Skip to main content
Springer Nature Link
Log in

IoTSec: A Lightweight and Holistic IoT Security Based on IoT Data Contextualisation and Homomorphic Encryption

  • Chapter
  • First Online:
Next-Gen Digital Services. A Retrospective and Roadmap for Service Computing of the Future

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12521))

  • 691 Accesses

Abstract

The Internet of Things incorporates billions of sensors, cameras, RFID and other machines that observe and/or affect the physical world, as well as IoT applications that harvest and analyse IoT data in the cloud, edge computers, and/or the IoT devices themselves. To realise its full potential IoT must ensure the security of the IoT data and related applications that support the IoT-based services and products that are provided to their consumers. Although IoT devices, networks, and computing resources support robust security standards and include related mechanisms that can secure IoT data within the scope of these IoT components, compositions of such point security solutions often fail to ensure the security of IoT data across the IoT ecosystem. In this article we will discuss the main challenges in securing IoT data acquisition, communication, analysis, actuation and illustrate the need for IoT security solutions that are both holistic and lightweight. In addition, we propose a holistic and lightweight IoT security mechanism that via a novel combination of contextualisation with homomorphic encryption prevents harmful outcomes from lack of IoT data security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Aggarwal, C.C., Philip, S.Y.: A general survey of privacy-preserving data mining models and algorithms. In: Privacy-Preserving Data Mining, pp. 11–52. Springer, Boston (2008). https://doi.org/10.1007/978-0-387-70992-5_2

  2. Andrukiewicz, E., Cadzow, S., Górniak, S.: IoT security standards gap analysis. European Union Agency For Network and Information Security (2018)

    Google Scholar 

  3. Bakken, D.E., Rarameswaran, R., Blough, D.M., Franz, A.A., Palmer, T.J.: Data obfuscation: anonymity and desensitization of usable data sets. IEEE Secur. Priv. 2(6), 34–41 (2004)

    Google Scholar 

  4. Belsis, P., Pantziou, G.: A k-anonymity privacy-preserving approach in wireless medical monitoring environments. Pers. Ubiquit. Comput. 18(1), 61–74 (2014)

    Article  Google Scholar 

  5. Bera, A., Kundu, A., De Sarkar, N.R., Mou, D.: Experimental analysis on big data in IoT-based architecture. In: Satapathy, S., Bhateja, V., Joshi, A. (eds.) International Conference on Data Engineering and Communication Technology, pp. 1–9. Springer, Singapore (2017). https://doi.org/10.1007/978-981-10-1678-3_1

  6. Bertino, E., Ooi, B.C., Yang, Y., Deng, R.H.: Privacy and ownership preserving of outsourced medical data. In: 21st International Conference on Data Engineering, pp. 521–532. IEEE (2005)

    Google Scholar 

  7. Bertino, E., Sandhu, R.: Database security-concepts, approaches, and challenges. IEEE Trans. Dependable Secure Comput. 2(1), 2–19 (2005)

    Article  Google Scholar 

  8. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13

    Chapter  Google Scholar 

  9. Camtepe, S.A., Yener, B.: Combinatorial design of key distribution mechanisms for wireless sensor networks. In: Computer Security-ESORICS 2004, pp. 293–308 (2004)

    Google Scholar 

  10. Covington, M.J., Long, W., Srinivasan, S., Dev, A.K., Ahamad, M., Abowd, G.D.: Securing context-aware applications using environment roles. In: Proceedings of the 6-th ACM Symposium on Access Control Models and Technologies, pp. 10–20. ACM (2001)

    Google Scholar 

  11. Du, W., Deng, J., Han, Y.S., Varshney, P.K., Katz, J., Khalili, A.: A pairwise key pre-distribution scheme for wireless sensor networks. In: ACM, pp. 42–51 (2003)

    Google Scholar 

  12. Eschenauer, L., Gligor, V.D.: A key-management scheme for distributed sensor networks. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 41–47. ACM (2002)

    Google Scholar 

  13. Gentry, C.: Toward basing fully homomorphic encryption on worst-case hardness. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 116–137. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_7

    Chapter  Google Scholar 

  14. Georgakopoulos, D., Jayaraman, P.P.: Internet of Things: from internet scale sensing to smart services. Computing 98(10), 1041–1058 (2016)

    Article  MathSciNet  Google Scholar 

  15. Hahn, J.: Security and privacy for location services and the internet of things. Libr. Technol. Rep. 53(1), 23–28 (2017)

    Google Scholar 

  16. Hu, C., Zhang, J., Wen, Q.: An identity-based personal location system with protected privacy in IoT. In: 2011 4th IEEE International Conference on Broadband Network and Multimedia Technology (IC-BNMT), pp. 192–195. IEEE (2011)

    Google Scholar 

  17. Hu, J., Weaver, A.C.: A dynamic, context-aware security infrastructure for distributed health-care applications. In: Proceedings of the First Workshop on Pervasive Privacy Security, Privacy, and Trust, pp. 1–8. Citeseer (2004)

    Google Scholar 

  18. Jayaraman, P.P., Yang, X., Yavari, A., Georgakopoulos, D., Yi, X.: Privacy preserving internet of things: from privacy techniques to a blueprint architecture and efficient implementation. Future Gener. Comput. Syst. (2017)

    Google Scholar 

  19. Kalra, S., Sood, S.K.: Secure authentication scheme for IoT and cloud servers. Pervasive Mob. Comput. 24, 210–223 (2015)

    Article  Google Scholar 

  20. Ko, J., et al.: MEDiSN: medical emergency detection in sensor networks. ACM Trans. Embed. Comput. Syst. (TECS) 10(1), 1–29 (2010)

    Article  Google Scholar 

  21. Liu , D., Ning, P.: Establishing pairwise keys in distributed sensor networks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS 2003, New York, NY, USA, pp. 52–61. ACM (2003)

    Google Scholar 

  22. Liu, J., Xiao, Y., Philip Chen, C.L.: Internet of Things’ authentication and access control. Int. J. Secur. Netw. 7(4), 228–241 (2012)

    Article  Google Scholar 

  23. Malan, D.J., Fulford-Jones, T., Welsh, M., Moulton, S.: CodeBlue: an ad hoc sensor network infrastructure for emergency medical care. In: International Workshop on Wearable and Implantable Body Sensor Networks (2004)

    Google Scholar 

  24. Martucci, L.A., Fischer-Hübner, S., Hartswood, M., Jirotka, M.: Privacy and social values in smart cities. In: Angelakis, V., Tragos, E., Pöhls, H.C., Kapovits, A., Bassi, A. (eds.) Designing, Developing, and Facilitating Smart Cities, pp. 89–107. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-44924-1_6

    Chapter  Google Scholar 

  25. Mivule, K.: Utilizing noise addition for data privacy, an overview. arXiv preprint arXiv:1309.3958 (2013)

  26. Neuman, B.C., Ts’o, T.: Kerberos: an authentication service for computer networks. Commun. Mag. 32(9), 33–38 (1994)

    Article  Google Scholar 

  27. Ouaddah, A., Abou Elkalam, A., Ouahman, A.A.: Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Europe and MENA Cooperation Advances in Information and Communication Technologies, pp. 523–533. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-46568-5_53

  28. Ould-Yahia, Y., Banerjee, S., Bouzefrane, S., Boucheneb, H.: Exploring formal strategy framework for the security in IoT towards e-health context using computational intelligence. In: Bhatt, C., Dey, N., Ashour, A.S. (eds.) Internet of Things and Big Data Technologies for Next Generation Healthcare. SBD, vol. 23, pp. 63–90. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-49736-5_4

    Chapter  Google Scholar 

  29. Panah, A.S., Yavari, A., van Schyndel, R., Georgakopoulos, D., Yi, X.: Context-driven granular disclosure control for internet of things applications. IEEE Trans. Big Data 5, 408–422 (2017)

    Article  Google Scholar 

  30. Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.: SPINS: security protocols for sensor networks. Wirel. Netw. 8(5), 521–534 (2002)

    Article  Google Scholar 

  31. Picazo-Sanchez, P., Tapiador, J.E., Peris-Lopez, P., Suarez-Tangil, G.: Secure publish-subscribe protocols for heterogeneous medical wireless body area networks. Sensors 14(12), 22619–22642 (2014)

    Article  Google Scholar 

  32. Rayes, A., Salam, S.: Internet of Things—From Hype to Reality. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-44860-2

    Book  Google Scholar 

  33. Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MathSciNet  Google Scholar 

  34. Roman, R., Alcaraz, C., Lopez, J., Sklavos, N.: Key management systems for sensor networks in the context of the internet of things. Comput. Electr. Eng. 37(2), 147–159 (2011)

    Article  Google Scholar 

  35. Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57(10), 2266–2279 (2013)

    Article  Google Scholar 

  36. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27

    Chapter  Google Scholar 

  37. Shah, T., et al.: Remote health care cyber-physical system: quality of service (QoS) challenges and opportunities. IET Cyber Phys. Syst. Theory Appl. 1(1), 40–48 (2016)

    Article  Google Scholar 

  38. Sweeney, L.: k-anonymity: a model for protecting privacy. Int. J. Uncertainty Fuzziness Knowl. Based Syst. 10(05), 557–570 (2002)

    Article  MathSciNet  Google Scholar 

  39. Tragos, E., Fragkiadakis, A., Angelakis, V., Pöhls, H.C.: Designing secure IoT architectures for smart city applications. In: Angelakis, V., Tragos, E., Pöhls, H.C., Kapovits, A., Bassi, A. (eds.) Designing, Developing, and Facilitating Smart Cities, pp. 63–87. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-44924-1_5

    Chapter  Google Scholar 

  40. Venkatasubramanian, K.K., Banerjee, A., Gupta, S.K.S., et al.: EKG-based key agreement in body sensor networks. In: INFOCOM Workshops 2008, IEEE, pp. 1–6. IEEE (2008)

    Google Scholar 

  41. Weber, R.H.: Internet of things-new security and privacy challenges. Comput. Law Secur. Rev. 26(1), 23–30 (2010)

    Article  Google Scholar 

  42. Wood, A., et al.: ALARM-NET: wireless sensor networks for assisted-living and residential monitoring. University of Virginia Computer Science Department Technical Report, 2:17 (2006)

    Google Scholar 

  43. Yavari, A., Georgakopoulos, D., Agrawal, H., Korala, H., Jayaraman, P.P., Milovac, J.K.: Internet of Things milk spectrum profiling for industry 4.0 dairy and milk manufacturing. In: 2020 International Conference on Information Networking (ICOIN), pp. 342–347 (2020)

    Google Scholar 

  44. Yavari, A., Georgakopoulos, D., Stoddart, P.R., Shafiei, M.: Internet of Things-based hydrocarbon sensing for real-time environmental monitoring. In: 2019 IEEE 5th World Forum on Internet of Things (WF-IoT), pp. 729–732 (2019)

    Google Scholar 

  45. Yavari, A.: Internet of Things data contextualisation for scalable information processing, security, and privacy. Ph.D. thesis, RMIT University (2019)

    Google Scholar 

  46. Yavari, A., Jayaraman, P.P., Georgakopoulos, D., Nepal, S.: Contaas: an approach to internet-scale contextualization for developing efficient internet of things applications. In: Proceedings of the 50th Annual Hawaii International Conference on System Sciences. IEEE (2017)

    Google Scholar 

  47. Yavari, A., Jayaraman, P.P., Georgakopoulos, D.: Contextualised service delivery in the Internet of Things: parking recommender for smart cities. In: IEEE 3rd World Forum on Internet of Things, pp. 454–459. IEEE (2016)

    Google Scholar 

  48. Yavari, A., Panah, A.S., Georgakopoulos, D., Jayaraman, P.P., van Schyndel, R.: Scalable role-based data disclosure control for the Internet of Things. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 2226–2233. IEEE (2017)

    Google Scholar 

  49. Yi, X., Paulet, R., Bertino, E.: Homomorphic encryption. Homomorphic Encryption and Applications. SCS, pp. 27–46. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12229-8_2

    Chapter  MATH  Google Scholar 

  50. Shucheng, Yu., Ren, K., Lou, W.: FDAC: toward fine-grained distributed data access control in wireless sensor networks. IEEE Trans. Parallel Distrib. Syst. 22(4), 673–686 (2011)

    Article  Google Scholar 

  51. Zhang, T., Siebers, P.-O., Aickelin, U.: Modelling electricity consumption in office buildings: an agent based approach. Energy Build. 43(10), 2882–2892 (2011)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Internet of Things Lab, Digital Research Innovation Capability Platform, Faculty of Science, Engineering, and Technology, Swinburne University of Technology, Melbourne, Australia

    Ali Yavari & Dimitrios Georgakopolous

Authors
  1. Ali Yavari
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dimitrios Georgakopolous
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ali Yavari .

Editor information

Editors and Affiliations

  1. University of Stuttgart, Stuttgart, Germany

    Marco Aiello

  2. The University of Sydney, Camperdown, NSW, Australia

    Athman Bouguettaya

  3. Eindhoven University of Technology, ’s Hertogenbosch, The Netherlands

    Damian Andrew Tamburri

  4. Tilburg University, ’s Hertogenbosch, The Netherlands

    Willem-Jan van den Heuvel

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Yavari, A., Georgakopolous, D. (2021). IoTSec: A Lightweight and Holistic IoT Security Based on IoT Data Contextualisation and Homomorphic Encryption. In: Aiello, M., Bouguettaya, A., Tamburri, D.A., van den Heuvel, WJ. (eds) Next-Gen Digital Services. A Retrospective and Roadmap for Service Computing of the Future. Lecture Notes in Computer Science(), vol 12521. Springer, Cham. https://doi.org/10.1007/978-3-030-73203-5_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-73203-5_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-73202-8

  • Online ISBN: 978-3-030-73203-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics