IoT Privacy Research Articles

Strengthening Patient’s Privacy in IoT Centred Ubiquitous Healthcare Supervision in the United Kingdom

Strengthening Patient’s Privacy in IoT Centred Ubiquitous Healthcare Supervision in the United Kingdom

IOT and Security-Privacy Concerns: A Systematic Mapping Study

The increase of smart devices has accelerated sensitive data exchange on the Internet using most of the time unsecured channels. Since a massive use of RFID (Radio-frequency Identification) tags in the transportation and construction industries from 1980 to 1990, with the expanded use of the Internet with 2G/3G or 4G since 2000, we are witnessing a new era of connected objects. A huge number of heterogeneous sensors may collect and dispatch sensitive data from an endpoint to worldwide network on the Internet. Privacy concerns in IOT remain important issues in the research. In this paper, we aim to evaluate current research state related to privacy and security in IOT by identifying existing approaches and publications trends. Therefore, we have conducted a systematic mapping study using automated searches from selected relevant academics databases. The result of this mapping highlights research type and contribution in different facets and research activities trends in the topic of “security and privacy” in IoT edge, cloud and fog environment.

Intelligent security algorithm for UNICODE data privacy and security in IOT

Information security algorithms provide praxis for security to the different forms of data. Data are transmitted in different forms like ASCII text, UNICODE text, audio, video, image, etc. Different algorithms have been proposed by various researchers for handling text security. The existing cryptographic algorithms are working on ASCII text. Multilingual data communication is so prevalent in the digital era. In the digital era, many symmetric cryptographic algorithms have been introduced using S-boxes. S-box is a vital component for some cluster of cryptographic algorithms. Some cryptographic algorithms depend on the static S-box, which yields insecurity to the digital data. The existing S-box concept handles ASCII text only. This research paper presents the Substitution box (S-box) that is dynamic and key-dependent. Dynamic and key-dependent S-box wraps the data with high security. This S-box works with UNICODE text which includes UTF-16. It was tested for UNICODE text using python language. It concludes that the novel S-box is suitable for handling UNICODE text and shows better performance.

Privacy and Cybersecurity Lessons at the Intersection of the Internet of Things and Police Body-Worn Cameras

Prepared for the North Carolina Law Review symposium on police body-worn Cameras (“BWC”s), this Article shows that BWCs can be conceptualized as an example of the Internet of Things (“IoT”). By combining the previously separate literatures on BWCs and IoT, this Article shows how insights from each literature applies to the other. Part I adopts the IoT definition of (1) a sensor connected to the Internet that (2) stores and/or processes data remotely, typically in the cloud. Applied to BWCs, the camera is a sensor, and the video footage and related data are stored outside of the original camera, often in the cloud. Building on this equivalence of BWCs and IoT, Part II examines lessons from the substantial IoT literature for BWC privacy and cybersecurity. Part II systematically examines leading industry standards and Federal Trade Commission guidance for applicable criteria for good practice for BWCs. Analysis of this literature suggests three themes for operationalizing these best practices. First, police departments can and should learn from the IoT literature to improve privacy and cybersecurity for BWCs. Second, police departments should use their bargaining power to demand security and privacy best practices from their vendors. Third, where departments lack the in-house expertise to handle BWC security and privacy they should seek it from outside institutions or consultants, including from outside experts in IoT security and privacy. Part III examines two areas where study of BWCs might offer lessons for the broader domain of IoT. First, to protect police officer privacy during breaks and for other reasons, BWCs are not always on. By contrast, IoT best practices to date have not emphasized the implications of toggling the sensor on and off. Second, an important debate for BWCs is how to promote transparency—to provide accountability while protecting individual privacy. In this respect, BWCs are an application of technology where public disclosure of the entire data feed is a higher priority than for most other IoT applications to date. Studying this debate can inform other IoT debates about when to open full data feeds to the public, consistent with privacy and cybersecurity concerns.

Survey of privacy and security issues in IoT

The paper is a standard study of all the safety problems present inside the Internet of Thing (IOT) along with an study of the retreat prob- lems to an give up-person can also face due to the reach of IOT. The greater part of the analysis is focused on the safety loop hole bob- bing up not in of the statistics alternate technology utilized as a part of Internet of thing. No register measure to the security downsides has been examine in the article.

Awakening Global Governments: An International Survey of Internet of Things Regulation

The rapid proliferation of connected devices has the potential to transform and enrich our lives and to drive significant productivity gains in the broader economy. However, the lack of sufficient security in many “Internet of Things” (IoT) devices creates a meaningful risk to consumers and to the basic functionality of the Internet. The increasingly frequent and high-profile cyberattacks, often fueled by insecure IoT, are driving governments globally to develop responsive policy measures. This paper provides a qualitative survey of the current public policy and emerging regulatory frameworks facing consumer IoT devices in the European Union (EU) and the United States (US). For each geography, we provide an overview of the current regulatory landscape, as well as emerging policy developments, primarily in the area of IoT security and to a lesser extent IoT privacy. In so doing, we develop a broad comparison of the two jurisdictions that draws out the commonalities and differences. We accomplish this through a survey of each jurisdiction’s “hard” and “soft” law applicable to IoT as well as an examination of proposed or otherwise developing policies in the jurisdiction. While existing surveys of individual jurisdictions help develop a clear picture for those countries or regions, a broader perspective on IoT security and privacy policy is needed, given the global nature of the security challenges posed by insecure IoT as well as the global market for IoT devices. It has become clear that no single government or industry actor will be able to alone address the problem of insecure IoT, and cooperation and consensus across borders and industries are needed to more fully address the problem and to fully realize the promised benefits of IoT. This paper provides a first step in developing that broader perspective through a survey and comparison of the current policy approaches in the EU and US. This understanding is essential to formulating coherent and effective policy responses to the problems that arise from insecure IoT. We find that although there is broad recognition of the risks associated with insecure IoT among policymakers in the EU and the US, each government is approaching how to address these risks quite differently, particularly in how they view the role of government visa vie the role of industry and market forces. Not surprisingly, US policymakers currently see industry-led initiatives and a close partnership with industry as the preferred approach, while the EU is approaching these challenges through more centralized, government-led efforts. However, looking beyond the “how,” there is substantial agreement on the “what” – the specific technical areas that must be addressed to improve IoT security. We conclude by identifying the risks these varied approaches create to the promised benefits of IoT as well as the need to expand the analysis to include Asian jurisdictions, particularly China.

The Proactive and Preventive Privacy (3P) Framework for IoT Privacy by Design

The ProblemInternet of Things (IoT) is providing new services and insights by sensing contextual data but there are growing concerns of privacy risks from users that need immediate attention.The ReasonThe IoT devices and smart services can capture Personally Identifiable Information (PII) without user knowledge or consent. The IoT technology has not reached the desired level of maturity to standardize security and privacy requirements.The SolutionIoT Privacy by Design is a user-centric approach for enabling privacy with security and safety as a ‘win-win’ positive outcome of IoT offerings, irrespective of business domain. The Proactive and Preventive Privacy (3P) Framework proposed in this paper should be adopted by the IoT stakeholders for building trust and confidence in end users about IoT devices and smart services.

IOT and Security-Privacy Concerns: A Systematic Mapping Study

The increase of smart devices has accelerated sensitive data exchange on the Internet using most of the time unsecured channels. Since a massive use of RFID (Radio-frequency Identification) tags in the transportation and construction industries from 1980 to 1990, with the expanded use of the Internet with 2G/3G or 4G since 2000, we are witnessing a new era of connected objects. A huge number of heterogeneous sensors may collect and dispatch sensitive data from an endpoint to worldwide network on the Internet. Privacy concerns in IOT remain important issues in the research. In this paper, we aim to evaluate current research state related to privacy and security in IOT by identifying existing approaches and publications trends. Therefore, we have conducted a systematic mapping study using automated searches from selected relevant academics databases. The result of this mapping highlights research type and contribution in different facets and research activities trends in the topic of “security and privacy” in IoT edge, cloud and fog environment.

RETRACTED ARTICLE: Smart hardware hybrid secure searchable encryption in cloud with IoT privacy management for smart home system

Due to the expanding ubiquity of distributed computing, more proprietor of the information is roused to outsource their information to cloud servers for incredible comfort and diminished cost in information administration. Nonetheless, touchy information ought to be encoded before outsourcing for security necessities, which obsoletes information usage like catchphrase based report retrieval. In this paper, we display a hybrid secure searchable encryption in cloud with privacy management, which all the while bolsters dynamic upgrade operations like cancellation and inclusion of reports. In particular, the vector space show and the generally utilized term frequency–inverse record recurrence model are consolidated in the index development and question era. Authors build an exceptional tree based spatial directory structure and proposes a recurrent depth search calculation to give effective multi-keyword sorted secure inquiry. The secure approximate nearest neighbors calculation is used to encode the registry and request, and in the interim guarantee exact importance score figuring between scrambled index and inquiry vectors. Keeping in mind the end goal to oppose factual assaults, apparition terms are added to the index vector for blinding list items. Broad analyses are directed to exhibit the productivity of the proposed conspire. Reflected from the experimental simulation, the proposed model outperforms.

