2,923 research outputs found
Guest Editorial Special Issue on Security and Forensics of Internet of Things: Problems and Solutions
The Internet of Things (IoT) has experienced significant growth over recent years and Gartner predicts that, by 2020, 21 billion IoT endpoints will be in use. The potential behind widespread usage of small devices capable of collecting, transmitting, or acting upon data has been fueling interest both from industry and academia. Security and forensics are two of the topics facing major challenges in this paradigm, on par with or even more prominent than other computing paradigms. Aspects such as low processing power and small storage capacity of such IoT devices contribute to their typically poor built-in security and forensics capabilities. Their reliance on cloud computing and mobile apps to operate and provide services increases the attack surface, distributing the collection of digital evidence and making reconstruction activities (to answer questions as what, where, when, who, why, and how) harder
Security, Trust and Privacy in Cyber (STPCyber): Future trends and challenges
© 2020 Today's world experiences massively interconnected devices to share information across variety of platforms between traditional computers (machines), Smart IoT devices used across smart homes, smart interconnected vehicles etc. and of course the social networks apps such as Facebook, Linkdn, twitter etc. We experience the growth has been skyrocketing and the trend will continue exponentially to the future. At one end, we find life becomes easier with such developments and at the other end; we experience more and more cyber threats on our privacy, security and trustworthiness with organizations holding our data. In this special issue, we summarize contributions by authors in advanced topics related to security, trust and privacy based on a range of applications and present a selection of the most recent research efforts in these areas
Big Ideas paper: Policy-driven middleware for a legally-compliant Internet of Things.
Internet of Things (IoT) applications, systems and services
are subject to law. We argue that for the IoT to develop
lawfully, there must be technical mechanisms that allow the
enforcement of speci ed policy, such that systems align with
legal realities. The audit of policy enforcement must assist
the apportionment of liability, demonstrate compliance with
regulation, and indicate whether policy correctly captures le-
gal responsibilities. As both systems and obligations evolve
dynamically, this cycle must be continuously maintained.
This poses a huge challenge given the global scale of the
IoT vision. The IoT entails dynamically creating new ser-
vices through
managed and exible data exchange
.
Data management is complex in this dynamic environment,
given the need to both control and share information, often
across federated domains of administration.
We see middleware playing a key role in managing the
IoT. Our vision is for a middleware-enforced, uni ed policy
model that applies end-to-end, throughout the IoT. This is
because policy cannot be bound to things, applications, or
administrative domains, since functionality is the result of
composition, with dynamically formed chains of data ows.
We have investigated the use of Information Flow Control
(IFC) to manage and audit data ows in cloud computing;
a domain where trust can be well-founded, regulations are
more mature and associated responsibilities clearer. We feel
that IFC has great potential in the broader IoT context.
However, the sheer scale and the dynamic, federated nature
of the IoT pose a number of signi cant research challenges
A Survey of hardware protection of design data for integrated circuits and intellectual properties
International audienceThis paper reviews the current situation regarding design protection in the microelectronics industry. Over the past ten years, the designers of integrated circuits and intellectual properties have faced increasing threats including counterfeiting, reverse-engineering and theft. This is now a critical issue for the microelectronics industry, mainly for fabless designers and intellectual properties designers. Coupled with increasing pressure to decrease the cost and increase the performance of integrated circuits, the design of a secure, efficient, lightweight protection scheme for design data is a serious challenge for the hardware security community. However, several published works propose different ways to protect design data including functional locking, hardware obfuscation, and IC/IP identification. This paper presents a survey of academic research on the protection of design data. It concludes with the need to design an efficient protection scheme based on several properties
Convergence of Blockchain and Edge Computing for Secure and Scalable IIoT Critical Infrastructures in Industry 4.0
This is the author accepted manuscript. The final version is available from IEEE via the DOI in this recordCritical infrastructure systems are vital to underpin
the functioning of a society and economy. Due to ever-increasing
number of Internet-connected Internet-of-Things (IoTs) / Industrial IoT (IIoT), and high volume of data generated and collected,
security and scalability are becoming burning concerns for
critical infrastructures in industry 4.0. The blockchain technology
is essentially a distributed and secure ledger that records all
the transactions into a hierarchically expanding chain of blocks.
Edge computing brings the cloud capabilities closer to the
computation tasks. The convergence of blockchain and edge
computing paradigms can overcome the existing security and
scalability issues. In this paper, we first introduce the IoT/IIoT
critical infrastructure in industry 4.0, and then we briefly present
the blockchain and edge computing paradigms. After that, we
show how the convergence of these two paradigms can enable
secure and scalable critical infrastructures. Then, we provide a
survey on state-of-the-art for security and privacy, and scalability
of IoT/IIoT critical infrastructures. A list of potential research
challenges and open issues in this area is also provided, which
can be used as useful resources to guide future research.Engineering and Physical Sciences Research Council (EPSRC
- …