Skip to main content
SpringerLink
Log in
Book cover

Connected Environments for the Internet of Things pp 19–39Cite as

Security and Privacy Across Connected Environments

  • Chapter
  • First Online:

Part of the book series: Computer Communications and Networks ((CCN))

Abstract

The devices in the Internet of Things (IoT) environment find applications in a wide variety of fields, from smart homes and smart cities to smart wearables. Earlier predictions had estimated a huge number of connected devices in use by the year 2015, but it did not happen. A main reason refers to the ubiquity of IoT devices that has its own set of unique challenges and problems which are not easy to surmount. One core issue relates to the security and connectivity vulnerabilities of these devices. With the number of IoT devices steadily on the rise and trends like BYOD (Bring Your Own Device) catching up, the challenges faced by these devices are steadily increasing. To understand the significance of issues relating to the connectivity of IoT devices, we must learn about their unique characteristics and requirements. However, notwithstanding the multiple vulnerabilities, unfortunately, there is no silver bullet to suggest definitive solutions. Apart from securing the devices, there is also an urgent need to update the laws that protect data ownership rights and restrict access to personal data. This chapter is an effort to address privacy and security challenges that IoT devices face. The chapter highlights novel solutions that can be usefully employed to make these devices more secure. It discusses device trust , policies and standards , data anonymization , lightweight authentication , encryption, and Datagram Transport Layer Security (DTLS) techniques.

This is a preview of subscription content, log in via an institution.

References

  1. Meola A (2016) What is the Internet of Things (IoT). http://www.businessinsider.com/what-is-the-internet-of-things-definition-2016-8. Accessed Mar 2017

  2. Qureshi R (2016) Ericsson mobility report, June 2016. https://www.ericsson.com/res/docs/2016/ericsson-mobility-report-2016.pdf. Accessed Mar 2017

  3. Lamming M, Flynn M (1994) “Forget-me-not” Intimate computing in support of human memory, 94 International Symposium on next generation human interface, Technical Report EPC-1994-103, 2–4 Feb 1994

    Google Scholar 

  4. Media (2002) A brief history of wearable computing. www.media.mit.edu/wearables/lizzy/timeline.html#1981b. Accessed Mar 2017

  5. Ashton K (2009) That ‘internet of things’ thing, 22 June 2009. http://www.rfidjournal.com/articles/view?4986. Accessed Mar 2017

  6. Drozhzhin A (2015) Internet of crappy things, 19 Feb 2015, https://blog.kaspersky.com/internet-of-crappy-things/7667/. Accessed March 2017

  7. Zhou W, Piramuthu S (2014) Security/privacy of wearable fitness tracking IoT devices. In: 9th Iberian Conference on Information Systems and Technologies (CISTI), pp 1–5, 18–21 June 2014

    Google Scholar 

  8. Arsene L (2014) Bitdefender research exposes security risks of android wearable devices, 12 Sept 2014. www.darkreading.com/partner-perspectives/bitdefender/bitdefender-research-exposes-security-risks-of-android-wearable-devices-/a/d-id/1318005. Accessed Mar 2017

  9. Scully P (2016) Understanding IoT Security – Part 1 of 3: IoT security architecture on the device and communication layers, 29 Nov 2016. https://iot-analytics.com/understanding-iot-security-part-1-iot-security-architecture/. Accessed Mar 2017

  10. Greenberg A (2015) Hackers remotely kill a jeep on the highway – with me in it, 21 July 2015. https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/. Accessed Mar 2017

  11. Loisel Y, di Vito S (2015) Securing the IoT 2 – secure boot as a root of trust. http://www.embedded.com/design/safety-and-security/4438300/Securing-the-IoT--Part-2---Secure-boot-as-rooot-of-trust-. Accessed Mar 2017

  12. White Paper (2017) Building trust in the internet of things, (2017), Wind Report

    Google Scholar 

  13. Engels D, Fan X, Gong G, Hu H, Smith EM (2010) Hummingbird: ultra-lightweight cryptography for resource-constrained devices. In: Sion R et al (eds) Financial cryptography and data security. FC 2010. Lecture notes in computer science, vol 6054. Springer, Berlin/Heidelberg

    Google Scholar 

  14. Engels D, Saarinen MJO, Schweitzer P, Smith EM (2011) The hummingbird-2 lightweight authenticated encryption algorithm. In: Juels A, Paar C (eds) RFID. Security and privacy. RFIDSec 2011. Lecture notes in computer science, vol 7055. Springer, Berlin/Heidelberg

    Google Scholar 

  15. Standaert FX, Piret G, Gershenfeld N, Quisquater JJ (2006) SEA: a scalable encryption algorithm for small embedded applications. In: Domingo-Ferrer J, Posegga J, Schreckling D (eds) Smart card research and advanced applications. CARDIS 2006. Lecture notes in computer science, vol 3928. Springer, Berlin/Heidelberg

    Google Scholar 

  16. Snader R, Kravets R, Harris AF (2016) CryptoCop: lightweight, energy-efficient encryption and privacy for wearable devices. In WearSys 2016 – Proceedings of the 2016 Workshop on Wearable Systems and Applications, co-locatedssssss with MobiSys 2016, pp 7–12. [2935647] Association for Computing Machinery, Inc. doi:https://doi.org/10.1145/2935643.2935647, 25–30 June 2016

  17. Perrig A, Szewczyk R, Tygar J et al (2002) SPINS: security protocols for sensor networks. ACM J Wirel Netw 8(5):521–534

    Article  MATH  Google Scholar 

  18. Young Sil Lee, Esko Alasaarela, Hoon Jae Lee (2014) An efficient scheme using elliptic curve cryptography (ECC) with symmetric algorithm for healthcare system. Int J Secur Appl 8(3):63–70

    Google Scholar 

  19. He D, Zeadally S (2015) An analysis of RFID authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Internet Things J 2(1):72–83

    Article  Google Scholar 

  20. Lakkundi V, Singh K (2014) Lightweight DTLS implementation in CoAP-based Internet of Things, vol. 00, no, pp 7–11. In: Advanced Computing and Communications (ADCOM), 2014 20th annual international conference, 19–22 Sept 2014

    Google Scholar 

  21. King J, Awad AI (2016) A distributed security mechanism for resource-constrained IoT devices. Informatica Int J Comput Inform (Slovenia) 40(1):133–143

    Google Scholar 

  22. Eisenbarth T, Kumar S, Paar C, Poschmann A, Uhsadel L (2007) A survey of lightweight-cryptography implementations. IEEE Des Test 24(6):522–533

    Article  Google Scholar 

  23. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained access control in cloud computing. In: Proceedings of IEEE INFOCOM’10, San Diego, CA, USA, March 2010

    Google Scholar 

  24. Wang G, Liu Q, Wu J (2010) Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In: Proceedings of the ACM conference Computer and Communications Security (ACM CCS), Chicago, IL, 4–8 Oct 2010

    Google Scholar 

  25. Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for storage security in cloud computing. In: INFOCOM’10 proceedings of the 29th conference on information communications, pp 525–533, 14–19 Mar 2010

    Google Scholar 

  26. El Emam K, Dankar FK, Issa R, Jonker E, Amyot D et al (2009) A globally optimal k-anonymity method for the de-identification of health data. J Am Med Inform Assoc 16:670–682

    Article  Google Scholar 

  27. Felix JGC (2015) Anonymity in preference-aware location-based services without third trusted-party. In: 12th EAI international conference mobile and ubiquitous systems, Coimbra, Portugal

    Google Scholar 

  28. FTC (2015) Internet of things, FTC Staff report, January 2015

    Google Scholar 

  29. FTC (2016) A tool for inclusion or exclusion, (2016), FTC report Big Data, January 2016

    Google Scholar 

  30. General Wellness: Policy for Low Risk Devices (2016) FDA document, July 2016

    Google Scholar 

  31. ERCIM News 101 (2015) Special theme: the internet of things and the web of things, April 2015

    Google Scholar 

  32. Zigbee (2017) The ZigBee Alliance. http://www.zigbee.org/zigbeealliance/. Accessed Mar 2017

  33. Varadharajan V et al (2016) Data security and privacy in the internet of things (iot) environment. In: Mahmood Z (ed) Connectivity frameworks for smart devices. Springer, Cham, pp 261–281

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Infosys Limited, Bangalore, India

    V. Vijayaraghavan

  2. Indian Institute of Technology, Guwahati, Assam, India

    Rishav Agarwal

Authors
  1. V. Vijayaraghavan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rishav Agarwal
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to V. Vijayaraghavan .

Editor information

Editors and Affiliations

  1. Debesis Education UK, University of Derby, Derby, United Kingdom

    Zaigham Mahmood

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Vijayaraghavan, V., Agarwal, R. (2017). Security and Privacy Across Connected Environments. In: Mahmood, Z. (eds) Connected Environments for the Internet of Things. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-319-70102-8_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-70102-8_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-70101-1

  • Online ISBN: 978-3-319-70102-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation