Evolving privacy: From sensors to the Internet of Things

doi:10.1016/j.future.2017.04.045

Future Generation Computer Systems

Volume 75, October 2017, Pages 46-57

https://doi.org/10.1016/j.future.2017.04.045 Get rights and content

Highlights

•
Analysis of existing privacy threats in scenarios involving sensing technologies.
•
Evaluation of the privacy problems that may be inherited by the IoT.
•
Identification of the challenges that emerge as sensors are integrated into the Internet.

Abstract

The Internet of Things (IoT) envisions a world covered with billions of smart, interacting things capable of offering all sorts of services to near and remote entities. The benefits and comfort that the IoT will bring about are undeniable, however, these may come at the cost of an unprecedented loss of privacy. In this paper we look at the privacy problems of one of the key enablers of the IoT, namely wireless sensor networks, and analyse how these problems may evolve with the development of this complex paradigm. We also identify further challenges which are not directly associated with already existing privacy risks but will certainly have a major impact in our lives if not taken into serious consideration.

Introduction

The Internet of Things (IoT) has been recognised as one of the major technological revolutions of this century [1], [2]. Although the IoT is still in its infancy and will only unleash its full potential with the development of a completely distributed approach [3], the importance of this paradigm has already been recognised by the major international standard bodies [4], which have come into play to ensure the correct operation, interoperability and resilience of this paradigm.

Despite the complexities of the scenarios envisioned by the IoT [5], the realisation of this paradigm can be achieved with three main, non-trivial architectural components: smart things, backend servers and communications infrastructure (as depicted in Fig. 1). One of the challenges in these scenarios is to enable the connection of everyday objects to the Internet. However, the IoT is not only about connectivity, it is about the pervasive collection and sharing of data towards a common goal. Therefore, smart sensing technologies are undeniably one of the key enablers of this paradigm.

Since humans are amidst smart things, the deployment of sensing technologies by IoT systems will pose an unprecedented threat to individual privacy. Unlike current Internet scenarios where users have to take an active role (i.e., query for services) to put their privacy at stake, with the increasing number of sensing devices around us, we become targets of data collection without even noticing it and in hitherto unsuspected situations. This has led some companies to analyse the need for security and privacy in these environments [6], [7] but in most cases privacy is treated in the narrow sense of data confidentiality. Surprisingly, only a few companies acknowledge the need for more advanced privacy mechanisms, even though the NGMN Alliance [8] explicitly states that no mature solution has been proposed to date.

Also some researchers have looked at privacy problems in IoT environments. Most of them consider privacy as part of a broader security analysis (e.g., [3]) and only a few papers analyse privacy as a problem in its own right. In this respect, some authors have looked at privacy in the IoT from a legal perspective [9]. Other authors have analysed the privacy impact of various enabling IoT technologies [10], [11]; however their analyses are horizontal and they leave out some relevant problems inherited from sensor networks. We cover them in this paper in detail.

These privacy problems (see Fig. 2) can be classified into two main categories according to the entity whose privacy is being threatened, namely the user or the network itself [12]:

•
In user-centric privacy, the problem comes from the ability of sensors to detect the presence of humans or relevant assets and capture sensitive information about them. Therefore, sensor networks can be used as a mechanism to inadvertently spy on anyone or anything. Moreover, user-centric privacy cannot be easily achieved by technological means alone as the privacy perpetrator is the owner of the network and he/she may secretly use the surveillance capabilities of the network to profile and track users.
•
In network-centric privacy, the attacker is an external entity who wants to learn information about the network itself or the elements being monitored by the network. In this case, the first line of defence is the use of confidentiality mechanisms to protect the content of data packets. However, this is usually not sufficient to provide network-centric privacy as the attacker may gain access to the cryptographic material. In addition, the attacker may be able to extract relevant information by means of traffic analysis attacks.

This classification can be broken down into several sub-categories depending on the type of information or asset to be protected. A natural question at this point is whether computer-based anonymity solutions for current Internet scenarios may be suitable to tackle the aforementioned problems. After an extensive analysis [13] we concluded that most of these systems are too costly, and even when some of them are lightweight enough, they do not meet the anonymity requirements for sensor networks or they limit their functionality. However, it is worth noting that they will be indispensable for protecting the traffic to/from the outside infrastructure.

In this paper we concentrate on analysing how the privacy problems that have appeared in sensor networks, as isolated systems, will evolve when they are integrated into the Internet. We also identify new challenges that the evolution of these technologies will possibly entail. The main goal of this paper is thus to highlight privacy problems as well as potential solutions and, in this way, encourage the scientific community to continue researching and delving into the various challenges identified in this paper. This will, in turn, facilitate the development of solutions to address privacy threats thus giving rise to a more privacy-conscious IoT.