Implementation and Characterization of a Physical Unclonable Function for IoT: A Case Study With the TERO-PUF

Today, life is becoming increasingly connected. From TVs to smartphones, including vehicles, buildings, and household appliances, everything is interconnected in what we call the “Internet of Things” (IoT). IoT is now part of our life and we have to deal with it. More than ten billion devices are already connected and five times more are expected to be deployed in the next five years. While deployment and integration of IoT is expanding, one of the main challenge is to provide practical solutions to security, privacy, and trust issues in IoT. Protection and security mechanisms need to include features such as interoperability and scalability but also traceability, authentication, and access control while remaining lightweight. Among the most promising approaches to such security mechanisms, physical unclonable functions (PUFs) provide a unique identifier for similar but different integrated circuits using some of their physical characteristics. These types of functions can thus be used to authenticate integrated circuits, provide traceability and access control. This paper presents a comprehensive case study of the transient effect ring oscillator (RO) PUF from its implementation on FPGAs to its complete characterization. The implementation of the PUF is detailed for two different families of FPGAs: 1) Xilinx Spartan 6 and 2) Altera Cyclone V. All the metrics used for the characterization are explained in detail and the results of the characterization include robustness to environmental parameters including variations in temperature and voltage. Finally, we compare our results with those obtained for another PUF: the RO PUF. All the design files are available online to ensure repeatability and enable comparison of our contribution with other studies.

CLAPP: A self constructing feature clustering approach for anomaly detection

The term internet of things is a buzz word these days and as per Google survey conducted recently, it has even dominated the buzz word big data predominantly. However, IoT area is still not matured and is throwing light on lot of research issues towards the data mining researchers. Security in IoT throws several challenges because of limited resources. In this context, IoT gains importance once again from data miners towards anomaly mining or intrusion detection. Intrusion detection is classified as NP-class in the literature even today. Algorithms addressing privacy and security issues in IoT must consider the complexities involved and hence require re-attention from all researchers. One more problem faced when judging for intrusion is the use of high dimensionality, classifier choice, and distance measure. For example, the traditional distance measure, such as Euclidean misjudges the similarity. In this paper, the objective is to design a fuzzy membership function to address both dimensionality and anomaly mining so as reduce the computational complexity and increase computational accuracies of classifier algorithms. We validate the proposed measure using several experimentations on NSL-KDD and DARPA datasets using kNN, J48 and CANN using Gaussian measure. Improved accuracies of classifiers on U2R and R2L attacks have been recorded in the experimental results obtained for experiments conducted.

Security and Privacy for Cloud-Based IoT: Challenges

The Internet of Things is increasingly becoming a ubiquitous computing service, requiring huge volumes of data storage and processing. Unfortunately, due to the unique characteristics of resource constraints, self-organization, and shortrange communication in IoT, it always resorts to the cloud for outsourced storage and computation, which has brought about a series of new challenging security and privacy threats. In this article, we introduce the architecture and unique security and privacy requirements for the next generation mobile technologies on cloud-based IoT, identify the inappropriateness of most existing work, and address the challenging issues of secure packet forwarding and efficient privacy preserving authentication by proposing new efficient privacy preserving data aggregation without public key homomorphic encryption. Finally, several interesting open problems are suggested with promising ideas to trigger more research efforts in this emerging area.

Before it’s too Late

Those who know they are inventing the future often have minimal, if any, concern for understanding what has gone before. Therefore, what can be done, and what is being done, to improve IoT privacy and security can be worlds apart. With that in mind Dinesh Abeywickrama MBCS discusses some legitimate security concerns and looks at where to start in addressing such issues.

Information Relevance Model of Customized Privacy for IoT

Motivated by advances in mass customization in business practice, explosion in the number of internet of things devices, and the lack of published research on privacy differentiation and customization, we propose a contextual information relevance model of privacy. We acknowledge the existence of individual differences with respect to unique security and privacy protection needs. We observe and argue that it is unfair and socially inefficient to treat privacy in a uniform (or less differentiated) manner whereby a large proportion of the population remain unsatisfied by a common policy. Our research results provide quantifiable means to measure and evaluate the customized privacy. We show that with privacy differentiation, the social planner will observe increases in demand and overall social welfare. Our results also show that business practitioners could profit from privacy customization.