Security and Privacy for Emerging Smart Community Infrastructures

Abstract

Security and Privacy for Emerging Smart Community Infrastructures Bogdan Copos 1 , Karl Levitt 1 , Jeff Rowe 1 , Parisa Kianmajd 1 , Chen-Nee Chuah 1 and George Kesidis 2 1 University of California, Davis, Davis, CA, U.S.A. State University, State College, PA, U.S.A. {bcopos,knlevitt,jbrowe,pkianmajd,chuah}@ucdavis.edu, gik2@psu.edu 2 Penn Keywords: Cyber-security, Privacy, Internet-of-Things, Microgrids, Software Defined Networks (SDN), Cloudlet Abstract: Smart communities of the future have features that make them susceptible to novel forms of cyber-attack and a potential loss of privacy for the citizens they serve. We view these communities as metro level wide area control systems with sensors and actuators located in residences, the workplace, in mobile vehicles and even worn on the body. In addition, this distributed system may not be subject to centralized control. It needs to be responsive to the individual needs of citizen owners yet still maintain the ability to coordinate actions across a neighborhood, or larger metropolitan area. The question we wish to address is, as frameworks emerge to handle these unique challenges, how can we provide security and privacy for such and open and decentralized environment? We suggest ways to add security and privacy to low level IoT devices, to a cloudlet based application platform, to a wide area SDN for coordination, and to negotiation protocols for citizen coordination. INTRODUCTION By connecting rapidly emerging cyber-enabled sen- sors and actuators and providing communications protocols, a wide variety of novel beneficial appli- cations become available. Communicating position and speed between vehicles and with the roadside in- frastructure can enable optimal highway traffic man- agement (A. Thiagarajan and Eriksson, 2009; Houn- sell et al., 1998; James, 1995; Amoozadeh et al., 2015; A. Chen and Zhang, 2006; Khorashadi et al., 2011; B. Liu and Zhang, 2010) applications, includ- ing smart intersections and efficient vehicle platoon- ing. Wearable health monitoring devices that commu- nicate physical activity, heart rates and other biomed- ical data to health care professionals provides for new health maintenance and independent living lifestyles. Coordination of residential solar arrays, battery stor- age, and plug-in electric vehicle chargers would allow novel distributed optimal microgrid control schemes (Alizadeh et al., 2013b; Alizadeh et al., 2014a; Al- izadeh et al., 2014b; Alizadeh et al., 2013a; Lu et al., 2013) for neighborhoods. It is critically important, however, that the introduction of these new technolo- gies doesn’t introduce new cyber-security vulnerabil- ities and threats to citizens’ privacy. As new architectures are designed and developed, provisions for robustness and resiliency in the pres- ence of both natural faults and malicious attack must be included. Emerging IoT routing protocols include self-healing and tolerating intermittent loss. Similar treatment for cyber-security and privacy mechanisms should be built in from the outset. This includes sepa- ration of privilege, network and device access control, and runtime monitoring among other things. Towards a general smart community secure framework, we de- fine a smart community metro-scale network as the infrastructure that enables coordination and control over a wide variety of cyber-physical systems. This framework includes, • Internet of Things (IoT) devices and communi- cations protocols - low-powered, resource poor physical sensor and actuator devices with limited communications capabilities. • Mobile Cloudlet Infrastructure - an intermediate software application infrastructure that is located very close to the IoT or mobile devices, can han- dle resource intensive computations, can migrate through the network with mobile devices and has a high-quality connection to standard fixed cloud services. • Smart Community SDN - an SDN backbone running over the wired Internet that connects cloudlets and provides tunneling of IoT protocols for mobile IoT devices.