Skip to main content
SpringerLink
Log in

A Privacy-Enhancing Framework for Internet of Things Services

  • Conference paper
  • First Online:
Network and System Security (NSS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11928))

Included in the following conference series:

Abstract

The world has seen an influx of connected devices through both smart devices and smart cities, paving the path forward for the Internet of Things (IoT). These emerging intelligent infrastructures and applications based on IoT can be beneficial to users only if essential private and secure features are assured. However, with constrained devices being the norm in IoT, security and privacy are often minimized. In this paper, we first categorize various existing privacy-enhancing technologies (PETs) and assessment of their suitability for privacy-requiring services within IoT. We also categorize potential privacy risks, threats, and leakages related to various IoT use cases. Furthermore, we propose a simple novel privacy-preserving framework based on a set of suitable privacy-enhancing technologies in order to maintain security and privacy within IoT services. Our study can serve as a baseline of privacy-by-design strategies applicable to IoT based services, with a particular focus on smart things, such as safety equipment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alpár, G., et al.: New directions in IoT privacy using attribute-based authentication: position paper (2016)

    Google Scholar 

  2. Atamli, A.W., Martin, A.: Threat-based security analysis for the internet of things. In: International Workshop on Secure Internet of Things, pp. 35–43. IEEE (2014)

    Google Scholar 

  3. Baumann, F.W., Odefey, U., Hudert, S., Falkenthal, M., Breitenbücher, U.: Utilising the tor network for IoT addressing and connectivity. In: Proceedings of the 8th International Conference on Cloud Computing and Services Science (CLOSER 2018), pp. 27–34. SciTePress, March 2018

    Google Scholar 

  4. Bernal Bernabe, J., Hernandez-Ramos, J.L., Skarmeta Gomez, A.F.: Holistic privacy-preserving identity management system for the internet of things. Mob. Inf. Syst. 2017, 6384186:1 (2017)

    Google Scholar 

  5. Camenisch, J., Drijvers, M., Dzurenda, P., Hajny, J.: Fast keyed-verification anonymous credentials on standard smart cards. In: Dhillon, G., Karlsson, F., Hedström, K., Zúquete, A. (eds.) SEC 2019. IAICT, vol. 562, pp. 286–298. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-22312-0_20

    Chapter  Google Scholar 

  6. Cha, S.C., Hsu, T.Y., Xiang, Y., Yeh, K.H.: Privacy enhancing technologies in the internet of things: perspectives and challenges. IEEE Internet Things J. 6, 2159–2187 (2018)

    Article  Google Scholar 

  7. Chatzigiannakis, I., Vitaletti, A., Pyrgelis, A.: A privacy-preserving smart parking system using an IoT elliptic curve based security platform. Comput. Commun. 89, 165–177 (2016)

    Article  Google Scholar 

  8. Danezis, G., et al.: Privacy and data protection by design-from policy to engineering. arXiv preprint arXiv:1501.03726 (2015)

  9. Debnath, A., Singaravelu, P., Verma, S.: Privacy in wireless sensor networks using ring signature. J. King Saud Univ.-Comput. Inf. Sci. 26(2), 228–236 (2014)

    Google Scholar 

  10. Derler, D., Slamanig, D.: Highly-efficient fully-anonymous dynamic group signatures. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 551–565. ACM (2018)

    Google Scholar 

  11. Dwivedi, A.D., Srivastava, G., Dhar, S., Singh, R.: A decentralized privacy-preserving healthcare blockchain for IoT. Sensors 19(2), 326 (2019)

    Article  Google Scholar 

  12. Emura, K., Hayashi, T.: A light-weight group signature scheme with time-token dependent linking. In: Güneysu, T., Leander, G., Moradi, A. (eds.) LightSec 2015. LNCS, vol. 9542, pp. 37–57. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29078-2_3

    Chapter  Google Scholar 

  13. Finn, R.L., Wright, D., Friedewald, M.: Seven types of privacy. In: Gutwirth, S., Leenes, R., de Hert, P., Poullet, Y. (eds.) European Data Protection: Coming of Age, pp. 3–32. Springer, Heidelberg (2013). https://doi.org/10.1007/978-94-007-5170-5_1

    Chapter  Google Scholar 

  14. Hajny, J., Dzurenda, P., Malina, L.: Attribute-based credentials with cryptographic collusion prevention. Secur. Commun. Netw. 8(18), 3836–3846 (2015)