The structure of this paper is organised according to the classification in Fig. 2. First, in Section 2 we focus on problems and challenges caused by the ability of sensor networks to surreptitiously collect information about individuals. Subsequently, Section 3 and Section 4 deals with two different privacy problems that affect the network itself and the assets and entities being legitimately monitored by the network. Section 5 describes further challenges that may arise due to the integration of sensing technologies in the IoT but are not a direct evolution of problems already existing in sensor networks. Finally, Section 6 summarises the main contributions of the paper.

Section snippets

User-centric privacy

This section describes the privacy problems associated with the ability of sensing technologies to collect information about individuals within their monitoring range without them even being aware of this situation. We also briefly look at the typical approach to privacy in the Internet era, which is based on legislation and fair information practices. Finally, we present the reasons why legislation is not the way to a privacy-friendly IoT and discuss some related challenges.

Content-oriented privacy

The data collected and transmitted by the network may contain private information about individuals, businesses and valuable assets. As such, protecting these data from eavesdroppers and attackers enables content-oriented privacy in WSNs. Although the typical approach to data protection has been through authentication and encryption, these mechanisms alone cannot ensure content-oriented privacy in some specific circumstances. Next we cover two situations where content-oriented privacy is not

Context-oriented privacy

During the normal operation of the network, the mere presence of messages in the network reveals a lot of information even if secure encryption algorithms are used to protect their contents. The reason for such a data leakage is that an attacker may learn information not only from the contents of the messages but also from the features of the communications, including the size and number of messages being transmitted, the time and rate at which messages are being sent, the frequency spectrum

Further identified challenges

Despite the many challenges that have been presented in previous sections, here we identify a number of additional challenges which are not directly related to already existing problems in wireless sensor networks but are more associated with the features and peculiarities of the sensors and the Internet of Things. As this is a particularly dynamic and evolving paradigm, new challenges will doubtlessly appear in the near future.

First, it is important to consider the Internet of Things as a

Conclusion

Privacy preservation will be one of the major challenges in the development of the Internet of Things. Billions of sensor-enabled devices will be deployed for collecting fine-grained information from the environment and will share them with other devices and backend servers. Amidst them, there will be individuals as well as relevant assets and businesses thus leading to an unprecedented loss of privacy unless these issues are properly addressed from the inception of this new paradigm.

Therefore,

Acknowledgements

The work of the first two authors has been partially funded by the Spanish Ministry of Economy and Competitiveness through PERSIST (TIN2013- 41739-R) and SMOG (TIN2016-79095-C2-1-R).

References (68)

R. Roman et al.
On the features and challenges of security and privacy in distributed internet of things
Comput. Netw.
(2013)
J. Gubbi et al.
Internet of Things (IoT): A vision, architectural elements, and future directions
Future Gener. Comput. Syst.
(2013)
X. Caron et al.
The internet of things (iot) and its impact on individual privacy: An australian perspective
Comput. Law Secur. Rev.
(2016)
J. Camenisch
Information privacy?!
Comput. Netw.
(2012)
R. Di Pietro et al.
Location privacy and resilience in wireless sensor networks querying
Comput. Commun.
(2011)
X. Yang et al.
A novel temporal perturbation based privacy-preserving scheme for real-time monitoring systems
Comput. Netw.
(2015)
R. Mitchell et al.
A survey of intrusion detection in wireless network applications
Comput. Commun.
(2014)
A.A. Nezhad et al.
Location privacy and anonymity preserving routing for wireless sensor networks
Comput. Netw.
(2008)
H. Wang et al.
Privacy-aware routing in sensor networks
Comput. Netw.
(2009)
J. Deng et al.
Decorrelating wireless sensor network traffic to inhibit traffic analysis attacks
Pervasive Mob. Comput.
(2006)

R. Rios et al.

Probabilistic receiver-location privacy protection in wireless sensor networks

Inform. Sci.

(2015)

C. Links

The Internet of things will change our world

ERCIM News

(2015)

H. Green, How The Internet Of Things Will Change (And Improve) Our Everyday Lives,...

IEEE Standards Association, IoT Architecture - Internet of Things (IoT) Architecture,...

Huawei Technologies Co., Ltd., 5G Security: Forward Thinking,...

Ericsson AB, 5G Security - Scenarios and Solutions, https://www.ericsson.com/res/docs/whitepapers/wp-5g-security.pdf...

Next Generation Mobile Networks, NGMN 5G White Paper, https://www.ngmn.org/uploads/media/NGMN_5G_White_Paper_V1_0.pdf...

