没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
Electronic Communications of the EASST
Volume 17 (2009)
Workshops der
Wissenschaftlichen Konferenz
Kommunikation in Verteilten Systemen 2009
(WowKiVS 2009)
Security and Privacy Challenges in
the Internet of Things
Christoph P. Mayer
12 pages
Guest Editors: M. Wagner, D. Hogrefe, K. Geihs, K. David
Managing Editors: Tiziana Margaria, Julia Padberg, Gabriele Taentzer
ECEASST Home Page:
http://www.easst.org/eceasst/ ISSN 1863-2122
ECEASST
Security and Privacy Challenges in
the Internet of Things
Christoph P. Mayer
http://www.tm.uka.de/itm
Institute of Telematics
Universit
¨
at Karlsruhe (TH), Germany
Abstract: The future Internet of Things as an intelligent collaboration of minia-
turized sensors poses new challenges to security and end-user privacy. The ITU has
identified that the protection of data and privacy of users is one of the key chal-
lenges in the Internet of Things [Int05]: lack of confidence about privacy will result
in decreased adoption among users and therefore is one of the driving factors in the
success of the Internet of Things. This paper gives an overview, categorization, and
analysis of security and privacy challenges in the Internet of Things.
Keywords: Global Sensor Networks, Security, Privacy, Future Internet
1 Introduction
The Internet has undergone severe changes since its first launch in the late 1960s as an outcome
of the ARPANET. The initial four-node network has quickly grown into a highly interconnected
and self-organized network that builds the daily basis for business, research, and economy. The
number of people using this worldwide network has exponentially grown up to about 1.5 bn and
hereby makes up about 20% of the world population. This sheer number of end users – that
does not even comprise servers and routers inside the networks – has changed our daily life and
habits. With the miniaturization of devices, increase of computational power, and reduction of
energy consumption, this trend will continue – the Internet of Things.
One of the most challenging topics in such an interconnected world of miniaturized systems
and sensors are security and privacy aspects: without sureness that safety of private information
is assured and adequate security is provided, users will be unwilling to adopt this new technology
that invisibly integrates into their environment and life. Besides technical solutions to provide
privacy and security, further instruments – like governmental and ethical institutions, that we will
not cover here – need to get established and applied.
Having every ‘thing’ connected to the global future Internet and ‘things’ communicating with
each other, new security and privacy problems arise, e. g., confidentiality, authenticity, and in-
tegrity of data sensed and exchanged by ‘things’. Privacy of humans and things must be ensured
to prevent unauthorized identification and tracking. Further, the more autonomous and intelli-
gent things get, problems like the identity and privacy of things, and responsibility of things in
their acting will arise. Up to now, corrupted digital systems were mostly not able to act in the
physical world. This will change dramatically in a dangerous way that corrupted digital systems
can now operate in and influence the physical world. What happens, once a corrupted thing
killed a person?
1 / 12 Volume 17 (2009)
Security and Privacy Challenges in the Internet of Things
The sequel of this paper is structured as follows: Section 2 performs an analysis of the compo-
nents in the Internet of Things, their sensitivity to security and privacy, as well as an analysis of
the state in research for topics considered as highly sensitive. In Section 3 two major components
in the Internet of Things – Global Sensor Networks and RFID – are introduced and detailed on
related security and privacy work. Three research results from other fields that we believe are
worth investigating for the Internet of Things are introduced in Section
4. Finally, concluding
remarks are given in Section 5.
2 Analysis of Security and Privacy
As the Internet of Things is a large field with diverse technologies used, we provide a catego-
rization of topics and technologies in Section 2.1. The categorization serves as base to detail on
the security and privacy sensitivity in the respective fields. Section 2.2 then looks into the state
of research in the identified categories and details on topics that have insufficient research from
our point of view.
2.1 Categorization and Sensitivity
Figure 1 shows a categorization of topics – inner items – and respective technologies used in
each topic – outer items – that make up the Internet of Things. In our opinion the Internet of
Things can be categorized into eight topics:
• Communication to enable information exchange between devices
• Sensors for capturing and representing the physical world in the digital world
• Actuators to perform actions in the physical world triggered in the digital world
• Storage for data collection from sensors, identification and tracking systems
• Devices for interaction with humans in the physical world
• Processing to provide data mining and services
• Localization and Tracking for physical world location determination and tracking
• Identification to provide unique physical object identification in the digital world
Each topics has different technologies attached (outer items) that are used in the respective
topic. Note, that the categorization given in this work is not strictly hierarchical in terms of top-
ics and technologies. Identification, e. g., is actually a form of Processing that results from the
use of Sensors. As we believe that Identification has a special role in the Internet of Things that
is independent of physical world sensing, it is handled as a separate topic. Some technologies
appear multiple times: RFID, e. g., is used as Communication technology, provides Identifica-
tion, Localization and Tracking, RFID readers act as Sensors, and finally RFID tags and readers
make up Devices in the Internet of Things. The manifold usage of RFID assigns it a special role
that is detailed in Section 3.2.
The topics introduced are listed again in Table 1 and rated with respect to properties of security
and privacy. The properties are taken from the CIA Triad (without Non-repudiation) and the
Parkerian Hexad (without Possession or Control and Utility). The additional property Regulation
represents the need for laws and regulations in this topic. For each topic the table contains the
sensitivity for the respective property. As our categorization is not strictly hierarchical, sensitivity
Proc. WowKiVS 2009 2 / 12
剩余12页未读,继续阅读
资源评论
- songcheng2342012-12-01一篇关于物联网安全与隐私的文章,综述性的,为研究物联网安全与隐私的科研工作人员具有重要的参考价值
dancinglily
- 粉丝: 0
- 资源: 3
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功