    Article  Google Scholar 

  15. He, D., Chen, C., Bu, J., Chan, S., Zhang, Y., Guizani, M.: Secure service provision in smart grid communications. IEEE Commun. Mag. 50(8), 53–61 (2012)

    Article  Google Scholar 

  16. Henze, M., Hermerschmidt, L., Kerpen, D., Häußling, R., Rumpe, B., Wehrle, K.: User-driven privacy enforcement for cloud-based services in the internet of things. In: 2014 International Conference on Future Internet of Things and Cloud, pp. 191–196. IEEE (2014)

    Google Scholar 

  17. Hoang, N.P., Pishva, D.: A TOR-based anonymous communication approach to secure smart home appliances. In: 2015 17th International Conference on Advanced Communication Technology (ICACT), pp. 517–525. IEEE (2015)

    Google Scholar 

  18. Hoepman, J.-H.: Privacy design strategies. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IAICT, vol. 428, pp. 446–459. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55415-5_38

    Chapter  Google Scholar 

  19. Jahan, M., Seneviratne, S., Chu, B., Seneviratne, A., Jha, S.: Privacy preserving data access scheme for IoT devices. In: 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA), pp. 1–10. IEEE (2017)

    Google Scholar 

  20. Kelarev, A.V., Yi, X., Cui, H., Rylands, L.J., Jelinek, H.F.: A survey of state-of-the-art methods for securing medical databases. AIMS Med. Sci. 5(1), 1–22 (2018)

    Article  Google Scholar 

  21. Kong, Q., Lu, R., Ma, M., Bao, H.: A privacy-preserving sensory data sharing scheme in internet of vehicles. Futur. Gener. Comput. Syst. 92, 644–655 (2019)

    Article  Google Scholar 

  22. Li, C., Palanisamy, B.: Privacy in internet of things: from principles to technologies. IEEE Internet Things J. 6(1), 488–505 (2019)

    Article  Google Scholar 

  23. Lin, J., Yu, W., Zhang, N., Yang, X., Zhang, H., Zhao, W.: A survey on internet of things: architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J. 4(5), 1125–1142 (2017)

    Article  Google Scholar 

  24. Liu, F., Li, T.: A clustering-anonymity privacy-preserving method for wearable IoT devices. Secur. Commun. Netw. 2018, 1–8 (2018)

    Google Scholar 

  25. Lopez, J., Rios, R., Bao, F., Wang, G.: Evolving privacy: from sensors to the internet of things. Future Gener. Comput. Syst. 75, 46–57 (2017)

    Article  Google Scholar 

  26. Ma, M., He, D., Kumar, N., Choo, K.K.R., Chen, J.: Certificateless searchable public key encryption scheme for industrial internet of things. IEEE Trans. Ind. Inform. 14(2), 759–767 (2017)

    Article  Google Scholar 

  27. Ma, Y., Wu, Y., Li, J., Ge, J.: APCN: a scalable architecture for balancing accountability and privacy in large-scale content-based networks. Inf. Sci. (2019)

    Google Scholar 

  28. Mai, V., Khalil, I.: Design and implementation of a secure cloud-based billing model for smart meters as an internet of things using homomorphic cryptography. Future Gener. Comput. Syst. 72, 327–338 (2017)

    Article  Google Scholar 

  29. Malina, L., Hajny, J., Fujdiak, R., Hosek, J.: On perspective of security and privacy-preserving solutions in the internet of things. Comput. Netw. 102, 83–95 (2016)

    Article  Google Scholar 

  30. Malina, L., Srivastava, G., Dzurenda, P., Hajny, J., Fujdiak, R.: A secure publish/subscribe protocol for internet of things. In: Proceedings of the ARES 2019. ACM (2019)

    Google Scholar 

  31. Malina, L., Vives-Guasch, A., Castellà-Roca, J., Viejo, A., Hajny, J.: Efficient group signatures for privacy-preserving vehicular networks. Telecommun. Syst. 58(4), 293–311 (2015)

    Article  Google Scholar 

  32. von Maltitz, M., Carle, G.: Leveraging secure multiparty computation in the internet of things. arXiv preprint arXiv:1806.02144 (2018)

  33. Medaglia, C.M., Serbanati, A.: An overview of privacy and security issues in the internet of things. The Internet of Things, pp. 389–395. Springer, New York (2010). https://doi.org/10.1007/978-1-4419-1674-7_38

    Chapter  Google Scholar 

  34. Nieto, A., Rios, R., Lopez, J.: Digital witness and privacy in IoT: anonymous witnessing approach. In: 2017 IEEE Trustcom/BigDataSE/ICESS, pp. 642–649. IEEE (2017)

