Security and privacy threats in IoT architectures

In this paper, we describe developments towards the Internet of Things (IoT) and discuss architecture visions for the IoT. Our emphasis is to analyze the known and new threats for the security, privacy and trust (SPT) at different levels of architecture. Our strong view is that the IoT will be an important part of the global huge ICT infrastructure ("future Internet") humanity will be strongly relying on in the future with relatively few data centers connected to trillions of sensors and other "things" over gateways, various access networks and a global network connecting them. While the infrastructure is globally connected, it is divided into millions of management domains, such as homes, smart cities, power grids, access points and networks, data centers, etc. It will evolve both bottom-up and top-down. An important question is what consequences a bottom-up and top-down construction of the IoT infrastructure has for the security, privacy and trust and what kind of regulation is appropriate. We review the currently emerging privacy regulation in EU.

[1]  Sotiris Ioannidis,et al.  On looking FORWARD , 2009, ERCIM News.

[2]  D. Hoyt Looking forward. , 2011, Bulletin of the American College of Surgeons.

[3]  Tomi Salo Security in Pervasive Computing , 2001 .

[4]  Frank Stajano,et al.  Security Issues in Ubiquitous Computing , 2010, Handbook of Ambient Intelligence and Smart Environments.

[5]  Hervé Guyennet,et al.  Wireless Sensor Network Attacks and Security Mechanisms: A Short Survey , 2010, 2010 13th International Conference on Network-Based Information Systems.

[6]  E. Baburaj,et al.  Key management schemes in Wireless Sensor Networks: A survey , 2013, 2013 International Conference on Circuits, Power and Computing Technologies (ICCPCT).

[7]  Fillia Makedon,et al.  Source location privacy against laptop-class attacks in sensor networks , 2008, SecureComm.

[8]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[9]  Mark D. Ryan Ben Smyth GuilinWang Information Security Practice and Experience , 2012, Lecture Notes in Computer Science.

[10]  Silvia Nittel Geosensor Networks , 2008, Encyclopedia of GIS.

[11]  Rose Qingyang Hu,et al.  RECENT PROGRESS IN MACHINE-TO-MACHINE COMMUNICATIONS , 2011 .

[12]  Stefan Poslad,et al.  Ubiquitous Computing: Smart Devices, Environments and Interactions , 2009 .

[13]  Prashant J. Shenoy,et al.  Private memoirs of a smart meter , 2010, BuildSys '10.

[14]  Vlad Trifa,et al.  Sharing using social networks in a composable Web of Things , 2010, 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[15]  Hermann Kopetz,et al.  Real-time systems , 2018, CSC '73.

[16]  Sungyoung Lee,et al.  Key Management Schemes of Wireless Sensor Networks: A Survey , 2010 .

[17]  Jeffrey Carr,et al.  Inside cyber warfare , 2011 .

[18]  Frank Stajano,et al.  Security for Ubiquitous Computing , 2002, ICISC.

[19]  Michael Friedewald,et al.  Safeguards in a world of ambient intelligence , 2008 .

[20]  Stefan Katzenbeisser,et al.  Detecting Computer Worms in the Cloud , 2011, iNetSeC.

[21]  Yang Yu,et al.  Query privacy in wireless sensor networks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[22]  Radha Poovendran,et al.  Node capture attacks in wireless sensor networks: A system theoretic approach , 2010, 49th IEEE Conference on Decision and Control (CDC).

[23]  James H. Aylor,et al.  Computer for the 21st Century , 1999, Computer.

[24]  Hamid R. Nemati,et al.  Information Security and Ethics: Concepts, Methodologies, Tools and Applications , 2008 .

[25]  Damith C. Ranasinghe,et al.  Networked RFID Systems and Lightweight Cryptography: Raising Barriers to Product Counterfeiting , 2010 .

[26]  Erland Jonsson,et al.  Future threats to future trust , 2009 .

[27]  Peter Stuckmann,et al.  European research on future Internet design , 2009, IEEE Wireless Communications.

[28]  Friedemann Mattern,et al.  From the Internet of Computers to the Internet of Things , 2010, From Active Data Management to Event-Based Systems and More.

[29]  M. Eloff,et al.  Internet of things: emerging and future scenarios from an information security perspective , 2009 .