Skip to main content

On the Road to Secure and Privacy-Preserving IoT Ecosystems

Part of the Lecture Notes in Computer Science book series (LNISA,volume 10218)

Abstract

The Internet of Things (IoT) is on the rise. Today, various IoT platforms are already available, giving access to myriads of things. Initiatives such as BIG IoT are bringing those IoT platforms together in order to form ecosystems. BIG IoT aims to facilitate cross-platform and cross-domain application developments and establish centralized marketplaces to allow resource monetization. This combination of multi-platform applications, heterogeneity of the IoT, as well as enabling marketing and accounting of resources results in crucial challenges for security and privacy. Hence, this article analyses the requirements for security in IoT ecosystems and outlines solutions followed in the BIG IoT project to tackle those challenges. Concrete analysis of an IoT use case covering aspects such as public, private transportation, and smart parking is also presented.

Keywords

  • Internet of Things
  • IoT
  • Security
  • Privacy

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-56877-5_7
  • Chapter length: 16 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   44.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-56877-5
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   59.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.

Notes

  1. 1.

    http://big-iot.eu.

  2. 2.

    https://blog.docker.com/2016/03/docker-networking-design-philosophy/.

  3. 3.

    An entity processing and/or storing personal information.

  4. 4.

    http://www.w3.org/WoT/.

References

  1. Open Web Applications Security Project (OWASP). https://www.owasp.org/

  2. OWASP Code Review Project second edition guideline. https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project

  3. The OWASP Software Assurance Maturity Model (SAMM). https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model

  4. Worldsensing’s Bitcarrier. http://www.bitcarrier.com/

  5. Worldsensing’s Fastprk. http://www.fastprk.com/

  6. Allseen Alliance: Alljoyn framework. https://allseenalliance.org/framework

  7. Bartel, M., Boyer, J., Fox, B., LaMacchia, B., Simon, E.: XML Signature syntax and processing, 2nd edn. https://www.w3.org/TR/xmldsig-core/

  8. Berners-Lee, T., Hendler, J., Lassila, O., et al.: The semantic web. Sci. Am. 284(5), 28–37 (2001)

    CrossRef  Google Scholar 

  9. Bröring, A., Schmid, S., Schindhelm, C.K., Khelil, A., Kaebisch, S., Kramer, D., Le Phuoc, D., Mitic, J., Anicic, D., Teniente, E.: Enabling IoT ecosystems through platform interoperability. IEEE Software (Software Engineering for the Internet of Things) (2017, forthcoming)

    Google Scholar 

  10. EU Legislation: Directive 95/46/ec (1995). https://secure.edps.europa.eu/EDPSWEB/edps/site/mySite/pid/74#data_directive

  11. EU Legislation: Directive 45/2001/ec (2001). https://secure.edps.europa.eu/EDPSWEB/edps/site/mySite/pid/86#regulation

  12. FTC Staff: Internet of Things: privacy and security in a connected world, January 2015. https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf

  13. IETF OAuth WG: OAuth 1. https://oauth.net/1/

  14. IETF OAuth WG: OAuth 2.0. https://oauth.net/2/

  15. Imamura, T., Dillaway, B., Simon, E.: XML encryption syntax and processing. https://www.w3.org/TR/xmlenc-core/

  16. Jones, M., Bradley, J., Sakimura, N.: JSON Web Signature (JWS). https://datatracker.ietf.org/doc/rfc7515/

  17. Jones, M., Hildebrand, J.: JSON Web Encryption (JWE), https://datatracker.ietf.org/doc/rfc7516/

  18. Meucci, M., Muller, A.: OWASP testing guideline version 4. https://www.owasp.org/index.php/OWASP_Testing_Project

  19. OpenID Foundation: OpenID connect. http://openid.net/connect/

  20. Organization for the Advancement of Structured Information Standards (OASIS): Official Wiki of the OASIS security services (SAML) technical committee. https://wiki.oasis-open.org/security/FrontPage

  21. OWASP: Application security verification standard 3.0.1. https://www.owasp.org/images/3/33/OWASP_Application_Security_Verification_Standard_3.0.1.pdf

  22. OWASP Internet of Things Project: Principles of IoT security. https://www.owasp.org/index.php/Principles_of_IoT_Security

  23. Raskin, A.: Privacy icons. https://www.flickr.com/photos/azaraskin/5304502420/sizes/o/

  24. Transport Metropolitans de Barcelona: TMB open data. https://www.tmb.cat/en/web/tmb/about-tmb/open-data

Download references

Acknowledgement

This work is mainly financially supported by the project Bridging the Interoperability Gap (BIG IoT) funded by the European Commission’s Horizon 2020 research and innovation program under grant agreement No. 688038. In addition, this work has been partially supported by the MINECO/FEDER funded projects ANFORA TEC2015-68734-R and ARPASAT TEC2015-70197-R and by the Generalitat de Catalunya grant 2014-SGR-1504.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Juan Hernández-Serrano .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Hernández-Serrano, J. et al. (2017). On the Road to Secure and Privacy-Preserving IoT Ecosystems. In: Podnar Žarko, I., Broering, A., Soursos, S., Serrano, M. (eds) Interoperability and Open-Source Solutions for the Internet of Things. InterOSS-IoT 2016. Lecture Notes in Computer Science(), vol 10218. Springer, Cham. https://doi.org/10.1007/978-3-319-56877-5_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-56877-5_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-56876-8

  • Online ISBN: 978-3-319-56877-5

  • eBook Packages: Computer ScienceComputer Science (R0)