On the Road to Secure and Privacy-Preserving IoT Ecosystems

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10218)


The Internet of Things (IoT) is on the rise. Today, various IoT platforms are already available, giving access to myriads of things. Initiatives such as BIG IoT are bringing those IoT platforms together in order to form ecosystems. BIG IoT aims to facilitate cross-platform and cross-domain application developments and establish centralized marketplaces to allow resource monetization. This combination of multi-platform applications, heterogeneity of the IoT, as well as enabling marketing and accounting of resources results in crucial challenges for security and privacy. Hence, this article analyses the requirements for security in IoT ecosystems and outlines solutions followed in the BIG IoT project to tackle those challenges. Concrete analysis of an IoT use case covering aspects such as public, private transportation, and smart parking is also presented.


Internet of Things IoT Security Privacy 



This work is mainly financially supported by the project Bridging the Interoperability Gap (BIG IoT) funded by the European Commission’s Horizon 2020 research and innovation program under grant agreement No. 688038. In addition, this work has been partially supported by the MINECO/FEDER funded projects ANFORA TEC2015-68734-R and ARPASAT TEC2015-70197-R and by the Generalitat de Catalunya grant 2014-SGR-1504.


  1. 1.
    Open Web Applications Security Project (OWASP).
  2. 2.
    OWASP Code Review Project second edition guideline.
  3. 3.
    The OWASP Software Assurance Maturity Model (SAMM).
  4. 4.
    Worldsensing’s Bitcarrier.
  5. 5.
    Worldsensing’s Fastprk.
  6. 6.
    Allseen Alliance: Alljoyn framework.
  7. 7.
    Bartel, M., Boyer, J., Fox, B., LaMacchia, B., Simon, E.: XML Signature syntax and processing, 2nd edn.
  8. 8.
    Berners-Lee, T., Hendler, J., Lassila, O., et al.: The semantic web. Sci. Am. 284(5), 28–37 (2001)CrossRefGoogle Scholar
  9. 9.
    Bröring, A., Schmid, S., Schindhelm, C.K., Khelil, A., Kaebisch, S., Kramer, D., Le Phuoc, D., Mitic, J., Anicic, D., Teniente, E.: Enabling IoT ecosystems through platform interoperability. IEEE Software (Software Engineering for the Internet of Things) (2017, forthcoming)Google Scholar
  10. 10.
  11. 11.
  12. 12.
  13. 13.
    IETF OAuth WG: OAuth 1.
  14. 14.
    IETF OAuth WG: OAuth 2.0.
  15. 15.
    Imamura, T., Dillaway, B., Simon, E.: XML encryption syntax and processing.
  16. 16.
    Jones, M., Bradley, J., Sakimura, N.: JSON Web Signature (JWS).
  17. 17.
    Jones, M., Hildebrand, J.: JSON Web Encryption (JWE),
  18. 18.
    Meucci, M., Muller, A.: OWASP testing guideline version 4.
  19. 19.
    OpenID Foundation: OpenID connect.
  20. 20.
    Organization for the Advancement of Structured Information Standards (OASIS): Official Wiki of the OASIS security services (SAML) technical committee.
  21. 21.
  22. 22.
    OWASP Internet of Things Project: Principles of IoT security.
  23. 23.
  24. 24.
    Transport Metropolitans de Barcelona: TMB open data.

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Universitat Politècnica de CatalunyaBarcelonaSpain
  2. 2.Siemens AGMunichGermany
  3. 3.Aalborg UniversitetAalborgDenmark
  4. 4.Atos IT Solutions and Services GmbHViennaAustria
  5. 5.Robert Bosch GmbHStuttgartGermany

Personalised recommendations