Security and Privacy in the Internet of Thingswfiot2015.ieee-wf-iot.org/SPIoT Ecosystem.pdf4...
Transcript of Security and Privacy in the Internet of Thingswfiot2015.ieee-wf-iot.org/SPIoT Ecosystem.pdf4...
Security and Privacy in the Internet of
Things :
Antonio F. Skarmeta
University of Murcia (UMU)
SPAIN
2
Motivation Motivation
• Security and privacy concerns were always there… – … but we need to move from an enterprise-centric, to user-
centric approaches to smart object-centric solutions
– IoT testbeds are not labs, but cities involving citizens and their devices!
• The data sharing paradox in IoT - To share or not to share, this is NOT the question… – People want/like/need to share (Facebook, Twitter,…)
– … the question is how, what, why and under which circumstances!
3
Motivation Motivation
• The data sharing paradox in IoT - To share or not to share, this is NOT the question… – I want to share my energy consumption, but not if I am at home!
– Who owns the information on a Smart City? Citizens? City Council?
• Need for cross and multidisciplinary approaches: – Involvement of citizens is crucial Smart Cities are for them!
– Able to address the lifecycle of Smart Objects
– Security and privacy are cross Operational concerns do not matter if smart objects were given fake credentials!
4
Motivation: Moving towards an user’s
environment connected Internet
Servers & PCs Internet
Humans & People Internet
Smart objects Internet
Extend Identity to Things
Right delegation
Add things temporarily to their personal space
Current Internet
evolving towards a
global network of
interconnected smart
objects affecting our
everyday lives Development of
wireless
communications
accelerating this
trend
Unprecedented
economic and social
opportunities for
companies and
people
5
Extend IdM to Virtual IDs in IoT and
Users
5
Best of two worlds
• Block the link between
partial ID to entity
privacy
• Maximize capability of
partial ID to support
functions & operations
functionality
Digital ID designate Identity Entity refer to
make sense of it
Used partial ID Ideal target: no link
INTERNET
?
Construct / Concept
Full IdM Identity
Passport idea
Virtual Identity*
Partial Identity
filter
filter
Partial Digital ID
Real Passport
* e.g. role based
6
Trust relationships vs. SN links
Person
A
Person
C
Person
B
Access to devices is assigned trust levels (bubbles). These trust levels are expressed as additional qualifiers in the social
network relationship of a person. In this example Trust level A also encompasses devices/ data providers under trust level B.
Ownership encompasses personal access to devices and data providers.
IoT
device
Ownership level
(full access)
IoT
devices
DP 1 DP 2 DP n
Ownership level
(full access)
DP 1 DP 2 DP 3 DP 4
IoT
devices
DP 1 DP 2 DP n
Trust
level A Trust
level B
Is-a-friend Is-a-friend
7
Virtual Identities in IoT
8
Infrastructure for Identity and IoT
• Real need exists for a suitable infrastructure to be in place:
– IoT Addressing: an IoT address refers to an identifier of a smart
object and/or its virtual representation.
– IoT Naming: it refers to mechanisms and techniques for assigning
names to objects and supporting their resolution/mapping to IoT
addresses.
– IoT Discovery: it refers to the process of locating and retrieving IoT
resources in the scope of a large and complex space of smart
objects.
• The attributes managed and associated to an identifier can
be exploited by an identity management system:
– Restricting the access to attributes to authorized smart objects.
– Anonymous credential provisioning and partial identity management
based on the attributes that are registered.
– Generation of authorization credentials to enable M2M secure
communications, based on attributes to make access control
decisions.
9
The lifecycle of a device in the
Internet of Things
• Let start from the beginning!!!
10
Trust, Security and Privacy
challenges
• Requirements from Security
– Lightweight design and efficient implementation of security
mechanisms and cryptographic algorithms
– Secure implementations in hardware and/or software
– Interoperable and scalable security mechanisms
• Requirements from Privacy
– Need for considering privacy in earlier stages (privacy-by design)
– Scenarios managing particularly sensitive information, access
control mechanisms are essential
– Mechanisms supporting minimal or selective disclosure of PII
– Requirements from Trust
– From privacy by design to trustworthy by design
– Dynamic Trust Management
11
Operational challenges in Security
• Standard security and access control mechanisms are used over the
Internet today
– These proposals often based on heavy primitives, difficult application on
resource-constrained devices
– Unlike current Internet, smart objects are working in harsh and uncontrolled
environments, prone to attacks and misuse and being controlled by non-
expert users
– Control on information sharing in IoT sharing requires advanced privacy-
preserving IdM techniques
• Requirements from Management
– Scenarios with millions of heterogeneous devices can not be managed by
centralized and out-of-band approaches self-management techniques
should be supported
– It includes the application of scalable mechanisms for bootstrapping,
configuration, upgrading and key management
12
Integral Security and Privacy Framework Integral Security and Privacy
Framework (Operation)
• Based on lightweight and flexible security approaches to make
them available even for M2M constrained environments (CE):
‒ IETF ACE, DICE WGs focused on security for CE
‒ Use of the Constrained Application Protocol (CoAP - RFC 7252) as
an application protocol
‒ Use of Datagram Transport Layer Security (DTLS) (RFC 6347) based
on ECC Raw Public Keys for authentication
‒ Use of the Distributed Capability-Based Access Control (DCapBAC)
approach for authorization
13
Integral Security and Privacy Framework Integral Security and Privacy
Framework (Operation)
• Use of advanced and flexible cryptographic schemes enabling
secure group communications:
‒ Based on certificateless public key cryptography (CP-ABE)
‒ CP-ABE keys obtained during the registration associated to smart
object’s attributes
• Additional use of partial identities for minimal PII disclosure
integration Proof-of-Possession (PoP) based on anonymous
credentials systems (e.g. Idemix) with DCapBAC tokens
14
• Trust Framework 1. Policies for trust in heterogeneous environment: definition of policies that include technical,
organization and business aspects. Auditing and enforcement schemes for policies
2. Trusted environment on the device: device integrity, using TPM, PKI and eID systems.
Bootstrapping trust on the device, related functions and protocols
3. Service integrity (ensuring trusted and reliable operations): CA, reputation system as
complementary schemes. Methods for the development of trusted services – integrity by design.
Disaster recovery, graceful recovery from failure
4. Data lifecycle management: access control, secure storage revision management and collaborative
schemes and proof of termination.
• Security and Trustworthiness
1. Transparent of the trust and accountability: Security audit and Service integrity
2. Vision from the user on interaction with the trust.
• Transversal Approach 1. the educational and training actions seems to be disperse over subsection that could be more
clearly related. Curricula and training programs
2. multidisciplinary research in security. It is important to introduce some reference to the
collaboration between disciplines to take into account the different perspectives.
Conclusion: Security Challenges in a
fully connected World