Abstract
This chapter will provide an overview of the main threats on IoT systems and deployments. It will address both security and privacy challenges. This chapter will benefit from the contributions derived from several project results, including ANASTACIA and Armour.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
As suggested by analysts, most vendors will soon start applying for certifications for their product portfolios.
- 2.
- 3.
European Commission provides infographic on the data protection rule in http://ec.europa.eu/justice/newsroom/data-protection/infographic/2017/index_en.htm.
- 4.
- 5.
- 6.
- 7.
References
Global Opportunity Report 2017, First Edition is published by DNV GL AS. DNV GL AS, Høvik, Oslo Copyright © 2017 By DNV GL AS. This report is available at www.globalopportunitynetwork.org
Top ten strategic technology trends 2017, Gartner, October 2016
Predictions 2017: security and skills will temper growth of IoT, Forrester, 2016
R.H. Weber, Internet of things—new security and privacy challenges. Comput. Law Secur. Rev. 26(1), 23–30 (2010)
M. Haus, M. Waqas, A. Ding, Y. Li, S. Tarkoma, J. Ott, Security and privacy in device to device (D2D) communication: a review. IEEE Commun. Surv. Tutor. 19(2), 1054–1079 (2017)
Thales data Threat Report (2017). https://dtr-fin.thalesesecurity.com/
Cisco. IoT threat environment—an overview of the IoT threat landscape with risk-based security program recommendations. White paper (2015)
IDC and TXT Solutions, SMART 2013/0037 Cloud and IoT combination, study for the European Commission. http://www.telit2market.com/wp-content/uploads/2015/02/TEL_14016_P_112-114.pdf; 26 Billion “things” may be connected globally by 2020 (2014)
Commission staff working document—advancing the Internet of things in Europe, EC, Apr 2016
R. Neisse, G. Steri, G. Baldini, Enforcement of security policy rules for the Internet of things, 3rd International workshop on Internet of things communications and technologies (IoT-CT), in conjunction with The 10th IEEE WiMob, Oct 2014
G. Baldini, A. Skarmeta, et al. Security certification and labelling in Internet of things, 2016 IEEE 3rd WF-IoT, 12–14 Dec 2016
A. Ahmad, G. Baldini, P. Cousin, S.N. Matheu, A. Skarmeta, E. Fourneret, B. Legeard, Large scale IoT security testing, benchmarking and certification, cognitive hyperconnected digital transformation, Chap. 7, pp. 189–220
A. Ahmad, G. Baldini, P. Cousin, S.N. Matheu, A. Skarmeta, E. Fourneret, B. Legeard,O. Vermesan, J. Bacquet (Eds), Large scale IoT security testing, benchmarking and certification, Cognitive Hyperconnected Digital Transformation (River Publishers, Gistrup)
A. Cardenas, S. Amin, B. Sinopoli, A. Giani, A. Perrig, S. Sastry, Challenges for securing cyber physical systems. Proceedings of the Workshop on future directions in cyber-physical systems security (2009), p. 5
Dimitar Kostadinov, Cyber threat analysis. InfoSec Institute, July 2014. https://resources.infosecinstitute.com/cyber-threat-analysis
Threat lifecycle management: overview and solutions. The Sage Group. 2017. http://thesagegrpmentoring.com/wp-content/uploads/sites/524/2017/03/Sage-Group-LE-Solutions-Threat-Lifecycle-Management.pdf. Accessed May 2017
E.K. Wang, Y. Ye, X. Xu, S.M. Yiu, L.C.K. Hui, K. P. Chow, Security issues and challenges for cyber physical system. Proceedings of the 2010 IEEE/ACM Int’l conference on green computing and communications & Int’l conference on cyber, physical and social computing. IEEE Computer Society (2010), pp. 733–738
Machine to Machine Communications (M2M), Threat analysis and counter-measures to M2M service layer, ETSI TR 103 167 V0.2.1 (2011-01)
Y. Gao, Y. Peng, F. Xie, W. Zhao, D. Wang, X. Han et al. Analysis of security threats and vulnerability for cyber-physical systems. In Computer Science and Network Technology (ICCSNT), 2013 3rd International Conference (IEEE, 2013), pp. 50–55
Mobile Working Group. Security Guidance for Early Adopters of the Internet of Things. (CSA, 2015)
Paul Bischoff, Comparing the privacy policy of Internet giants side-by-side, Published 20 Mar 2017. https://www.comparitech.com/blog/vpn-privacy/we-compared-the-privacy-policies-of-internet-giants-side-by-side/
J. Tully, Cyber security expert: iPhone X facial recognition is vulnerable, Published 20 Nov 2017. http://www.abcactionnews.com/money/consumer/cyber-security-expert-iphone-x-facial-recognition-is-vulnerable
K. McCarthy, Whois? No, Whowas: Incoming Euro privacy rules torpedo domain registration system. Published 26 Oct 2017. https://www.theregister.co.uk/2017/10/26/whois_gdpr_europe/
oneM2M white paper, January 2015, http://www.onem2m.org/images/files/oneM2M-whitepaper-January-2015.pdf
GSMA Security Framework CLP11, February, 2016
S. Ziegler, A. Skarmeta, J. Bernal, E.E. Kim, S. Bianchi, ANASTACIA: Advanced networked agents for security and trust assessment in CPS IoT architectures. 2017 Global Internet of Things Summit (GIoTS), Geneva (2017), pp. 1–6. doi: https://doi.org/10.1109/GIOTS.2017.8016285
A.M. Zarca, J.B. Bernabe, I. Farris, Y. Khettab, T. Taleb, A. Skarmeta, Enhancing IoT security through network softwarisation and virtual security appliances. Int. J. Netw. Manag. 28(5), e2038 (2018)
I. Fzarris, J. B. Bernabe, N. Toumi, D. Garcia-Carrillo, T. Taleb, A. Skarmeta, B. Sahlin, Towards provisioning of SDN/NFV-based security enablers for integrated protection of IoT systems. 2017 IEEE Conference on Standards for Communications and Networking (CSCN), Helsinki (2017), pp. 169–174. doi: https://doi.org/10.1109/CSCN.2017.8088617
A. Molina Zarca, J.B. Bernabe, I. Farris, Y. Khettab, T. Taleb, A. Skarmeta, Enhancing IoT security through network softwarization and virtual security appliances. Int. J. Netw. Manag. 28(5), e2038 (2018)
ARMOUR—large-scale experiments of IoT security trust. European Union’s H2020 project http://www.armour-project.eu/
Acknowledgments
This chapter includes results shared by the European research project Anastacia (Grant Agreement N° 731558), which has received funding from the European Union’s Horizon 2020 Research and Innovation Programme and the Swiss State Secretariat for Education, Research and Innovation.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Ziegler, S. et al. (2019). Privacy and Security Threats on the Internet of Things. In: Ziegler, S. (eds) Internet of Things Security and Data Protection. Internet of Things. Springer, Cham. https://doi.org/10.1007/978-3-030-04984-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-04984-3_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-04983-6
Online ISBN: 978-3-030-04984-3
eBook Packages: EngineeringEngineering (R0)