Abstract
The Internet of Things (IoT) represents a revolution of the Internet which can connect nearly all environment devices over the Internet to share their data to create novel services and applications for improving our quality of life. Using cheap sensors, the IoT enables various devices and objects around us to be addressable, recognizable and locatable. Although the IoT brought infinite benefits, it creates several challenges, especially in security and privacy. Handling these issues and ensuring security and privacy for IoT products and services must be a fundamental priority. Users need to trust IoT devices and related services are secure. Moreover, the IoT safety must be considered to prevent the IoT system and its components from causing an unacceptable risk of injury or physical damage and at the same time considering social behaviour and ethical use of IoT technologies to enable effective security and safety. This chapter provides a discussion of IoT security, privacy, safety and ethics. It starts by providing an overview of the IoT system, its architecture and essential characteristics. This is followed by discussing IoT security challenges, requirements and best practices to protect IoT devices. The IoT privacy is also discussed by highlighting various IoT privacy threats and solutions to preserve the privacy of IoT devices. The IoT safety, ethics, the need for the ethical design and challenges encountered are also discussed. In the end, smart cities are introduced as a case study to investigate various security threats and suggested solutions to maintain a good security level in a smart city.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Atlam, H.F., Walters, R.J., Wills, G.B.: Internet of things: state-of-the-art, challenges, applications, and open issues. Int. J. Intell. Comput. Res. 9(3), 928–938 (2018)
Atlam, H.F., Walters, R.J., Wills, G.B.: Intelligence of Things: Opportunities & Challenges. 3rd Cloudification of the Internet of Things (CIoT), pp. 1–6 (2018)
Martin, P., Brohman, K.: CLOUDQUAL: a quality model for cloud services. IEEE Trans. Ind. Inf. 10(2), 1527–1536 (2014)
Cerf, V., Ryan, P., Senges, M., Whitt, R.: IoT safety and security as shared responsibility. Bus. Inform. 1, 7–19 (2016)
Shanbhag, R., Shankarmani, R.: Architecture for internet of things to minimize human intervention. In: 2015 International Conference on Advances in Computing, Communications and Informatics, ICACCI 2015, pp. 2348–2353 (2015)
Ashton, K.: That ‘Internet of Things’ Thing. RFID J., 4986 (2009)
ITU: The Internet of Things. ITU Internet Rep., p. 212 (2005)
ITU: Overview of the Internet of things. Ser. Y Glob. Inf. infrastructure, internet Protoc. Asp. next-generation networks - Fram. Funct. Archit. Model., p. 22 (2012)
Guillemin, P., Friess, P.: Internet of things strategic research roadmap. Eur. Comm. Inf. Soc. Media, Luxembourg (2009)
Stallings, W.: The internet of things: network and security architecture. Internet Protocol J. 18(4), 2–24 (2015)
Cisco: The Internet of Things Reference Model. White Paper, pp. 1–12 (2014)
Atlam, H.F., Alenezi, A., Walters, R.J., Wills, G.B., Daniel, J.: Developing an adaptive Risk-based access control model for the Internet of Things. In: 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), no. June, pp. 655–661 (2017)
Iqbal, M.A., Olaleye, O.G., Bayoumi, M.A.: A review on internet of things (IoT): security and privacy requirements and the solution approaches. Global J. Comput. Sci. Technol.: E Network, Web & Secur. 16(7) (2016)
Atlam, H.F., Alenezi, A., Hussein, R.K., Wills, G.B.: Validation of an adaptive risk-based access control model for the internet of things. Int. J. Comput. Network Inf. Secur., 26–35 (2018)
