Techniques, Taxonomy, and Challenges of Privacy Protection in the Smart Grid

As the ease with which any data are collected and transmitted increases, more privacy concerns arise leading to an increasing need to protect and preserve it. Much of the recent high-profile coverage of data mishandling and public mis- leadings about various aspects of privacy exasperates the severity. The Smart Grid (SG) is no exception with its key characteristics aimed at supporting bi-directional information flow between the consumer of electricity and the utility provider. What makes the SG privacy even more challenging and intriguing is the fact that the very success of the initiative depends on the expanded data generation, sharing, and pro- cessing. In particular, the deployment of smart meters whereby energy consumption information can easily be collected leads to major public hesitations about the tech- nology. Thus, to successfully transition from the traditional Power Grid to the SG of the future, public concerns about their privacy must be explicitly addressed and fears must be allayed. Along these lines, this chapter introduces some of the privacy issues and problems in the domain of the SG, develops a unique taxonomy of some of the recently proposed privacy protecting solutions as well as some if the future privacy challenges that must be addressed in the future.Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/111644/1/Uludag2015SG-privacy_book-chapter.pd

Security Architecture for Swarms of Autonomous Vehicles in Smart Farming

Nowadays, autonomous vehicles are incorporated into farms to facilitate manual labour. Being connected vehicles, as IoT systems, they are susceptible to cyber security attacks that try to cause damage to hardware, software or even living beings. Therefore, it is important to provide sufficient security mechanisms to protect both the communications and the data, mitigating any possible risk or harm to farmers, livestock or crops. Technology providers are aware of the importance of ensuring security, and more and more secure solutions can be found on the market today. However, generally, these particular solutions are not sufficient when they are part of complex hybrid systems, since there is no single global solution proposal. In addition, as the number of technologies and protocols used increases, the number of security threats also increases. This article presents a cyber-security architecture proposal for swarms of heterogeneous vehicles in smart farming, which covers all of the aspects recommended by the ISO 7798-2 specification in terms of security. As a result of this analysis, a detailed summary of the possible solutions and available technologies for each of the communication channels of the target system as well as some recommendations are presented.ECSEL JU (H2020–EU.2.1.1.7.–ECSEL RIA) and the Spanish Ministry of Economic Affairs and Digital Transformatio

Preventing privacy attacks in IoT devices

Today, people use many connected devices to make people’s lives easier in a connected environment. Devices like fitness trackers, smartwatches, smart home appliances, and other devices make people’s lives easier. People can use their smartphones to control the thermostat, television, vacuum cleaner, and other connected devices. While IoT devices make their lives easier, they also concern security threats like privacy. Organizations like the U.S. DoD forbid having fitness trackers on some of their buildings, while other organizations discourage patrons from using them in their spaces. The question of how to use IoT devices and simultaneously safeguard users\u27 privacy is a big challenge. Let’s look at a couple of different ways to secure IoT devices\u27 privacy. Since IoT devices are very vast and very different, no universal scheme exists to prevent privacy attacks; thus, a variety of techniques need to be used. Some blockchain applications and transformations will be used to protect privacy in IoT devices. These algorithms that transform data or use blockchain to manage the data or the flow can prevent privacy attacks. Using such algorithms protects the data of IoT/Smart devices and secures them so that people do not have to worry about not being safe while these devices are being used

Anonymous Secure Framework in Connected Smart Home Environments

The smart home is an environment where heterogeneous electronic devices and appliances are networked together to provide smart services in an ubiquitous manner to the individuals. As the homes become smarter, more complex and technology dependent, the need for an adequate security mechanism with minimum individual’s intervention is growing. The recent serious security attacks have shown how the Internetenabled smart homes can be turned into very dangerous spots for various ill intentions, and thus lead the privacy concerns for the individuals. For instance, an eavesdropper is able to derive the identity of a particular device/appliance via public channels that can be used to infer in the life pattern of an individual within the home area network. This paper proposes an anonymous secure framework (ASF) in connected smart home environments, using solely lightweight operations. The proposed framework in this paper provides efficient authentication and key agreement, and enables devices (identity and data) anonymity and unlinkability. One-time session key progression regularly renews the session key for the smart devices and dilutes the risk of using a compromised session key in the ASF. It is demonstrated that computation complexity of the proposed framework is low as compared to the existing schemes, while security has been significantly improved

An adaptive measurement protocol for fine-grained electromagnetic side-channel analysis of cryptographic modules

An adaptive measurement protocol is presented to increase effectiveness of fine-grained electromagnetic side-channel analysis (EM SCA) attacks that attempt to extract the information that is unintentionally leaked from physical implementations of cryptographic modules. Because measured fields vary with probe parameters as well as the data being encrypted, identifying the optimal configurations requires searching among a large number of possible configurations. The proposed protocol is a multi-step acquisition that corresponds to a greedy search in a 4-D configuration space consisting of probe’s on-chip coordinates, orientation, and number of signals acquired. This 4-D space can be extended to a 6-D space by repeating the protocol for different probe sizes and heights. This approach is presented as an alternative to current fine-grained EM SCA techniques that perform exhaustive full-chip scans to isolate information leaking locations. To demonstrate the feasibility of the approach, the protocol is tested by performing EM SCA attacks for different configurations and identifying the best attack configuration for two realizations of the advanced encryption standard (AES), subject to the precision of the measurement equipment. It is found that the protocol requires ~20× to ~25× less acquisition time compared to an exhaustive search for the optimal attack configuration.Electrical and Computer Engineerin

Social media intelligence: The national security–privacy nexus

Globally, changes in technology have always shaped the intelligence collection environment. South Africa is no exception. The emergence of satellite imagery had a significant influence on geographic intelligence (GEOINT) capabilities and, similarly, the emergence of the telegram and later the telephone had an equally significant effect on the signals intelligence (SIGINT) environment. With communications being revolutionised by mobile technology, such as recording, geo-positioning and photography, collection and distribution are ubiquitous. Smart mobile communication technology is also the driver of social media everywhere – at all ages, for state and non-state purposes, non-stop. More recently, social media intelligence (SOCMINT) became a key content domain for exploitation by the intelligence community. Examples of the successful exploitation of SOCMINT can be found internationally. It would be surprising if South Africa is not yet a statistic in terms of this phenomenon. Initially, many organisations viewed (and some still do) SOCMINT as an open-source intelligence (OSINT) tool. However, when considering the South African (SA) intelligence landscape, the concepts ‘democracy’, ‘transparency’ and ‘intelligence oversight’ are calibrating factors to bear in mind. It is also important to consider the influence of the national legislative framework governing the use of SOCMINT in South Africa. It then becomes clear that issues – such as the right to privacy – mean that SOCMINT is probably no longer covered by the scope of the OSINT definition and that intelligence organisations collecting social media content and producing SOCMINT should adhere to the legislative framework governing the collection and use of social media content and the production of SOCMINT. This article argues that SOCMINT and OSINT should be separate collection domains to protect the imperative of the right to privacy and national security requirements in a balanced manner by means of unambiguous national regulation in the interest of all citizens