User-Centric Privacy

Part of the Internet of Things book series (ITTCC)


Security and privacy aspects are crucial for the acceptance of IoT environments. Accordingly, this chapter will focus on new approaches to enable end user to better control and protect their privacy and personal data. In particular, it will describe the work carried out in the context of the EU project SMARTIE, which proposed a user-centric platform for secure exchange and sharing based on the use of advanced cryptographic schemes. This platform is, in turn, an instantiation of a reference functional architecture derived from the IoT-A project that is also explained. Furthermore, the chapter provides a description about the use of specific technologies and approaches that are employed in the context of Smart Buildings, where data protection aspects are addressed through the mentioned platform.


Privacy End-user consent management IoT XACML DCapBAC SMARTIE 



This chapter includes results shared by the European research project (Grant Agreement N° 723076); IoTCrawler (Grant Agreement N° 779852); and Fed4IoT (Grant Agreement N° 814918), which has received partial funding from the European Commission as well as by the Spanish Ministry of Economy and Competitiveness through the Torres Quevedo program (Grant Agreement N° TQ-15-08073).


  1. 1.
    J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of Things (IoT): a vision, architectural elements, and future directions. Futur. Gener. Comput. Syst. 29(7), 1645–1660 (2013)CrossRefGoogle Scholar
  2. 2.
    G. Kortuem, F. Kawsar, V. Sundramoorthy, D. Fitton, Smart objects as building blocks for the internet of things. IEEE Internet Comput. 14(1), 44–51 (2010)CrossRefGoogle Scholar
  3. 3.
    E. Rescorla, N. Modadugu, Datagram transport layer security version 1.2. (No. RFC 6347) (2012)Google Scholar
  4. 4.
    L. Seitz, S. Gerdes, G. Selander, M. Mani, S. Kumar, Use cases for authentication and authorisation in constrained environments (No. RFC 7744) (2016)Google Scholar
  5. 5.
    J.L. Hernández-Ramos, D.G. Carrillo, A. Skarmeta, F. Gonçalves, L. Cortesão, J.M. Bohli, M. Bauer, SMARTIE: a secure platform for Smart Cities and IoT. Eng. Secure Intern. Things Syst. 2, 75 (2016)CrossRefGoogle Scholar
  6. 6.
    D. Bonino, M.T.D. Alizo, A. Alapetite, T. Gilbert, M. Axling, H. Udsen, et al., Almanac: internet of things for smart cities, in Future Internet of Things and Cloud (FiCloud), 2015 3rd International Conference, (IEEE, New York, 2015), pp. 309–316CrossRefGoogle Scholar
  7. 7.
    H.C. Pöhls, V. Angelakis, S. Suppan, K. Fischer, G. Oikonomou, E.Z. Tragos, et al., RERUM: building a reliable IoT upon privacy-and security-enabled smart objects, in Wireless Communications and Networking Conference Workshops (WCNCW), 2014 IEEE, (IEEE, New York, 2014), pp. 122–127Google Scholar
  8. 8.
    J.B. Bernabe, I. Elicegui, E. Gandrille, N. Gligoric, A. Gluhak, C. Hennebert, et al., SocIoTal—the development and architecture of a social IoT framework, in Global internet of things summit (GIoTS), 2017, (IEEE, New York, 2017), pp. 1–6Google Scholar
  9. 9.
    A. Bassi, M. Bauer, M. Fiedler, T. Kramp, R. Van Kranenburg, S. Lange, S. Meissner, Enabling things to talk (Springer, Berlin, 2016)Google Scholar
  10. 10.
    T. Cooper, R. LaSalle, Guarding and growing personal data value. Accenture Institute for High Performance (2015)Google Scholar
  11. 11.
    A. Poikola, K. Kuikkaniemi, H. Honko, Mydata a nordic model for human-centered personal data management and processing. Finnish Ministry of Transport and Communications (2015)Google Scholar
