Skip to main content
SpringerLink
Log in

Security and Privacy of Things: Regulatory Challenges and Gaps for the Secure Integration of Cyber-Physical Systems

  • Conference paper
  • First Online:
Third International Congress on Information and Communication Technology

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 797))

Abstract

The rise of interconnected “intelligent” objects that move their capabilities from sensing and data processing to decision making will be a disruptive phenomenon that further widens the gaps between legal, regulatory and technological approaches. This research sets out to establish a guided road map through the maze of regulation by incorporating the fragmented governance efforts into a single focus where security and privacy gaps unique to machine-to-machine communication (M2M) are identified against key performance metrics. We use privacy, ethics, trust, legality, data sharing, operational integration and device and communication protocols as our key performance metrics to highlight areas of significant overlap and gaps in a comprehensive list of standards to assist policymakers and researchers in the field. Results also indicate that policy concerns and diffused responses from existing standards raise unacceptable risks for the cyber and physical spheres in the IoT preventing their integration with existing hierarchical security architectures and reducing the opportunities for mass-market economies of scale.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. (2013) Iso/iec 29182-1:2013-information technology–sensor networks: sensor network reference architecture (snra)–part 1: general overview and requirements\(\_\)2013. https://www.iso.org/standard/45261.html

  2. (2015a) iso/iec 27010:2015-information technology–security techniques–information security management for inter-sector and inter-organizational communications\(\_\)2015. https://www.iso.org/standard/68427.html

  3. Abdul-Qawy AS, J PP, (2015) The internet of things (iot)&58; an overview. Int J Eng Res Appl 5(12)

    Google Scholar 

  4. Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805. https://doi.org/10.1016/j.comnet.2010.05.010

    Article  MATH  Google Scholar 

  5. Babar SD, Prasad NR, Nielsen RH, Alam M, Chen K (2016) Multi-disciplinary applications requiring advanced iot and m2m. Role ICT Multi-Disc Appl 2030(47):23

    Google Scholar 

  6. Baldini G, Botterman M, Neisse R, Tallacchini M (2016) Ethical design in the internet of things. Sci Eng Ethics. https://doi.org/10.1007/s11948-016-9754-5

    Article  Google Scholar 

  7. Boswarthick D, Elloumi O, Hersent O (2012) M2M communications: a systems approach. Wiley, Hoboken

    Google Scholar 

  8. Herold R, Hertzog C (2015) Data Privacy for the Smart Grid. Auerbach Publications, https://www.amazon.com/Data-Privacy-Smart-Rebecca-Herold/dp/1466573376?SubscriptionId=0JYN1NVW651KCA56C102&tag=techkie-20&linkCode=xm2&camp=2025&creative=165953&creativeASIN=1466573376

  9. Hsu DF, Marinucci D (2012) Advances in cyber security: technology, operations, and experiences. Oxford University Press, Oxford

    Google Scholar 

  10. ICO (2016) Preparing for the general data protection regulation (gdpr). https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf

  11. ISO (2011a) Iso/iec 24760-1:2011 information technology–security techniques–a framework for identity management–part 1: Terminology and concepts. https://www.iso.org/standard/57914.html

  12. ISO (2011b) Iso/iex 29100:2011 information technology–security techniques–privacy framework. https://www.iso.org/standard/45123.html

  13. ISO (2014) Iso/iec 27018:2014 information technology–security techniques–code of practice for protection of personally identifiable information (pii) in public clouds acting as pii processors. https://www.iso.org/standard/61498.html

  14. ISO (2015b) Iso/iec 38500:2015 information technology–governance of it for the organization. https://www.iso.org/standard/62816.html

  15. ISO (2016) Iso/iec 27009:2016 information technology–security techniques–sector-specific application of iso/iec 27001–requirements. https://www.iso.org/standard/42508.html

  16. ISO (2017) Iso/iec 29134:2017 information technology–security techniques–guidelines for privacy impact assessment. https://www.iso.org/standard/62289.html

  17. Lee J, Bagheri B, Jin C (2016) Introduction to cyber manufacturing. Manuf Lett 8:11–15

    Article  Google Scholar 

  18. Paez M, La Marca M (2016) The internet of things: emerging legal issues for businesses. N Ky L Rev 43:29

    Google Scholar 

  19. Shi J, Wan J, Yan H, Suo H (2011) A survey of cyber-physical systems. In: 2011 international conference on wireless communications and signal processing (WCSP), pp 1–6, https://doi.org/10.1109/WCSP.2011.6096958

Download references

Author information

Authors and Affiliations

  1. QA Ltd, Slough, Berkshire, UK

    Geraldine Lee

  2. Wolverhampton Cyber Research Institute (WCRI), School of Mathematics and Computer Science, University of Wolverhampton, Wolverhampton, UK

    Gregory Epiphaniou & Haider Al-Khateeb

  3. WMG Group, University of Warwick, Coventry, UK

    Carsten Maple

Authors
  1. Geraldine Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gregory Epiphaniou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Haider Al-Khateeb
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Carsten Maple
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gregory Epiphaniou .

Editor information

Editors and Affiliations

  1. School of Science and Technology, Middlesex University, London, UK

    Xin-She Yang

  2. University of Reading, Reading, UK

    Simon Sherratt

  3. Department of Information Technology, Techno India College of Technology, Kolkata, West Bengal, India

    Nilanjan Dey

  4. Sabar Institute of Technology, Sabarkantha, Gujarat, India

    Amit Joshi

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lee, G., Epiphaniou, G., Al-Khateeb, H., Maple, C. (2019). Security and Privacy of Things: Regulatory Challenges and Gaps for the Secure Integration of Cyber-Physical Systems. In: Yang, XS., Sherratt, S., Dey, N., Joshi, A. (eds) Third International Congress on Information and Communication Technology. Advances in Intelligent Systems and Computing, vol 797. Springer, Singapore. https://doi.org/10.1007/978-981-13-1165-9_1

Download citation

  • DOI: https://doi.org/10.1007/978-981-13-1165-9_1

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-13-1164-2

  • Online ISBN: 978-981-13-1165-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation