IoT Platform for Personal Data Protection

Since the establishment of IoT (Internet of Things), a variety of end devices become interconnected with one another, and thus, new types of security challenges appeared which have to be taken care of. Personal data, at the moment, have a higher risk of being hacked by various types of cyberattacks, as a result of the abundance of connectivity in the cloud realm. To face this type of challenges, the European Union decided to implement in 2018 the GDPR (General Data Protection Regulation) that implies that personal data of any kind can be shared with a third party only with their accord and can be, as well, deleted by them, whenever they desire. Henceforth, this paper introduces the PARFAIT project that will take into account this regulation and will integrate a platform with the purpose of protecting the personal data in IoT based applications, especially for smart home, smart office and smart hotel use cases.</p

Cyber-physical Threat Detection Platform Designed for Healthcare Systems

Hospitals are responsible for delivering healthcare services to patients in need. These services are large and complex and get affected by multiple interacting actors, such as doctors, nurses, patients, citizens, medical suppliers, health insurance providers. Lately, hospitals around the world are one of the main targets when it comes to terrorist attacks, the cyber realm being the principal source. The healthcare sector is particularly vulnerable due to heavy involvement in patient personal and health information, time constraints, and complex day-to-day operations. In addition to cyber-threats, physical threats are increasingly growing and even healthcare facilities are not immune to them. Malicious intended people created cyber threatening attacks with the purpose to systematically collect evidence against the healthcare system, to advocate for the end of such attacks, and to endanger people\u27s lives or to use the stolen personal data for bad intended actions. Henceforth it is necessary to build a platform that will get alerts and incidents at a fast pace in real-time to prevent any casualties at low cost. SAFECARE project aims to offer protection to hospitals and increase the compliance for the European regulations and security regarding ethics and privacy for health services. This paper presents a solution that will enhance security in hospitals. The primary platform will be built based on a BTMS (Building Threat Monitoring System) where events, incidents, and alerts will be transmitted by sensors from hospital rooms in real-time. Several scenarios were thought to simulate different types of attacks against hospitals and according to the scenarios, various prototypes will be built for assuring the security of the personal and patients from various hospitals.</p

Multi-Trace : Multi-level Data Trace Generation with the Cooja Simulator

Wireless low-power, multi-hop networks are exposed to numerous attacks also due to their resource-constraints. While there has been a lot of work on intrusion detection systems for such networks, most of these studies have considered only a few topologies, scenarios and attacks. One of the reasons for this shortcoming is the lack of sufficient data traces that are required to train many machine learning algorithms. In contrast to other wireless networks, multi-hop networks do not contain one entity that can capture all the traffic which makes it more difficult to acquire such traces. In this paper we present Multi-Trace. Multi-Trace extends the Cooja simulator with multi-level tracing facilities that enable data logging at different levels while maintaining a global time. We discuss the opportunities that traces generated by Multi-Trace enable for researchers interested in input for their machine learning algorithms. We present experiments that show the efficiency with which Multi-Trace generates traces. We expect Multi-Trace to be a useful tool for the research community

A Secure and Interoperable Platform for Privacy Protection in the Smart Hotel Context

International audienceWith the rise of the internet of things (IoT) technologies, many IoT services are emerging in numerous fields, such as smart transportation, smart tourism, and smart homes. Given the privacy and security concerns, users are still threatened in their daily lives. Many research activities are being conducted to tackle these issues. However, none of them consider neither the whole picture nor the heterogeneous concepts of the IoT where devices communicate over various communication protocols. Interoperability is a challenge for the deployment of numerous and diversified connected devices, a deployment that needs to be secure and protecting users' sensitiveness. In this paper, in the context of the European-wide project ITEA PARFAIT, we introduce a secure and interoperable platform for privacy protection in smart hotels. Our platform ensures a lightweight user authentication based on software tokens generated throughout lightweight computation operations, which can be realized throughout many of the available embedded platforms nowadays. Moreover, we use a Fast Identity Online (FIDO) token for fast login experiences, and passwordless secure authentication. All this is realized so that it complies with the Message Queuing Telemetry Transport (MQTT) protocol operations, which is the main IoT data access standard for supervisory control and data acquisition system. Furthermore, our platform enables users to locally protect their privacy according to their preferences throughout privacy-preserving mechanisms that we design. In this paper, we also demonstrate that our platform resists the well-known attacks while responding to the smart hotel users' privacy constraints and maximizing the smart hotel's utility

SAMGRID: Security Authorization and Monitoring Module Based on SealedGRID Platform

IoT devices present an ever-growing domain with multiple applicability. This technology has favored and still favors many areas by creating critical infrastructures that are as profitable as possible. This paper presents a hierarchical architecture composed of different licensing entities that manage access to different resources within a network infrastructure. They are conducted on the basis of well-drawn policy rules. At the same time, the security side of these resources is also placed through a context awareness module. Together with this technology, IoT is used and Blockchain is enabled (for network consolidation, as well as the transparency with which to monitor the platform). The ultimate goal is to implement a secure and scalable security platform for the Smart Grid. The paper presents the work undertaken in the SealedGRID project and the steps taken for implementing security policies specifically tailored to the Smart Grid, based on advanced concepts such as Opinion Dynamics and Smart Grid-related Attribute-based Access Control.This research was funded by the European Commission, under the SealedGRID project, Grant Agreement no. 777996, and by the Norway Grants and UEFISCDI, under the SOLID-B5G project, Project contract no. 42/2021, RO-NO-2019-0499. Institutional Review. Partial funding for open access charge: Universidad de Málag