Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security and Cryptology

Inscrypt 2017: Information Security and Cryptology pp 3–10Cite as

Security and Privacy in the IoT

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10726))

Abstract

Deploying existing data security solutions to the Internet of Things (IoT) is not straightforward because of device heterogeneity, highly dynamic and possibly unprotected environments, and large scale. In this paper, we first outline IoT security and privacy risks and critical related requirements in different application domains. We then discuss aspects of a roadmap for IoT security and privacy with focus on access control, software and firmware, and intrusion detection systems. We conclude the paper by outlining a few challenges.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Bertino, E., Ghinita, G., Kamra, A.: Access control for databases: concepts and systems. Found. Trends Databases 3(1–2), 1–148 (2011)

    MATH  Google Scholar 

  2. Bertino, E.: Data security and privacy in the IoT. In: Proceedings of the 19th International Conference on Extending Database Technology, EDBT 2016, Bordeaux, France, March 15–16, 2016, Bordeaux, France, 15–16 March 2016

    Google Scholar 

  3. Bertino, E., Islam, N.: Botnets and Internet of Things security. IEEE Comput. 50(2), 76–79 (2017)

    Article  Google Scholar 

  4. Rawlinson, K.: HH Study Reveals 70 Percent of Internet of Things Devices Vulnerable to Attack. http://www8.hp.com/us/en/hp-news/

  5. Bansal, S.K.: Linux Worm targets Internet-enabled Home Appliances to Mine Cryptocurrencies, March 2014. http://thehackernews.com/2014/03/linux-worm-targets-internet-enabled.html

  6. Wright, A.: Hacking cars. Commun. ACM 54(11), 18–19 (2011)

    Article  Google Scholar 

  7. https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project

  8. Ho, G., Leung, D., Mishra, P., Hosseini, A., Song, D., Wagner, D.: Smart locks: lessons for securing commodity Internet of Things devices. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2016, Xi’an, China, May 30–June 3 2016

    Google Scholar 

  9. Sametinger, J., Rozenblit, J.W., Lysecky, R.L., Ott, P.: Security challenges for medical devices. Commun. ACM 58(4), 74–82 (2015)

    Article  Google Scholar 

  10. Accenture. Driving the Unconventional Growth through the Industrial Internet of Things (2015). https://www.accenture.com/us-en/_acnmedia/Accenture/next-gen/reassembling-industry/pdf/Accenture-Driving-Unconventional-Growth-through-IIoT.pdf

  11. McLaughin, S., et al.: The cybersecurity landscape in industrial control systems. Proc. IEEE 104(5), 1039–1057 (2016)

    Article  Google Scholar 

  12. Shebaro, B., Oluwatimi, O., Bertino, E.: Context-based access control systems for mobile devices. IEEE Trans. Dependable Secure Comput. 12(2), 150–163 (2015)

    Article  Google Scholar 

  13. Levy, A., Long, J., Riliskis, L., Levis, P., Winstein, K.: Beetle: flexible communication for bluetooth low energy. In: Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2016, Singapore, 26–30 June 2016

    Google Scholar 

  14. Midi, D., Payer, M., Bertino, E.: Memory safety for embedded devices with nesCheck. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2017, Abu Dhabi, United Arab Emirates, 2–6 April 2017

    Google Scholar 

  15. Midi, D., Rullo, A., Mudgerikar, A., Bertino, E.: Kalis - a system for knowledge-driven adaptable intrusion detection for the Internet of Things. In: 37th IEEE International Conference on Distributed Computing Systems, ICDCS 2017, Atlanta, GA, USA, 5–8 June 2017

    Google Scholar 

  16. Cui, A., Costello, M., Stolfo, S.: When firmware modifications attack: a case study of embedded exploitation. In: 20th Annual Network and Distributed System Security Symposium, NDSS 2013, San Diego, California, USA, 24–27 February 2013

    Google Scholar 

  17. Shoshitaishvili, Y., Wang, R., Hauser, C., Kruegel, C., Vigna, G.: Firmalice - automatic detection of authentication bypass vulnerabilities in binary firmware. In: 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, 8–11 February 2015

    Google Scholar 

  18. Bossi, L., Bertino, E., Hussain, S.R.: A system for profiling and monitoring database access patterns by application programs for anomaly detection. IEEE Trans. Software Eng. 43(5), 415–431 (2017)

    Article  Google Scholar 

  19. Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw. 11, 2661–2674 (2013)

    Article  Google Scholar 

  20. Won, J.H., Singla, A., Bertino, E.: Blockchain-based Public Key Infrastructure for Internet-of-Things (2017, Submitted for Publication)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Purdue University, West Lafayette, IN, USA

    Elisa Bertino

Authors
  1. Elisa Bertino
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Elisa Bertino .

Editor information

Editors and Affiliations

  1. Xidian University, Xi’an, China

    Xiaofeng Chen

  2. SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Dongdai Lin

  3. Columbia University, New York, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bertino, E. (2018). Security and Privacy in the IoT. In: Chen, X., Lin, D., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2017. Lecture Notes in Computer Science(), vol 10726. Springer, Cham. https://doi.org/10.1007/978-3-319-75160-3_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-75160-3_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-75159-7

  • Online ISBN: 978-3-319-75160-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation