosek,et al.  On perspective of security and privacy-preserving solutions in the internet of things , 2016, Comput. Networks.

[88]  Leandros A. Maglaras,et al.  Social Internet of Vehicles for Smart Cities , 2016, J. Sens. Actuator Networks.

[89]  Bart Preneel,et al.  On the (in)security of the latest generation implantable cardiac defibrillators and how to secure them , 2016, ACSAC.

[90]  Chaudron Stephane,et al.  Kaleidoscope on the Internet of Toys: Safety, security, privacy and societal insights , 2016 .

[91]  Ch. Ramesh Babu,et al.  Internet of Vehicles: From Intelligent Grid to Autonomous Cars and Vehicular Clouds , 2016 .

[92]  Rajkumar Buyya,et al.  Internet of Things: An Overview , 2017, ArXiv.

[93]  Klaus-Dieter Thoben,et al.  "Industrie 4.0" and Smart Manufacturing - A Review of Research Issues and Application Examples , 2017, Int. J. Autom. Technol..

[94]  Sneha A. Dalvi,et al.  Internet of Things for Smart Cities , 2017 .

[95]  Zhao Yang Dong,et al.  The 2015 Ukraine Blackout: Implications for False Data Injection Attacks , 2017, IEEE Transactions on Power Systems.

[96]  Jayashree Kanniappan,et al.  Privacy in the Internet of Things , 2019, Censorship, Surveillance, and Privacy.

[97]  Marcus Oppitz,et al.  Security and Privacy Challenges , 2018 .

[98]  Ghita Mezzour,et al.  Securing the Internet of Things (IoT) , 2018, 2018 6th International Conference on Wireless Networks and Mobile Communications (WINCOM).