  12. 12.
    D. Ferraiolo, J. Cugini, D.R. Kuhn. Role-based access control (RBAC): features and motivations. In Proceedings of 11th annual computer security application conference (1995), pp. 241–248Google Scholar
  13. 13.
    E. Yuan, J. Tong, Attributed based access control (ABAC) for web services, in Web Services, 2005. ICWS 2005. Proceedings. 2005 IEEE International Conference, (IEEE, New York, 2005)Google Scholar
  14. 14.
    T. Moses, Extensible access control markup language (xacml) version 2.0. Oasis Standard, 2005 (2005)Google Scholar
  15. 15.
    J.L. Hernández-Ramos, A.J. Jara, L. Marín, A.F. Skarmeta Gómez, DCapBAC: embedding authorisation logic into smart things through ECC optimisations. Int. J. Comput. Math. 93(2), 345–366 (2016)CrossRefGoogle Scholar
  16. 16.
    C.M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. M. Thomas, T. Ylonen, SPKI certificate theory (1999), RFC2693Google Scholar
  17. 17.
    M. Jones, J. Bradley, N. Sakimura, Json web token (jwt) (No. RFC 7519) (2015)Google Scholar
  18. 18.
    J.B. Bernabe, J.L.H. Ramos, A.F.S. Gomez, TACIoT: multidimensional trust-aware access control system for the Internet of Things. Soft. Comput. 20(5), 1763–1779 (2016)CrossRefGoogle Scholar
  19. 19.
    T. Hardjono, E. Maler, M. Machulak, D. Catalano. User-managed access (uma) profile of oauth 2.0. Kantara Initiative, Recommendation, 04 (2014)Google Scholar
  20. 20.
    J.L. Hernández-Ramos, J.B. Bernabe, M. Moreno, A.F. Skarmeta, Preserving smart objects privacy through anonymous and accountable access control for a m2m-enabled internet of things. Sensors 15(7), 15611–15639 (2015)CrossRefGoogle Scholar
  21. 21.
    J. Camenisch, E. Van Herreweghen, Design and implementation of the idemix anonymous credential system, in Proceedings of the 9th ACM conference on Computer and communications security, (ACM, New York, 2002), pp. 21–30Google Scholar
  22. 22.
    Z. Shelby, K. Hartke, C. Bormann, B. Frank. The Constrained Application Protocol (CoAP)(RFC 7252), 2014 (2016)Google Scholar
  23. 23.
    A. Sahai, B. Waters, Fuzzy identity-based encryption. Eur. Secur. 3494, 457–473 (2005)MathSciNetzbMATHGoogle Scholar
  24. 24.
    V. Goyal, O. Pandey, A. Sahai, B. Waters, Attribute-based encryption for fine-grained access control of encrypted data, in Proceedings of the 13th ACM conference on Computer and communications security, (ACM, New York, 2006), pp. 89–98Google Scholar
  25. 25.
    J. Bethencourt, A. Sahai, B. Waters, Ciphertext-policy attribute-based encryption, in Security and Privacy, 2007. SP’07. IEEE Symposium on, (IEEE, New York, 2007), pp. 321–334CrossRefGoogle Scholar
  26. 26.
    SMARTIE. Deliverable 2.3: SMARTIE initial architecture specification,
  27. 27.
    J.L. Hernandez-Ramos, J.B. Bernabé, A. Skarmeta, ARMY: architecture for a secure and privacy-aware lifecycle of smart objects in the internet of my things. IEEE Commun. Mag. 54(9), 28–35 (2016)CrossRefGoogle Scholar
  28. 28.
    D. Forsberg, Y. Ohba, B. Patil, H. Tschofenig, A. Yegin. Protocol for carrying authentication for network access (PANA) (No. RFC 5191) (2008)Google Scholar
  29. 29.
    J.L. Hernández-Ramos, D.G. Carrillo, R. Marín-López, A.F. Skarmeta, Dynamic security credentials pana-based provisioning for IoT smart objects, in Internet of Things (WF-IoT), 2015 IEEE 2nd World Forum, (IEEE, New York, 2015), pp. 783–788CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Universidad de MurciaMurciaSpain
  2. 2.Odin SolutionsMurciaSpain

Personalised recommendations