Ebook: Security and Privacy in the Internet of Things: Challenges and Solutions

The roots of the idea of the Internet of Things – even though first references to such an idea already appeared in the 1960s – can be traced back to a vision described by Mark Weiser in the early 1990s in his seminal article ‘The Computer for the 21st Century’. In it he described a scenario which he called ‘ubiquitous computing’ where computers would vanish into the background, becoming so pervasive and unobtrusive that they would basically become invisible and ubiquitous. Such a network of sensors and processors would be permanently aware of the actors in its vicinity, and would react fully context-aware to each need expressed.

Moving from this scenario, which still had the human user and its needs at the center of attention, to a scenario where devices would communicate independently of human intervention, led to the term machine-to-machine communication.

Going even a step further and taking all these devices, independent of their focus on human or machine communication, and connecting them to the internet led to the term as we know it now, the Internet of Things (IoT).

The IoT could be defined as any networked thing equipped with the ability to generate, store, and exchange data, and in some cases as well as to act on data, thus being able to sense, to interact and to change its environment actively. This could be anything from tiny sensors embedded in moving vehicles, voice-activated loudspeakers, wearables, actuators and operational technology in industrial settings, to medical devices and implants.

This new form of seamless connectivity has many applications across various industries such as smart cities, smart grids for energy management, intelligent transportation, environmental monitoring, infrastructure management, and medical and healthcare systems, to building and home automation.

Within a business context where competition is mainly driven by lowering costs, and in combination with several constraints that IoT devices face, such as limited computing power and battery lifetime, security considerations are not the most important design feature for connected devices. And particularly in the industrial sector, legacy devices which may date back from the days when connectivity was very limited, when integrated into larger computer networks, can create risks that the original developers never anticipated.

These potentially severe implications to the security and safety of people makes the security and safety of IoT building blocks a paramount issue. Furthermore, a major barrier to the uptake of IoT on a larger scale is the lack of trust. Building trust into the IoT based on robust cybersecurity features is a precondition for exploiting its numerous potential benefits and for the realization of EuropeâĂŹs Digital Single Market.

To ensure a minimum level of interoperability, security and assurance, the European Commission issued a Common Cybersecurity Strategy for the European Union in 2013 (JOIN(2013) 1), in which for the first time the term machine-to-machine communication in the context of automated water sprinklers was used to refer to the nascent field of IoT.

The Common Cybersecurity Strategy for the EU kicked off the preparatory work on several EU cybersecurity policies which over the following years became legal acts directly relevant and applicable to the IoT domain:

1. In August 2016 the NIS Directive (2016/1148) entered into force with member states having to transpose it into national law by May 2018. The NIS Directive has three parts:

1. unmapped: label a.

   Capacity building: EU member states must possess minimum capabilities, adopt a cybersecurity strategy, and establish a single point of contact for cybersecurity issues (CSIRT)

2. unmapped: label b.

   Critical Infrastructure: operators of essential services (critical sectors such as energy, transportation, water, healthcare, and finance) have to adopt a culture of risk management and have to comply with security and notification requirements.

3. unmapped: label c.

   Cooperation: in order to build trust and confidence, member states shall collaborate across borders, a mechanism shall be put in place for the exchange of security related information, the sharing of incident information and best practices (CSIRTs network)

2. The General Data Protection Regulation (GDPR) (2016/679) was released in April 2016, and entered into force on 25 May 2018. The GDPR aims to increase the control of individuals over their personal data and to unify data protection laws across the EU. It introduces limitations to the purpose and scope of personal data collection and processing. It also governs the transfer of personal data outside the EU, and introduces notification requirements in the case of a security breach affecting personal data.

3. The latest addition to the portfolio of EU legislation in the area of cybersecurity was the Cybersecurity Act (2019/881) which entered into force on 27 June 2019 and complements the NIS Directive. It mentions prominently the Internet of Things on several occasions. It consists of two main parts:

1. unmapped: label a.

   Reinforcing the European Union Agency for Cybersecurity (ENISA) by giving it a permanent mandate and strengthening its role

2. unmapped: label b.

