261 research outputs found
Securing Our Future Homes: Smart Home Security Issues and Solutions
The Internet of Things, commonly known as IoT, is a new technology transforming businesses, individuals’ daily lives and the operation of entire countries. With more and more devices becoming equipped with IoT technology, smart homes are becoming increasingly popular. The components that make up a smart home are at risk for different types of attacks; therefore, security engineers are developing solutions to current problems and are predicting future types of attacks. This paper will analyze IoT smart home components, explain current security risks, and suggest possible solutions. According to “What is a Smart Home” (n.d.), a smart home is a home that always operates in consideration of security, energy, efficiency and convenience, whether anyone is home or not
A Holistic Systems Security Approach Featuring Thin Secure Elements for Resilient IoT Deployments
© 2020 by the authors. This is an open access article distributed under the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/) which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.IoT systems differ from traditional Internet systems in that they are different in scale, footprint, power requirements, cost and security concerns that are often overlooked. IoT systems inherently present different fail-safe capabilities than traditional computing environments while their threat landscapes constantly evolve. Further, IoT devices have limited collective security measures in place. Therefore, there is a need for different approaches in threat assessments to incorporate the interdependencies between different IoT devices. In this paper, we run through the design cycle to provide a security-focused approach to the design of IoT systems using a use case, namely, an intelligent solar-panel project called Daedalus. We utilise STRIDE/DREAD approaches to identify vulnerabilities using a thin secure element that is an embedded, tamper proof microprocessor chip that allows the storage and processing of sensitive data. It benefits from low power demand and small footprint as a crypto processor as well as is compatible with IoT 29 requirements. Subsequently, a key agreement based on an asymmetric cryptographic scheme, namely B-SPEKE was used to validate and authenticate the source. We find that end-to-end and independent stand-alone procedures used for validation and encryption of the source data originating from the solar panel are cost-effective in that the validation is carried out once and not several times in the chain as is often the case. The threat model proved useful not so much as a panacea for all threats but provided the framework for the consideration of known threats, and therefore appropriate mitigation plans to be deployed.Peer reviewe
Data governance through a multi-DLT architecture in view of the GDPR
The centralization of control over the processing of personal data threatens the privacy of individuals due to the lack of transparency and the obstruction of easy access to their data. Individuals need the tools to effectively exercise their rights, enshrined in regulations such as the European Union General Data Protection Regulation (GDPR). Having direct control over the flow of their personal data would not only favor their privacy but also a “data altruism”, as supported by the new European proposal for a Data Governance Act. In this work, we propose a multi-layered architecture for the management of personal information based on the use of distributed ledger technologies (DLTs). After an in-depth analysis of the tensions between the GDPR and DLTs, we propose the following components: (1) a personal data storage based on a (possibly decentralized) file storage (DFS) to guarantee data sovereignty to individuals, confidentiality and data portability; (2) a DLT-based authorization system to control access to data through two distributed mechanisms, i.e. secret sharing (SS) and threshold proxy re-encryption (TPRE); (3) an audit system based on a second DLT. Furthermore, we provide a prototype implementation built upon an Ethereum private blockchain, InterPlanetary File System (IPFS) and Sia and we evaluate its performance in terms of response time
A Holistic Analysis of Internet of Things (IoT) Security : Principles, Practices, and New Perspectives
Peer reviewedPublisher PD
DECENTRALIZING THE INTERNET OF MEDICAL THINGS: THE INTERPLANETARY HEALTH LAYER