Maple, C.: Security and privacy in the internet of things. J. Cyber Policy 2(2), 155–184 (2017)
Yu, Y., Kaiya, H., Yoshioka, N., Hu, Z., Washizaki, H., Xiong, Y., Hosseinian-Far, A.: Goal modelling for security problem matching and pattern enforcement. Int. J. Secure Softw. Eng. (IJSSE) 8(3), 42–57 (2016)
Suo, H., Wan, J., Zou, C., Liu, J.: Security in the internet of things: a review. In: International Conference on Computer Science and Electronics Engineering (CCSEE 2012) vol. 3, pp. 648–651 (2012)
Abdur, M., Habib, S., Ali, M., Ullah, S.: Security issues in the internet of things (IoT): a comprehensive study. Int. J. Adv. Comput. Sci. Appl. 8(6) (2017)
Theobald, M.: The Importance of Security by Design for IoT Devices (2018). https://www.redalertlabs.com/blog/the-importance-of-security-by-design-for-iot-devices. Accessed 20 Aug 2018
James, M.: Secure by Design: Improving the cybersecurity of consumer Internet of Things Report (2017)
George, C., Fink, G.A., Mandal, S., Hrivnak, C.: Internet of things (IoT) security best practices. IEEE Internet Technol. Policy Community White Paper, no. February (2017)
Atlam, H.F., Alenezi, A., Alharthi, A., Walters, R., Wills, G.B.: Integration of cloud computing with internet of things: challenges and open issues. In: 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), no. June, pp. 670–675 (2017)
Kvarda, L., Hnyk, P., Vojtech, L., Neruda, M.: Software implementation of secure firmware update in IoT concept. Adv. Electrical Electron. Eng. 15(4), 626–632 (2017)
Venkatesh, J., Diego, S.: Scalable- application design for the IoT. IEEE Comput. Soc., 62–70 (2017)
Babar, S., Stango, A., Prasad, N., Sen, J., Prasad, R.: Proposed embedded security framework for Internet of Things (IoT). In: 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE), no. May 2014 (2011)
Sopori, D., Pawar, T., Patil, M., Ravindran, R.: Internet of things: security threats. Int. J. Adv. Res. Comput. Eng. Technol. (IJARCET) 6(3), 263–267 (2017)
Deogirikar, J.: Security attacks in IoT : a Survey. In: International conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud), pp. 32–37 (2017)
Heer, T., Garcia-Morchon, O., Hummen, R., Keoh, S.L., Kumar, S.S., Wehrle, K.: Security challenges in the IP-based Internet of Things. Wireless Personal Commun. 61(3), 527–542 (2011)
Khoo, B.: RFID As an enabler of the internet of things: issues of security and privacy. In: IEEE International Conferences on Internet of Things and Cyber, Physical and Social Computing (iThings/CPSCom 2011), pp. 709–712 (2011)
Mitrokotsa, A., Rieback, M.R., Tanenbaum, A.S.: Classifying RFID attacks and defenses. Inf. Syst. Front. 12(5), 491–505 (2010)
Raju, I., Parwekar, P.: Detection of sinkhole attack in wireless sensor network. Adv. Intell. Syst. Comput. 381(July), 629–636 (2016)
Padhy, R., Patra, M., Satapathy, S.: Cloud computing: security issues and research challenges. Int. J. Comput. Sci. Inf. Technol. Secur. (IJCSITS) 1(2), 136–146 (2011)
Atlam, H.F., Attiya, G., El-Fishawy, N.: Integration of color and texture features in CBIR system. Int. J. Comput. Appl. 164(3), 23–29 (2017)
Aman, W.: Modeling adaptive security in IoT Driven eHealth. In: Norwegian Information Security Conference (NISK 2013), pp. 61–69 (2013)
Atlam, H.F., Walters, R.J., Wills, G.B.: Fog computing and the internet of things: a review. Big Data Cognitive Comput. 2(2), 1–18 (2018)
Atlam, H.F., Walters, R.J., Wills, G.B.: Internet of nano things : security issues and applications. In: 2018 2nd International Conference on Cloud and Big Data Computing, no. October, pp. 71–77 (2018)