   Establishing a European cybersecurity certification framework for ICT products, services and processes

It is with great pleasure to see such a wide cross-section of projects presented in this book. The spectrum ranges from the secure management of personal data, the specific challenges of IoT with respect to the GDPR, through access control within a highly dynamic IoT environment, increasing trust with distributed ledger technologies, to new cryptographic approaches as a counter-measure for side-channel attacks, and the vulnerabilities of IoT-based ambient assisted living systems.

Security and safety of the Internet of Things will remain high on the agenda of policymakers for the foreseeable future. Even more so when moving towards the internet of nano-things, when things will become literally invisible to the human eye and can penetrate living things unnoticed. Together with the convergence of the physical and biological realm through nanotechnology and synthetic biology this will create an internet of living things which will blur the boundary between biological and cyber risks.

The need for proactive, forward looking policymaking, moving away from the current reactive approach, will therefore become even more important as policy development cycles and technology development cycles will presumably remain as decoupled and out of sync as they have been in the past.

Christian Wilk

Research Executive Agency

USEIT is a project that is developing and integrating technologies towards the empowerment of the day to day user of the Internet of Things technology through the secure management of their personal data. This chapter will give an overview of the project, its objectives, its architecture and the actual platform that is developed towards the secure management of user data. To show this secure data management, we present a use case of a Smart Building, and how the data sent from different sensors in the building is analysed and the security measures are taken under the orchestration of a building manager who sets the necessary policies in place, so that end users can securely receive information.

With the increasing adaptation of Internet of Things (IoT) platforms in decentralized cloud environments, more focus given towards facilitating the privacy awareness building upon goals set by current European Union (EU) General Data Protection Regulation (GDPR) regulations. Therefore, it is necessary to empower the end users (both private and corporate) of IoT platforms with the capability of deciding which combination of self-hosted or cloud-oriented IoT systems are most suitable to handle the personal data they generate and own as well as with the ability to change the existing (or pre-set) configurations at any time. Furthermore, adaptation of GDPR regulations in IoT platforms is challenging as there are needs for significant efforts to integrate privacy policies in a programmatic way to: (i) increase awareness of users about which data is collected, where it is transmitted, by whom, etc.; (ii) provide controls to enable users to notify such aspects, being at the same time aware of how such a decision affects the quality of the IoT services provided in that IoT platform. BRAIN-IoT project focuses on complex scenarios where actuation and control are cooperatively supported by populations of IoT systems. The breakthrough targeted by BRAIN-IoT is to provide solutions to embed privacy-awareness and privacy control features in IoT solutions. In this work, the authors explore the following key areas: (a) privacy awareness in IoT systems using GDPR regulations and BRAIN-IoT platform, and (b) propose a conceptual framework for Privacy Impact Assessment (PIA) using privacy principles presented in GDPR regulations. The proposed privacy awareness framework is cross-platform, so it is suitable to support a wide number of heterogeneous IoT systems, deployed by corporate and private users.

Data privacy concerns the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others [1]. However, most people are not aware of privacy and security risks. This is particularly relevant for the Internet of Things (IoT) which is increasingly ubiquitous and thus can become very privacy intrusive. On one side, this problem can slow-down IoT development, on the other side it is essential to make users gain control over data generated and collected by the IoT devices surrounding them, and to adopt a privacy-by-design approach for the IoT. UPRISE-IoT takes a fresh look at the IoT privacy space by considering a user-centric approach. It builds upon user behaviours and contexts to improve security and privacy, and follows the privacy by design approach. UPRISE-IoT improves data transparency and control, as users are informed about the data that are being collected in a user-friendly manner and have the option to oppose it. We raise user awareness, to ensure that their behaviour does not compromise their privacy, and we provide new tools to control data collection in the IoT.

While the Internet-of-Things (IoT) infrastructure is rapidly growing, the performance and correctness of such systems becomes more and more critical. Together with flexibility and interoperability, trustworthiness related aspects, including security, privacy, resilience and robustness, are challenging goals faced by the next generation of IoT systems. In this chapter, we propose approaches for IoT tailored access control mechanisms that ensure data and services protection against unauthorized use, with the aim of improving IoT system trustworthiness and lowering the risks of massive-scale IoT-driven cyber-attacks or incidents.

The Internet of Things (IoT) suffer from lack of interoperability as data, devices, and whole sub-systems are locked in ‘silos’ because of technical, but mostly business reasons. Many new applications would be enabled and existing ones could be implemented in a more cost-efficient way, if the ‘silos’ could be bridged in a secure and privacy preserving manner. The SOFIE approach provides an effective way of accomplishing this by using interledger technologies that leverage the distributed trust enabled by distributed ledgers. The federated approach of SOFIE facilitates the creation of cross-organisational applications. This chapter presents the SOFIE approach and details the benefits it provides in four real-world pilots.

Ambient Assisted Living systems aim at providing automated support to humans with special needs. Smart Homes equipped with Internet of Things infrastructure supporting the development of Ambient Intelligence which can look after humans is being widely investigated worldwide. As any IT based system, these have strengths and also weaknesses. One dimension of these systems developers want to strengthen is security, eliminating or at least reducing as much as possible potential threats. The motivation is clear, as these systems gather sensitive information about the health of an individual there is potential for harm if that information is accessed and used by the wrong person. This chapter starts by providing an analysis of stakeholders in this area. Then explains the IoT infrastructure used as a testbed for the main security analysis methods and tools. Finally it explains a process to assess the likelihood of certain vulnerabilities in the system. This process is mainly focused on the design stage of a system. It can be iteratively combined with development to inform a developing team which system architectures may be safer and worth given development priority.

Linear complementary dual (LCD) codes and linear complementary pairs (LCP) of codes have been proposed as counter-measures against side-channel attacks (SCA) and fault injection attacks (FIA) in the context of direct sum masking (DSM). Although LCD codes were introduced by Massey long ago for other reasons, there has been a renewed interest in coding theory community for these kinds of codes due to these new applications. It has later been observed that the counter-measure against FIA may possibly lead to a vulnerability for SCA when the whole algorithm needs to be masked (in environments like smart cards). This led to a variant of the LCD and LCP problems, where some partial results have been very recently obtained by the authors. This chapter reviews the coding theoretic problems and solutions related to the security problems mentioned.

As the adoption of digital technologies expands, it becomes vital to build trust and confidence in the integrity of such technology. The SPIRIT project investigates the Proof-of Concept of employing novel secure and privacy-ensuring techniques in services set-up in the Internet of Things (IoT) environment, aiming to increase the trust of users in IoT-based systems. In this paper, we 1) outline our research and results to-date; and, 2) propose a system that addresses the distinct issues related to security and privacy, hence, overcoming the lack of user confidence, which inhibits utilisation of IoT technology. The system integrates three highly novel technology concepts developed by the project partners.

Internet of Things is developing at a very fast rate. In order to ensure security and privacy, end-devices (e.g. smartphones, smart sensors, or any connected smartcards) shall be protected both against cyber attacks (coming down from the network) and against physical attacks (arising from attacker low-level interaction with the device). In this context, proactive protections shall be put in place to mitigate information theft from either side-channel monitoring or active computation/data corruption. Although both countermeasures have been developing fast and have become mature, there has surprisingly been little research to combine both.

In this chapter, we tackle this difficult topic and highlight a viable solution. It is shown to be more efficient than mere fault detection by repetition (which is anyway prone to repeated correlated faults). The presented solution leverages the fact that both side-channel protection and fault attack detection are coding techniques. We explain how to both prevent (higher-order) side-channel analyses and detect (higher-order) fault injection attacks. The specificity of this method is that it works “end-to-end”, meaning that the detection can be delayed until the computation is finished. This simplifies considerably the error management logic as there is a single verification throughout the computation.

IoTCrawler is an H2020 project whose main objective is to become a search engine for IoT information. Its intention is not to become a new IoT platform competing with existing ones, but being a higher frame of reference for all of them, creating an IoT ecosystem, quite like any web-based search engine is for websites and webpages. IoTCrawler improves on other approaches by considering security and privacy as main driving pillars, from the information registration phase, to users and machines requests to the stored information.

In this chapter, we detail the different components responsible for identity management, authorisation and privacy, and how they interact to obtain the desired goal of controlling and managing the way in which information is registered by existing IoT platforms and later provided to legitimate consumers. We also present the introduction of Distributed Ledger Technologies in this IoT ecosystem as a way to enable distributed trust, avoiding single-point-of-failure threats and implementing smart contracts for authorisation, strategic features to be leveraged for the enablement of data-markets.