Designing Secure IoT Architectures for Smart City Applications

  • Elias TragosEmail author
  • Alexandros Fragkiadakis
  • Vangelis Angelakis
  • Henrich C. Pöhls


The Internet of Things (IoT) presents itself as a promising set of technologies to support a wide range of applications that aim to improve the quality of life of humans. IoT aims to simplify the way that users receive information providing a unique way of bringing them close to the source of information, hiding the complexity of knowing who or what one should ask to get that information. For this reason, IoT has become a key enabler for smart city applications, and municipalities are very interested to invest in IoT for providing advanced applications to their citizens, who might not be at all familiar with Information and Communication Technologies (ICT). It is quite common in the last few years that large cities are forming strategic agendas for becoming “smarter” through IoT technologies. Their main goal is to build IoT-based infrastructures that can be reused for supporting a plethora of smart city applications, for, i.e., monitoring the weather conditions, the traffic, the citizens’ needs, or for managing the wastes, the city waters, etc. All these applications are indeed very promising for making the cities smarter, but as they are becoming more and more mainstream, they are turning into attractive targets for attackers that aim to exploit the constrained nature of IoT devices toward stealing personal data or performing physical attacks on critical infrastructures. IoT deployments pose severe challenges with regard to ensuring the security of the overall system and the privacy of the users’ data, and only lately there have been advances toward designing secure IoT architectures for smart city applications. This chapter aims to provide an overview of the challenges, the methodology, and the latest attempts for securing the IoT architectures in smart city environments.


Internet of things Security by design Privacy by design IoT architectures Smart cities Trust management Architecture design 



This work has received funding from the European Union’s Seventh Framework Programme (FP7/2007-2013) under grant agreements no 609094, 612361 and 644962.


  1. 1.
    Evans D (2011) The internet of things. How the Next Evolution of the Internet is Changing Everything, Whitepaper, Cisco Internet Business Solutions Group (IBSG)Google Scholar
  2. 2.
    Ranken, Margaret, M2M Global Forecast & Analysis 2014–24, Machina Research Strategy Report, 24, June 2015Google Scholar
  3. 3.
    Ruiz D et al (eds) (2015) Enhancing the autonomous smart objects and the overall system security of IoT based Smart Cities, RERUM Project Deliverable D3.1, 28 February 2015Google Scholar
  4. 4.
    Pöhls HC et al (eds) (2015) Privacy enhancing techniques in the Smart City applications, RERUM Project Deliverable D3.2, 2 Sept 2015Google Scholar
  5. 5.
    Blefari-Melazzi N, Bianchi G, Salgarelli L (eds) (2011) Trustworthy internet. Springer Science & Business MediaGoogle Scholar
  6. 6.
    Vermesan O, Friess P (2014) Internet of things—from research and innovation to market deployment. River PublishersGoogle Scholar
  7. 7.
    Vermesan O, Friess P (eds) (2015) Building the hyperconnected society: IoT research and innovation value chains, ecosystems and markets, vol. 43. River PublishersGoogle Scholar
  8. 8.
    Internet of Things research study. Hewlett Packard Enterprise 2015 report.–4759ENW.pdf
  9. 9.
    Mouroutis T et al. (eds) (2014) Use-cases definition and threat analysis, RERUM Project Deliverable D2.1, 31 May 2014Google Scholar
  10. 10.
    Bassi A et al (2013) Enabling things to talk. Designing IoT solutions with the IoT architectural reference model, pp 163–211Google Scholar
  11. 11.
    Howard M, Lipner S (2006) The security development lifecycle: SDL: a process for developing demonstrably more secure software. Microsoft Press (2006)Google Scholar
  12. 12.
    Gruschka N et al (eds) (2012) Concepts and Solutions for Privacy and Security in the Resolution Infrastructure, IoT-A Project Deliverable D4.2, 16 February 2012Google Scholar
  13. 13.
    Carrez F et al (eds) (2013) Final architectural reference model for the IoT v3.0, IoT-A Project Deliverable D1.5, 15 July 2013Google Scholar
  14. 14.
    Menoret S et al (eds) (2014) Final architectural reference model, iCore Project Deliverable D2.5, 2 Nov 2014Google Scholar
  15. 15.
    Baldini G et al (eds) Security requirements for the iCore cognitive management and control framework, iCore Project Deliverable D2.2, 31 May 2012Google Scholar
  16. 16.
    Neisse R, Steri G, Fovino IN, Baldini G (2015) SecKit: a model-based security toolkit for the internet of things. Comput Secur 54:60–76. ISSN 0167-4048Google Scholar
  17. 17.
    Integrated System Architecture and Initial Pervasive BUTLER proof of concept, BUTLER Project Deliverable D3.2, October 2013Google Scholar
  18. 18.
    Requirements, Specifications and Security Technologies for IoT Context-Aware Networks, BUTLER Project Deliverable D2.1, October 2012Google Scholar
  19. 19.
    Ethics, Privacy and Data Protection in BUTLER, BUTLER Project Deliverable D1.4, July 2013Google Scholar
  20. 20.
    Dimitropoulos P, Soldatos J, Kefalakis N, Bengtsson JE, Giuliano A et al (eds) OpenIoT detailed architecture and proof-of-concept specifications, OpenIoT Project Deliverable D2.3, 28 March 2013Google Scholar
  21. 21.
    Gwadera R et al (eds) (2013) Privacy and Security Framework, OpenIoT Project Deliverable D5.2.1, 27 Sept 2013Google Scholar
  22. 22.
    Azevedo R et al (eds) (2014) Requirements, SMARTIE Project Deliverable D2.2Google Scholar
  23. 23.
    Skarmeta A et al (eds) (2015) Initial Architecture Specification, SMARTIE Project Deliverable D2.3Google Scholar
  24. 24.
    Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE symposium on security and privacy. SP’07, pp 321–334Google Scholar
  25. 25.
    Pitu L et al (eds) (2015) End-to-End Security and Privacy: Design and Open Specification (Updated), COSMOS Project Deliverable D3.1.2, 30 April 2015Google Scholar
  26. 26.
    Carrez F et al (eds) (2015) Conceptual Model and Reference Architecture (Updated), COSMOS Project Deliverable D2.3.2, 30 April 2015Google Scholar
  27. 27.
    Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inform Theory 22(6):644–654MathSciNetCrossRefzbMATHGoogle Scholar
  28. 28.
    Deliverable D1.2.2 Final COMPOSE architecture documentGoogle Scholar
  29. 29.
    Schreckling D, Parra JD, Doukas C, Posegga J (2015) Data-Centric Security for the IoT. In: Proceedings of the 2nd EAI international conference on IoT as a Service, Rome, ItalyGoogle Scholar
  30. 30.
    Broberg N, Sands D (2010) Paralocks: Role-based information flow control and be- yond. In: Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on principles of programming languages. pp 431–444. POPL’10, ACM, New York, NY, USAGoogle Scholar
  31. 31.
    Parra J, Schreckling D, Posegga J (2014) Identity Management in Platforms Of
fering IoT as a Service. In: 1st international conference on IoT as a service. 
Lecture Notes in Computer Science (LNCS), Springer, Rome, ItalyGoogle Scholar
  32. 32.
    Demirel D, Derler D, Hanser C, Pöhls HC, Slamanig D, Traverso G (2015) PRISMACLOUD D4.4: Overview of Functional and Malleable Signature SchemesGoogle Scholar
  33. 33.
    Lorünser T, Länger T, Slamanig D, Pöhls HC (2016) PRISMACLOUD Tools: A Cryptographic Toolbox for Increasing Security in Cloud Services. In: Proceedings of a workshop on security, privacy, and identity management in the cloud collocated at the 11th international conference on availability, reliability and security. ARES’16, Salzburg, Austria, 2016Google Scholar
  34. 34.
    Pohls HC et al (2014) RERUM: Building a reliable IoT upon privacy-and security-enabled smart objects. In: Wireless communications and networking conference workshops (WCNCW), 2014 IEEE. IEEE, 2014Google Scholar
  35. 35.
    Tragos EZ et al (2014) Enabling reliable and secure IoT-based smart city applications. In: 2014 IEEE international conference on pervasive computing and communications workshops (PERCOM Workshops). IEEE, 2014Google Scholar
  36. 36.
    Cuellar J et al (eds) (2014) System Requirements and Smart Objects Model, RERUM Project Deliverable D2.2, 31 May 2014Google Scholar
  37. 37.
    Tragos E et al (eds) (2015) Final System Architecture, RERUM Project Deliverable D2.5, 4 Sept 2015Google Scholar
  38. 38.
    Capossele A et al (2015) Security as a CoAP resource: an optimized DTLS implementation for the IoT. In: IEEE international conference on communications (ICC), IEEE, 2015Google Scholar
  39. 39.
    Charalampidis P, Fragkiadakis A, Tragos E (2015) Rate-adaptive compressive sensing for IoT applications, VTC2015-Spring, GlasgowGoogle Scholar
  40. 40.
    Fragkiadakis A, Tragos E, Papadakis S, Charalampidis P (2014) Experiences with deploying Compressive Sensing and Matrix Completion techniques in IoT devices, IEEE CAMAD 2014, Athens, 2014Google Scholar
  41. 41.
    Fragkiadakis A, Tragos E, Traganitis A (2014) Lightweight and secure encryption using channel measurements, Wireless Vitae 2014, AalborgGoogle Scholar
  42. 42.
    Pöhls HC (2015) JSON Sensor Signatures (JSS): End-to-End Integrity Protection from Constrained Device to IoT Application. In: 9th international conference on innovative mobile and internet services in ubiquitous computing (IMIS). IEEE, Santa Cantarina, Brazil, 2015Google Scholar
  43. 43.
    Pöhls HC, Samelin K (2015) Accountable redactable signatures. In: 10th international conference on availability, reliability and security (ARES). IEEE, 2015Google Scholar
  44. 44.
    Baldini G et al (2015) Internet of Things. IoT Governance, Privacy and Security Issues, European Research Cluster on The Internet of things, Activity Chain 05 Whitepaper, January 2015Google Scholar
  45. 45.
    Trifa V, Larizgoitia I (2013) Design of the object virtualization specification, Compose Deliverable D2.1.1, 30 Oct 2013Google Scholar
  46. 46.
    Fragkiadakis A, Angelakis V, Tragos EZ (2014) Securing cognitive wireless sensor networks: a survey. Int J Distrib Sens Netw (2014)Google Scholar
  47. 47.
    Schreckling D et al (2015) The Compose Security Framework, COMPOSE Deliverable D5.4.2, 15 Nov 2015Google Scholar

Copyright information

© Springer International Publishing Switzerland 2017

Authors and Affiliations

  • Elias Tragos
    • 1
    Email author
  • Alexandros Fragkiadakis
    • 1
  • Vangelis Angelakis
    • 2
  • Henrich C. Pöhls
    • 3
  1. 1.Institute of Computer ScienceFoundation for Research and Technology—Hellas, (FORTH-ICS)HeraklionGreece
  2. 2.Communications and Transport Systems, Department of Science and TechnologyLinköping University, Campus NorrköpingNorrköpingSweden
  3. 3.Department of Informatics and MathematicsUniversity of PassauPassauGermany

Personalised recommendations