Medical mobile applications have the potential to revolutionize the healthcare industry by providing patients with easy access to their personal health information, enabling them to communicate with healthcare providers remotely and consequently improving patient outcomes by providing personalized health information. However, these applications are usually limited by privacy and security issues. A possible solution is to exploit decentralization distributing privacy concerns directly to users. Solutions enabling this vision are closely linked to Distributed Ledger Technologies that have the potential to revolutionize the healthcare industry by creating a secure and transparent system for managing patient data without a central authority. The decentralized nature of the technology allows for the creation of an international data layer that is accessible to authorized parties while preserving patient privacy. This thesis envisions the InterPlanetary Health Layer along with its implementation attempt called Halo Network and an Internet of Medical Things application called Balance as a use case. Throughout the thesis, we explore the benefits and limitations of using the technology, analyze potential use cases, and look out for future directions.Medical mobile applications have the potential to revolutionize the healthcare industry by providing patients with easy access to their personal health information, enabling them to communicate with healthcare providers remotely and consequently improving patient outcomes by providing personalized health information. However, these applications are usually limited by privacy and security issues. A possible solution is to exploit decentralization distributing privacy concerns directly to users. Solutions enabling this vision are closely linked to Distributed Ledger Technologies that have the potential to revolutionize the healthcare industry by creating a secure and transparent system for managing patient data without a central authority. The decentralized nature of the technology allows for the creation of an international data layer that is accessible to authorized parties while preserving patient privacy. This thesis envisions the InterPlanetary Health Layer along with its implementation attempt called Halo Network and an Internet of Medical Things application called Balance as a use case. Throughout the thesis, we explore the benefits and limitations of using the technology, analyze potential use cases, and look out for future directions
Enhancing data privacy and security in Internet of Things through decentralized models and services
exploits a Byzantine Fault Tolerant (BFT) blockchain, in order to perform collaborative and dynamic botnet detection by collecting and auditing IoT devices\u2019 network traffic flows as blockchain transactions. Secondly, we take the challenge to decentralize IoT, and design a hybrid blockchain architecture for IoT, by proposing Hybrid-IoT. In Hybrid-IoT, subgroups of IoT devices form PoW blockchains, referred to as PoW sub-blockchains. Connection among the PoW sub-blockchains employs a BFT inter-connector framework. We focus on the PoW sub-blockchains formation, guided by a set of guidelines based on a set of dimensions, metrics and bounds
Blockchain-based Data Management for Smart Transportation
Smart services for Intelligent Transportation Systems (ITS) are currently deployed over centralized system solutions. Conversely, the use of decentralized systems to support these applications enables the distribution of data, only to those entities that have the authorization to access them, while at the same time guaranteeing data sovereignty to the data creators. This approach not only allows sharing information without the intervention of a “trusted” data silo, but promotes data verifiability and accountability. We discuss a possible framework based on decentralized systems, with a focus on four requirements, namely data integrity, confidentiality, access control and persistence. We also describe a prototype implementation and related performance results, showing the viability of the chosen approach
Key Management Systems for Smart Grid Advanced Metering Infrastructure: A Survey
Smart Grids are evolving as the next generation power systems that involve
changes in the traditional ways of generation, transmission and distribution of
power. Advanced Metering Infrastructure (AMI) is one of the key components in
smart grids. An AMI comprises of systems and networks, that collects and
analyzes data received from smart meters. In addition, AMI also provides
intelligent management of various power-related applications and services based
on the data collected from smart meters. Thus, AMI plays a significant role in
the smooth functioning of smart grids.
AMI is a privileged target for security attacks as it is made up of systems
that are highly vulnerable to such attacks. Providing security to AMI is
necessary as adversaries can cause potential damage against infrastructures and
privacy in smart grid. One of the most effective and challenging topic's
identified, is the Key Management System (KMS), for sustaining the security
concerns in AMI. Therefore, KMS seeks to be a promising research area for
future development of AMI. This survey work highlights the key security issues
of advanced metering infrastructures and focuses on how key management
techniques can be utilized for safeguarding AMI. First of all, we explore the
main features of advanced metering infrastructures and identify the
relationship between smart grid and AMI. Then, we introduce the security issues
and challenges of AMI. We also provide a classification of the existing works
in literature that deal with secure key management system in AMI. Finally, we
identify possible future research directions of KMS in AMI
- …