Abstract
The Internet of Things (IoT) is on the rise. Today, various IoT platforms are already available, giving access to myriads of things. Initiatives such as BIG IoT are bringing those IoT platforms together in order to form ecosystems. BIG IoT aims to facilitate cross-platform and cross-domain application developments and establish centralized marketplaces to allow resource monetization. This combination of multi-platform applications, heterogeneity of the IoT, as well as enabling marketing and accounting of resources results in crucial challenges for security and privacy. Hence, this article analyses the requirements for security in IoT ecosystems and outlines solutions followed in the BIG IoT project to tackle those challenges. Concrete analysis of an IoT use case covering aspects such as public, private transportation, and smart parking is also presented.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
An entity processing and/or storing personal information.
- 4.
References
Open Web Applications Security Project (OWASP). https://www.owasp.org/
OWASP Code Review Project second edition guideline. https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project
The OWASP Software Assurance Maturity Model (SAMM). https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model
Worldsensing’s Bitcarrier. http://www.bitcarrier.com/
Worldsensing’s Fastprk. http://www.fastprk.com/
Allseen Alliance: Alljoyn framework. https://allseenalliance.org/framework
Bartel, M., Boyer, J., Fox, B., LaMacchia, B., Simon, E.: XML Signature syntax and processing, 2nd edn. https://www.w3.org/TR/xmldsig-core/
Berners-Lee, T., Hendler, J., Lassila, O., et al.: The semantic web. Sci. Am. 284(5), 28–37 (2001)
Bröring, A., Schmid, S., Schindhelm, C.K., Khelil, A., Kaebisch, S., Kramer, D., Le Phuoc, D., Mitic, J., Anicic, D., Teniente, E.: Enabling IoT ecosystems through platform interoperability. IEEE Software (Software Engineering for the Internet of Things) (2017, forthcoming)
EU Legislation: Directive 95/46/ec (1995). https://secure.edps.europa.eu/EDPSWEB/edps/site/mySite/pid/74#data_directive
EU Legislation: Directive 45/2001/ec (2001). https://secure.edps.europa.eu/EDPSWEB/edps/site/mySite/pid/86#regulation
FTC Staff: Internet of Things: privacy and security in a connected world, January 2015. https://www.ftc.gov/system/files/documents/reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf
IETF OAuth WG: OAuth 1. https://oauth.net/1/
IETF OAuth WG: OAuth 2.0. https://oauth.net/2/
Imamura, T., Dillaway, B., Simon, E.: XML encryption syntax and processing. https://www.w3.org/TR/xmlenc-core/
Jones, M., Bradley, J., Sakimura, N.: JSON Web Signature (JWS). https://datatracker.ietf.org/doc/rfc7515/
Jones, M., Hildebrand, J.: JSON Web Encryption (JWE), https://datatracker.ietf.org/doc/rfc7516/
Meucci, M., Muller, A.: OWASP testing guideline version 4. https://www.owasp.org/index.php/OWASP_Testing_Project
OpenID Foundation: OpenID connect. http://openid.net/connect/
Organization for the Advancement of Structured Information Standards (OASIS): Official Wiki of the OASIS security services (SAML) technical committee. https://wiki.oasis-open.org/security/FrontPage
OWASP: Application security verification standard 3.0.1. https://www.owasp.org/images/3/33/OWASP_Application_Security_Verification_Standard_3.0.1.pdf
OWASP Internet of Things Project: Principles of IoT security. https://www.owasp.org/index.php/Principles_of_IoT_Security
Raskin, A.: Privacy icons. https://www.flickr.com/photos/azaraskin/5304502420/sizes/o/
Transport Metropolitans de Barcelona: TMB open data. https://www.tmb.cat/en/web/tmb/about-tmb/open-data
Acknowledgement
This work is mainly financially supported by the project Bridging the Interoperability Gap (BIG IoT) funded by the European Commission’s Horizon 2020 research and innovation program under grant agreement No. 688038. In addition, this work has been partially supported by the MINECO/FEDER funded projects ANFORA TEC2015-68734-R and ARPASAT TEC2015-70197-R and by the Generalitat de Catalunya grant 2014-SGR-1504.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Hernández-Serrano, J. et al. (2017). On the Road to Secure and Privacy-Preserving IoT Ecosystems. In: Podnar Žarko, I., Broering, A., Soursos, S., Serrano, M. (eds) Interoperability and Open-Source Solutions for the Internet of Things. InterOSS-IoT 2016. Lecture Notes in Computer Science(), vol 10218. Springer, Cham. https://doi.org/10.1007/978-3-319-56877-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-56877-5_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-56876-8
Online ISBN: 978-3-319-56877-5
eBook Packages: Computer ScienceComputer Science (R0)