Westin, A.F.: Privacy and Freedom. Atheneum, New York (1967)
Padilla-López, J.R., Chaaraoui, A.A., Flórez-Revuelta, F.: Visual privacy protection methods: A survey. Expert Syst. Appl. 42(9), 4177–4195 (2015)
Atlam, H.F., Alenezi, A., Alassafi, M.O., Walters, R.J., Wills, G.B.: XACML for building access control policies in internet of things. In: Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security (IoTBDS 2018), pp. 253–260. (2018)
Ziegeldorf, J.H., Morchon, O.G., Wehrle, K.: Privacy in the internet of things: Threats and challenges. Secur. Commun. Netwo. 7(12), 2728–2742 (2014)
Toch, E., Wang, Y., Cranor, L.F.: Personalization and privacy: a survey of privacy risks and remedies in personalization-based systems. User Model. User-Adapted Interact. 22(1–2), 203–220 (2012)
Aleisa, N., Renaud, K.: Privacy of the internet of things: a systematic literature review (Extended Discussion). ArXiv e-prints, pp. 1–10 (2016)
Atlam, H.F., Attiya, G., El-Fishawy, N.: Comparative study on CBIR based on color feature. Int. J. Comput. Appl. 78(16), 975–8887 (2013)
Singh, J., Pasquier, T., Bacon, J., Ko, H., Eyers, D.: Twenty security considerations for cloud-supported internet of things. IEEE Internet Things J. 3(3), 269–284 (2016)
Atlam, H.F., Alenezi, A., Walters, R., Wills, G.B.: An overview of risk estimation techniques in risk-based access control for the internet of things. In: Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security (IoTBDS 2017), pp. 254–260 (2017)
Wolf, M., Serpanos, D.: Safety and security of cyber-physical and internet-of-things systems. Proc. IEEE 105(6), 983–984 (2017)
Hussein, R.K., Alenezi, A., Atlam, H.F., Mohammed, M.Q., Walters, R.J., Wills, G.B.: Toward confirming a framework for securing the virtual machine image in cloud computing. Adv. Sci. Technol. Eng. Syst. 2(4), 44–50 (2017)
Popescul, D., Georgescu, M.: Internet of things—some ethical issues. USV Ann. Econ. Public Adm. 13(2), 208–214 (2013)
Alenezi, A., Zulkipli, N. H.N., Atlam, H.F., Walters, R.J., Wills, G.B.: The impact of cloud forensic readiness on security. In: 7th International Conference on Cloud Computing and Services Science, pp. 511–517 (2017)
Baldini, G., Botterman, M., Neisse, R., Tallacchini, M.: Ethical design in the internet of things. Sci. Eng. Ethics 24(3), 905–925 (2018)
Atlam, H.F., Alenezi, A., Alassafi, M.O., Wills, G.B.: Blockchain with internet of things: benefits, challenges, and future directions. Int. J. Intell. Syst. Appl. June, pp. 40–48 (2018)
Pollard, W.: IoT governance, privacy and security issues. Eur. Res. Clust. Internet Things, 23–31 (2015)
Zanella, A., Bui, N., Castellani, A., Vangelista, L., Zorzi, M.: Internet of things for smart cities. IEEE Internet Things J. 1(1), 22–32 (2014)
Ijaz, S., Ali, M., Khan, A., Ahmed, M.: Smart cities: a survey on security concerns. Int. J. Adv. Comput. Sci. Appl. 7(2) (2016)
Kitchin, R., Dodge, M.: The (In)Security of smart cities: vulnerabilities, risks, mitigation, and prevention. J. Urban Technol., 1–19 (2017)
Khatoun, R., Zeadally, S.: Cybersecurity and privacy solutions in smart cities. IEEE Commun. Mag. 55(3), 51–59 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Atlam, H.F., Wills, G.B. (2020). IoT Security, Privacy, Safety and Ethics. In: Farsi, M., Daneshkhah, A., Hosseinian-Far, A., Jahankhani, H. (eds) Digital Twin Technologies and Smart Cities. Internet of Things. Springer, Cham. https://doi.org/10.1007/978-3-030-18732-3_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-18732-3_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-18731-6
Online ISBN: 978-3-030-18732-3
eBook Packages: EngineeringEngineering (R0)