    Google Scholar 

  35. Patton, M., Gross, E., Chinn, R., Forbis, S., Walker, L., Chen, H.: Uninvited connections: a study of vulnerable devices on the internet of things (IoT). In: IEEE Joint Intelligence and Security Informatics Conference, pp. 232–235. IEEE (2014)

    Google Scholar 

  36. Porambage, P., Ylianttila, M., Schmitt, C., Kumar, P., Gurtov, A., Vasilakos, A.V.: The quest for privacy in the internet of things. IEEE Cloud Comput. 3(2), 36–45 (2016)

    Article  Google Scholar 

  37. Put, A., De Decker, B.: Attribute-based privacy-friendly access control with context. In: Obaidat, M.S. (ed.) ICETE 2016. CCIS, vol. 764, pp. 291–315. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-67876-4_14

    Chapter  Google Scholar 

  38. Ramos, J.L.H., Bernabé, J.B., Skarmeta, A.F.: Towards privacy-preserving data sharing in smart environments. In: Eighth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, pp. 334–339. IEEE (2014)

    Google Scholar 

  39. Raza, S., Trabalza, D., Voigt, T.: 6LoWPAN compressed DTLS for CoAP. In: 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems, pp. 287–289. IEEE (2012)

    Google Scholar 

  40. Gómez Rodríguez, C.R., Barrantes S., E.G.: Using differential privacy for the internet of things. In: Lehmann, A., Whitehouse, D., Fischer-Hübner, S., Fritsch, L., Raab, C. (eds.) Privacy and Identity 2016. IAICT, vol. 498, pp. 201–211. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-55783-0_14

    Chapter  Google Scholar 

  41. Rodriguez, J.D.P., Schreckling, D., Posegga, J.: Addressing data-centric security requirements for IoT-based systems. In: 2016 International Workshop on Secure Internet of Things (SIoT), pp. 1–10. IEEE (2016)

    Google Scholar 

  42. Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57(10), 2266–2279 (2013)

    Article  Google Scholar 

  43. Rothenpieler, P., Altakrouri, B., Kleine, O., Ruge, L.: Distributed crowd-sensing infrastructure for personalized dynamic IoT spaces. In: Proceedings of the First International Conference on IoT in Urban Space, pp. 90–92. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering) (2014)

    Google Scholar 

  44. Seliem, M., Elgazzar, K., Khalil, K.: Towards privacy preserving IoT environments: a survey. Wireless Communications and Mobile Computing 2018 (2018)

    Google Scholar 

  45. Sen, A.A.A., Eassa, F.A., Jambi, K., Yamin, M.: Preserving privacy in internet of things: a survey. Int. J. Inf. Technol. 10(2), 189–200 (2018)

    Google Scholar 

  46. Sene, I., Ciss, A.A., Niang, O.: I2PA: an efficient abc for IoT. Cryptography 3(2), 16 (2019)

    Article  Google Scholar 

  47. Shafagh, H., Hithnawi, A., Droescher, A., Duquennoy, S., Hu, W.: Talos: encrypted query processing for the internet of things. In: Proceedings of the 13th ACM Conference on Embedded Networked Sensor Systems, pp. 197–210. ACM (2015)

    Google Scholar 

  48. Sicari, S., Rizzardi, A., Grieco, L.A., Coen-Porisini, A.: Security, privacy and trust in internet of things: the road ahead. Comput. Netw. 76, 146–164 (2015)

    Article  Google Scholar 

  49. Solanas, A., et al.: Smart health: a context-aware health paradigm within smart cities. IEEE Commun. Mag. 52(8), 74–81 (2014)

    Article  Google Scholar 

  50. Srinivasan, V., Stankovic, J., Whitehouse, K.: Protecting your daily in-home activity information from a wireless snooping attack. In: Proceedings of the 10th International Conference on Ubiquitous Computing, pp. 202–211. ACM (2008)

    Google Scholar 

  51. Staudemeyer, R.C., Pöhls, H.C., Wójcik, M.: The road to privacy in IoT: beyond encryption and signatures, towards unobservable communication. In: 2018 IEEE 19th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM), pp. 14–20. IEEE (2018)

    Google Scholar 

  52. Tso, R., Alelaiwi, A., Rahman, S.M.M., Wu, M.E., Hossain, M.S.: Privacy-preserving data communication through secure multi-party computation in healthcare sensor cloud. J. Signal Process. Syst. 89(1), 51–59 (2017)

    Article  Google Scholar 

  53. Ullah, I., Shah, M.A., Wahid, A., Mehmood, A., Song, H.: ESOT: a new privacy model for preserving location privacy in internet of things. Telecommun. Syst. 67(4), 553–575 (2018)

    Article  Google Scholar 

  54. Vance, N., Zhang, D.Y., Zhang, Y., Wang, D.: Privacy-aware edge computing in social sensing applications using ring signatures. In: IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS), pp. 755–762. IEEE (2018)

    Google Scholar 

  55. Vasilomanolakis, E., Daubert, J., Luthra, M., Gazis, V., Wiesmaier, A., Kikiras, P.: On the security and privacy of internet of things architectures and systems. In: Proceedings of SIoT, pp. 49–57. IEEE (2015)

    Google Scholar 

  56. Verheul, E.R., Jacobs, B., Meijer, C., Hildebrandt, M., de Ruiter, J.: Polymorphic encryption and pseudonymisation for personalised healthcare. IACR Cryptology ePrint Archive 2016/411 (2016)

    Google Scholar 

  57. Voigt, P., Von dem Bussche, A.: The EU General Data Protection Regulation (GDPR) A Practical Guide, 1st edn. Springer International Publishing, Cham (2017). https://doi.org/10.1007/978-3-319-57959-7

    Book  Google Scholar 

  58. Wang, X., Jiang, J., Zhao, S., Bai, L.: A fair blind signature scheme to revoke malicious vehicles in vanets. Comput. Mater. Contin. 58(1), 249–262 (2019)

    Article  Google Scholar 

  59. Xu, W., et al.: Internet of vehicles in big data era. IEEE/CAA J. Autom. Sin. 5(1), 19–35 (2017)

    Article  Google Scholar 

  60. Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 4(5), 1250–1258 (2017)

    Article  Google Scholar 

  61. Yao, Z., Ge, J., Wu, Y., Jian, L.: A privacy preserved and credible network protocol. J. Parallel Distrib. Comput. (2019)

    Google Scholar 

  62. Yavari, A., Panah, A.S., Georgakopoulos, D., Jayaraman, P.P., van Schyndel, R.: Scalable role-based data disclosure control for the internet of things. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 2226–2233. IEEE (2017)

    Google Scholar 

  63. Zhou, R., Zhang, X., Wang, X., Yang, G., Wang, H., Wu, Y.: Privacy-preserving data search with fine-grained dynamic search right management in fog-assisted internet of things. Inf. Sci. 491, 251–264 (2019)

    Article  Google Scholar 

  64. Ziegeldorf, J.H., Morchon, O.G., Wehrle, K.: Privacy in the internet of things: threats and challenges. Secur. Commun. Netw. 7(12), 2728–2742 (2014)

    Article  Google Scholar 

Download references

Acknowledgment

This paper is supported by the Ministry of Industry and Trade grant # FV20354, the TACR project TL02000398 and European Union’s Horizon 2020 research and innovation programme under grant agreement No 830892, project SPARTA. For the research, infrastructure of the SIX Center supported by National Sustainability Program under grant LO1401 was used.

Author information

Authors and Affiliations

  1. Department of Telecommunications, Brno University of Technology, Brno, Czech Republic

    Lukas Malina, Petr Dzurenda, Jan Hajny & Sara Ricci

  2. Department of Mathematics and Computer Science, Brandon University, 270 18th Street, Brandon, R7A 6A9, Canada

    Gautam Srivastava

  3. Research Center for Interneural Computing, China Medical University, Taichung, 40402, Taiwan, Republic of China

    Gautam Srivastava

Authors
  1. Lukas Malina
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gautam Srivastava
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Petr Dzurenda
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jan Hajny
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Sara Ricci
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lukas Malina .

Editor information

Editors and Affiliations

  1. Monash University, Clayton, VIC, Australia

    Joseph K. Liu

  2. Fujian Normal University, Fuzhou, China

    Xinyi Huang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Malina, L., Srivastava, G., Dzurenda, P., Hajny, J., Ricci, S. (2019). A Privacy-Enhancing Framework for Internet of Things Services. In: Liu, J., Huang, X. (eds) Network and System Security. NSS 2019. Lecture Notes in Computer Science(), vol 11928. Springer, Cham. https://doi.org/10.1007/978-3-030-36938-5_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-36938-5_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-36937-8

  • Online ISBN: 978-3-030-36938-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation