Skip to main content
SpringerLink
Log in

On the Road to Secure and Privacy-Preserving IoT Ecosystems

  • Conference paper
  • First Online:
Interoperability and Open-Source Solutions for the Internet of Things (InterOSS-IoT 2016)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10218))

Included in the following conference series:

Abstract

The Internet of Things (IoT) is on the rise. Today, various IoT platforms are already available, giving access to myriads of things. Initiatives such as BIG IoT are bringing those IoT platforms together in order to form ecosystems. BIG IoT aims to facilitate cross-platform and cross-domain application developments and establish centralized marketplaces to allow resource monetization. This combination of multi-platform applications, heterogeneity of the IoT, as well as enabling marketing and accounting of resources results in crucial challenges for security and privacy. Hence, this article analyses the requirements for security in IoT ecosystems and outlines solutions followed in the BIG IoT project to tackle those challenges. Concrete analysis of an IoT use case covering aspects such as public, private transportation, and smart parking is also presented.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://big-iot.eu.

  2. 2.

    https://blog.docker.com/2016/03/docker-networking-design-philosophy/.

  3. 3.

    An entity processing and/or storing personal information.

  4. 4.

    http://www.w3.org/WoT/.

References

  1. Open Web Applications Security Project (OWASP). https://www.owasp.org/

  2. OWASP Code Review Project second edition guideline. https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project

  3. The OWASP Software Assurance Maturity Model (SAMM). https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model

  4. Worldsensing’s Bitcarrier. http://www.bitcarrier.com/

  5. Worldsensing’s Fastprk. http://www.fastprk.com/

  6. Allseen Alliance: Alljoyn framework. https://allseenalliance.org/framework

  7. Bartel, M., Boyer, J., Fox, B., LaMacchia, B., Simon, E.: XML Signature syntax and processing, 2nd edn. https://www.w3.org/TR/xmldsig-core/

  8. Berners-Lee, T., Hendler, J., Lassila, O., et al.: The semantic web. Sci. Am. 284(5), 28–37 (2001)

    Article  Google Scholar 

  9. Bröring, A., Schmid, S., Schindhelm, C.K., Khelil, A., Kaebisch, S., Kramer, D., Le Phuoc, D., Mitic, J., Anicic, D., Teniente, E.: Enabling IoT ecosystems through platform interoperability. IEEE Software (Software Engineering for the Internet of Things) (2017, forthcoming)

    Google Scholar 

  10. EU Legislation: Directive 95/46/ec (1995). https://secure.edps.europa.eu/EDPSWEB/edps/site/mySite/pid/74#data_directive

  11. EU Legislation: Directive 45/2001/ec (2001). https://secure.edps.europa.eu/EDPSWEB/edps/site/mySite/pid/86#regulation

  12. FTC Staff: Internet of Things: privacy and security in a connected world, January 2015. https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf

  13. IETF OAuth WG: OAuth 1. https://oauth.net/1/

  14. IETF OAuth WG: OAuth 2.0. https://oauth.net/2/

  15. Imamura, T., Dillaway, B., Simon, E.: XML encryption syntax and processing. https://www.w3.org/TR/xmlenc-core/

  16. Jones, M., Bradley, J., Sakimura, N.: JSON Web Signature (JWS). https://datatracker.ietf.org/doc/rfc7515/

  17. Jones, M., Hildebrand, J.: JSON Web Encryption (JWE), https://datatracker.ietf.org/doc/rfc7516/

  18. Meucci, M., Muller, A.: OWASP testing guideline version 4. https://www.owasp.org/index.php/OWASP_Testing_Project

  19. OpenID Foundation: OpenID connect. http://openid.net/connect/

  20. Organization for the Advancement of Structured Information Standards (OASIS): Official Wiki of the OASIS security services (SAML) technical committee. https://wiki.oasis-open.org/security/FrontPage

  21. OWASP: Application security verification standard 3.0.1. https://www.owasp.org/images/3/33/OWASP_Application_Security_Verification_Standard_3.0.1.pdf

  22. OWASP Internet of Things Project: Principles of IoT security. https://www.owasp.org/index.php/Principles_of_IoT_Security

  23. Raskin, A.: Privacy icons. https://www.flickr.com/photos/azaraskin/5304502420/sizes/o/

  24. Transport Metropolitans de Barcelona: TMB open data. https://www.tmb.cat/en/web/tmb/about-tmb/open-data

Download references

Acknowledgement

This work is mainly financially supported by the project Bridging the Interoperability Gap (BIG IoT) funded by the European Commission’s Horizon 2020 research and innovation program under grant agreement No. 688038. In addition, this work has been partially supported by the MINECO/FEDER funded projects ANFORA TEC2015-68734-R and ARPASAT TEC2015-70197-R and by the Generalitat de Catalunya grant 2014-SGR-1504.

Author information

Authors and Affiliations

  1. Universitat Politècnica de Catalunya, Barcelona, Spain

    Juan Hernández-Serrano, Jose L. Muñoz, Oscar Esparza & Olga León

  2. Siemens AG, Munich, Germany

    Arne Bröring

  3. Aalborg Universitet, Aalborg, Denmark

    Lars Mikkelsen

  4. Atos IT Solutions and Services GmbH, Vienna, Austria

    Wolfgang Schwarzott

  5. Robert Bosch GmbH, Stuttgart, Germany

    Jan Zibuschka

Authors
  1. Juan Hernández-Serrano
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jose L. Muñoz
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arne Bröring
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Oscar Esparza
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Lars Mikkelsen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Wolfgang Schwarzott
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Olga León
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Jan Zibuschka
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Juan Hernández-Serrano .

Editor information

Editors and Affiliations

  1. Faculty of Electrical Engineering and Computing, University of Zagreb, Zagreb, Croatia

    Ivana Podnar Žarko

  2. CT RDA NEC, Siemens AG Corporate Technology, Munich, Germany

    Arne Broering

  3. Intracom SA Telecom Solutions, Peania, Greece

    Sergios Soursos

  4. Insight Centre for Data Analysis, National University of Ireland Galway , Galway, Ireland

    Martin Serrano

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Hernández-Serrano, J. et al. (2017). On the Road to Secure and Privacy-Preserving IoT Ecosystems. In: Podnar Žarko, I., Broering, A., Soursos, S., Serrano, M. (eds) Interoperability and Open-Source Solutions for the Internet of Things. InterOSS-IoT 2016. Lecture Notes in Computer Science(), vol 10218. Springer, Cham. https://doi.org/10.1007/978-3-319-56877-5_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-56877-5_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-56876-8

  • Online ISBN: 978-3-319-56877-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation