Security and privacy issues of physical objects in the IoT: Challenges and opportunities

In the Internet of Things (IoT), security and privacy issues of physical objects are crucial to the related applications. In order to clarify the complicated security and privacy issues, the life cycle of a physical object is divided into three stages of pre-working, in-working, and post-working. On this basis, a physical object-based security architecture for the IoT is put forward. According to the security architecture, security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail. Considering the development of IoT technologies, potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized. At the same time, possible directions for dealing with these challenges are also pointed out

Federated Sensor Network architectural design for the Internet of Things (IoT)

An information technology that can combine the physical world and virtual world is desired. The Internet of Things (IoT) is a concept system that uses Radio Frequency Identification (RFID), WSN and barcode scanners to sense and to detect physical objects and events. This information is shared with people on the Internet. With the announcement of the Smarter Planet concept by IBM, the problem of how to share this data was raised. However, the original design of WSN aims to provide environment monitoring and control within a small scale local network. It cannot meet the demands of the IoT because there is a lack of multi-connection functionality with other WSNs and upper level applications. As various standards of WSNs provide information for different purposes, a hybrid system that gives a complete answer by combining all of them could be promising for future IoT applications. This thesis is on the subject of `Federated Sensor Network' design and architectural development for the Internet of Things. A Federated Sensor Network (FSN) is a system that integrates WSNs and the Internet. Currently, methods of integrating WSNs and the Internet can follow one of three main directions: a Front-End Proxy solution, a Gateway solution or a TCP/IP Overlay solution. Architectures based on the ideas from all three directions are presented in this thesis; this forms a comprehensive body of research on possible Federated Sensor Network architecture designs. In addition, a fully compatible technology for the sensor network application, namely the Sensor Model Language (SensorML), has been reviewed and embedded into our FSN systems. The IoT as a new concept is also comprehensively described and the major technical issues discussed. Finally, a case study of the IoT in logistic management for emergency response is given. Proposed FSN architectures based on the Gateway solution are demonstrated through hardware implementation and lab tests. A demonstration of the 6LoWPAN enabled federated sensor network based on the TCP/IP Overlay solution presents a good result for the iNET localization and tracking project. All the tests of the designs have verified feasibility and achieve the target of the IoT concept

Traceability systems in the manufacturing industry: A systematic literature review

Traceability, the ability to generate knowledge about where, when, how, and of what materials a product was made, is a basic requirement in manufacturing and important to all stake-holders of a supply chain. Thus, traceability systems are needed to enable traceability in the manufacturing industry. The goal of this work is to map existing knowledge on traceability systems by understanding the technology, requirements and benefits associated with these systems. For this work, academic literature discussing traceability and traceability systems in the manufacturing industry was examined using the Systematic Literature Review process. Out of 561 analysed sources, 62 were accepted into the full review. To verify the results of the litera-ture review, a survey to Finnish industry practitioners was conducted using Elomatic Oy cus-tomer contacts. The results show that the most common traceability system benefits discussed in academic literature were increased production efficiency, ability to handle production errors, increased product and production safety, higher customer trust, more efficient recalls, and improved quality assurance. The survey results showed high support for each of these benefits, although seemingly with slightly different prioritization. The most common technologies associated with traceability systems discussed in the academic literature were RFID, blockchain, IoT, QR codes, and barcodes. Additionally, cloud services were often also discussed in literature. The survey results showed support for the use of barcodes and cloud services in enabling traceability. Other surveyed technologies were not widely used in the participants’ companies. The most common requirements associated with traceability systems discussed in the academic literature were the ability to trace and track traceable resource units and the ability to identify them, the ability to share traceability information, the ability to integrate data from different sources, and the ability of maintaining a production history. An important non-functional requirement was the compliance with necessary requirements. The survey results showed high support for each of these requirements. Further research is required to better understand the current market of traceability systems, the prevalent systems used and the economics of traceability systems in general. The literature review conducted for this work did not find enough information on these aspects, and they were not addressed in the survey

Security and privacy in RFID systems

Vu que les tags RFID sont actuellement en phase de large déploiement dans le cadre de plusieurs applications (comme les paiements automatiques, le contrôle d'accès à distance, et la gestion des chaînes d approvisionnement), il est important de concevoir des protocoles de sécurité garantissant la protection de la vie privée des détenteurs de tags RFID. Or, la conception de ces protocoles est régie par les limitations en termes de puissance et de calcul de la technologie RFID, et par les modèles de sécurité qui sont à notre avis trop forts pour des systèmes aussi contraints que les tags RFID. De ce fait, on limite dans cette thèse le modèle de sécurité; en particulier, un adversaire ne peut pas observer toutes les interactions entre tags et lecteurs. Cette restriction est réaliste notamment dans le contexte de la gestion des chaînes d approvisionnement qui est l application cible de ce travail. Sous cette hypothèse, on présente quatre protocoles cryptographiques assurant une meilleure collaboration entre les différents partenaires de la chaîne d approvisionnement. D abord, on propose un protocole de transfert de propriété des tags RFID, qui garantit l authentification des tags en temps constant alors que les tags implémentent uniquement des algorithmes symétriques, et qui permet de vérifier l'authenticité de l origine des tags. Ensuite, on aborde le problème d'authenticité des produits en introduisant deux protocoles de sécurité qui permettent à un ensemble de vérificateurs de vérifier que des tags sans capacité de calcul ont emprunté des chemins valides dans la chaîne d approvisionnement. Le dernier résultat présenté dans cette thèse est un protocole d appariement d objets utilisant des tags sans capacité de calcul , qui vise l automatisation des inspections de sécurité dans la chaîne d approvisionnement lors du transport des produits dangereux. Les protocoles introduits dans cette thèse utilisent les courbes elliptiques et les couplages bilinéaires qui permettent la construction des algorithmes de signature et de chiffrement efficaces, et qui minimisent donc le stockage et le calcul dans les systèmes RFID. De plus, la sécurité de ces protocoles est démontrée sous des modèles formels bien définis qui prennent en compte les limitations et les contraintes des tags RFID, et les exigences strictes en termes de sécurité et de la protection de la vie privée des chaines d approvisionnement.While RFID systems are one of the key enablers helping the prototype of pervasive computer applications, the deployment of RFID technologies also comes with new privacy and security concerns ranging from people tracking and industrial espionage to produ ct cloning and denial of service. Cryptographic solutions to tackle these issues were in general challenged by the limited resources of RFID tags, and by the formalizations of RFID privacy that are believed to be too strong for such constrained devices. It follows that most of the existing RFID-based cryptographic schemes failed at ensuring tag privacy without sacrificing RFID scalability or RFID cost effectiveness. In this thesis, we therefore relax the existing definitions of tag privacy to bridge the gap between RFID privacy in theory and RFID privacy in practice, by assuming that an adversary cannot continuously monitor tags. Under this assumption, we are able to design sec ure and privacy preserving multi-party protocols for RFID-enabled supply chains. Namely, we propose a protocol for tag ownership transfer that features constant-time authentication while tags are only required to compute hash functions. Then, we tackle the problem of product genuineness verification by introducing two protocols for product tracking in the supply chain that rely on storage only tags. Finally, we present a solution for item matching that uses storage only tags and aims at the automation of safety inspections in the supply chain.The protocols presented in this manuscript rely on operations performed in subgroups of elliptic curves that allow for the construction of short encryptions and signatures, resulting in minimal storage requirements for RFID tags. Moreover, the privacy and the security of these protocols are proven under well defined formal models that take into account the computational limitations of RFID technology and the stringent privacy and security requirements of each targeted supply chain application.PARIS-Télécom ParisTech (751132302) / SudocSudocFranceF