J.H. Ziegeldorf et al.

Privacy in the internet of things: threats andchallenges

Secur. Commun. Netw.

(2014)

P. Porambage et al.

The quest for privacy in the internet of things

IEEE Cloud Comput.

(2016)

R. Rios et al.

Analysis of location privacy solutions in wireless sensor networks

IET Commun.

(2011)

R. Rios et al.

(Un)suitability of anonymous communication systems to WSN

IEEE Syst. J.

(2013)

J. Temperton, AVG can sell your browsing and search history to advertisers,...

J. Parsons, Popular ID app could sell YOUR personal data to third-parties, without you even knowing it,...

M. Behfar et al.

Design and technical evaluation of an implantable passive sensor for minimally invasive wireless intracranial pressure monitoring

A.F. Westin, Privacy and Freedom, first ed., New York Atheneum,...

S. Landau

What was samsung thinking?

IEEE Secur. Privacy

(2015)

C.D. Marsan, 15 worst internet privacy scandals of all time,...

C. Castelluccia et al.

Efficient and provably secure aggregation of encrypted data in wireless sensor networks

ACM Trans. Sensor Netw.

(2009)

S. Othman et al.

Confidentiality and integrity for data aggregation in wsn using homomorphic encryption

Wirel. Pers. Commun.

(2015)

C.-M. Chen et al.

RCDA: Recoverable concealed data aggregation for data integrity in wireless sensor networks

IEEE Trans. Parallel Distrib. Syst.

(2012)

Y.-H. Lin et al.

CDAMA: Concealed data aggregation scheme for multiple applications in wireless sensor networks

IEEE Trans. Knowl. Data Eng.

(2013)

W. He, X. Liu, H. Nguyen, K. Nahrstedt, T. Abdelzaher, PDA: Privacy-preserving data aggregation in wireless sensor...

G. Yang et al.

Precision-enhanced and encryption-mixed privacy-preserving data aggregation in wireless sensor networks

Int. J. Distrib. Sens. Netw.

(2013)

W. Zhang et al.

GP2S: Generic privacy-preservation solutions for approximate aggregation of sensor data

Cited by (131)

Overview of Internet of Things-based multi-energy management of cleaner multi-energy mix
2023, IoT Enabled Multi-Energy Systems: From Isolated Energy Grids to Modern Interconnected Networks
Today’s energy ecosystem is engaged with numerous intelligent objects that are connected to the Internet leading to the network of smart connected things. This network is expanding day by day in response to the need for affordable, compact, and advanced energy infrastructure pursuing the key goal of improving energy services in societies. The great cumulation of Internet-connected objects paves the way for the emergence of the community of smart objects that is called the Internet of Things (IoT). The IoT eases virtually controlling energy processes in almost every domain of society. Hence, this technology is intended as one of the main tools for the realization of grid modernization schemes. As future energy grids are going toward fully renewable energy networks, the capable technologies are the essential requirements of the modern grid in providing sufficient flexibility for keeping its sustainability. When it comes to how to implement such technologies in practice, the immense potential of the IoT technology has made it as a strong contender for the feasibility of programs with advanced technologies. On the other hand, the integrated operation of energy networks due to the emergence of hybrid energy devices adds more complexities to the grid’s developments. Herein, IoT technology brings a widespread network of smart systems with a variety of capabilities, particularly in terms of networking, storage, and computing. This chapter wants to provide an overview of the key role of IoT in the energy management of future modern energy networks with a high/full share of renewable energy sources. Moreover, this chapter discusses the capability of IoT technology in improving synergies among different smart energy management devices.
Improving Source location privacy in social Internet of Things using a hybrid phantom routing technique
2022, Computers and Security
The amalgamation of Smart IoT and Machine learning is an emerging research area. In this context, a new trend in IoT called Social IoT has been considered for this study. The Social IoT has benefits of connectivity exhibited within the network of connected objects through the Internet of Things (IoT). It covers the entire world and provides innovative services to improve life standards, establishes novel businesses, and makes buildings and cities. Certain smart things allow the collection of ubiquitous data or traffic, which pose a threat to source location privacy. Therefore, it limits the source of the Internet of Things vision if implemented wrongly. These threats come along with some challenges, adversary profiles, and the location privacy of personal data. When they are used to monitor important assets, the attacker can easily hunt the location of these assets. However, the source location constitutes a way to prevent the adversary from finding the location of the source. This research has used a hybrid phantom method by combining the phantom node and multi-path route that improves privacy and reduces the consumption of energy. The Analytic Hierarchal Process (AHP) is used for phantom node selection, based on parameters such as energy, distance, heterogeneity, and neighbor list. The result shows the average consistency value of the parameters is 4.2 and the consistency index value is 0.066. The overall priority of the alternative node is 2.089 as compared to other nodes. The sum of the vector weight value is obtained as 4.845. The total average energy consumption is 1.211 J and the average safety period capture ratio is 59.41%. The proposed techniques overwhelmed the deficiencies in existing techniques, reduces energy consumption improves the safety period and increases the network lifetime.
Lifetime optimization of dense wireless sensor networks using continuous ring-sector model
2022, Future Generation Computer Systems
Wireless sensor networks (WSNs) are becoming increasingly utilized in applications that require remote collection of data on environmental conditions. In particular dense WSNs are emerging as an important sensing platforms for the Internet of Things (IoT). WSNs are able to generate huge volumes of raw data, which require network structuring and efficient collaboration between nodes to ensure efficient transmission. In order to reduce the amount of data carried in the network, data aggregation is used in WSNs to define a policy of data fusion and compression. In this paper, we investigate a model for data aggregation in a dense WSN with a single sink. The model divides a circular coverage region centered at the sink into patches which are intersections of sectors of concentric rings, and data in each patch is aggregated at a single node before transmission. Nodes only communicate with other nodes in the same sector. Based on these assumptions, we formulate a linear programming problem to maximize system lifetime by minimizing the maximum proportionate energy consumption over all nodes. Under a wide variety of conditions, the optimal solution employs two transmissions mechanisms: direct transmission, in which nodes send information directly to the sink; and stepwise transmission, in which nodes transmit information to adjacent nodes. An exact formula is given for the proportionate energy consumption rate of the network. Asymptotic forms of this exact solution are also derived, and are verified to agree with the linear programming solution. We investigate three strategies for improving system lifetime: nonuniform energy and information density; iterated compression; and modifications of rings. We conclude that iterated compression brings the greatest increase in system lifetime, but at the cost of possible information loss.
A Comprehensive Survey on Applications, Challenges, Threats and Solutions in IoT Environment and Architecture
2024, Journal of Computer Science
Conquering insufficient/imbalanced data learning for the Internet of Medical Things
2023, Neural Computing and Applications
Risky model of mobile application presentation
2023, Journal of Computer Virology and Hacking Techniques

View all citing articles on Scopus

Javier Lopez is Full Professor at the University of Malaga. His activities are mainly focused on network security, critical information infrastructures protection and security services, leading a number of national and international research projects in those areas, including projects in FP5, FP6 and FP7 European Programmes. Prof. Lopez is the Co-Editor in Chief of the International Journal of Information Security (IJIS) and Spanish representative in the IFIP Technical Committee 11 on Security and Protection in Information Systems. Besides, he is a member of the Editorial Board of the journals Computer Communications, Computers & Security, International Journal on Critical Infrastructure Protection and International Journal of Communication Systems, among others. He is also the Chair of the ERCIM (European Research Consortium for Informatics and Mathematics) Working Group on Security and Trust Management.

Ruben Rios is a postdoctoral researcher at the University of Malaga. He obtained the B.Sc. from the University of Skövde (Sweden) in 2007 and later the M.S.Eng. and the Ph.D. degrees in Computer Science from the University of Malaga (Spain) in 2008 and 2014, respectively. He has been involved in several national and European projects. His research interests are centred on the notions of privacy, anonymity, and information disclosure, with special interest on its application to Wireless Sensor Networks and the Internet of Things.

Feng Bao is currently the Director of the Security Lab at Huawei. He received his B.S. in mathematics and M.S. in Computer Science from Beijing University, and his Ph.D. in Computer Science from Gunma University, Japan. He was a researcher with Chinese Academy of Science and a Visiting Scientist with Hamburg University. From 1996 to 2012, he was with the Institute for Infocomm Research, A*STAR of Singapore, and took the position of the Principal Scientist and the Head of the Cryptography and Security Dept. His research interests are mainly in cryptography and cyber security. He has published over 200 papers in the international conferences and journals, which have over 5000 citations. He has 16 patents and has been involved in the management of dozens of industry projects and international collaborations. He is a member of Asiacrypt Steering Committee and the Editorial Member of 2 international journals. He has chaired over 20 international conferences in security.

Guilin Wang received the Ph.D. degree in computer science from the Institute of Software, Chinese Academy of Sciences, Beijing, China, in 2001. He is currently a Senior Researcher with Huawei International Pte Ltd., Singapore. He is also currently a Senior Lecturer with the School of Computer Science and Software Engineering, University of Wollongong, Wollongong, Australia. Before this, he was a Lecturer with the University of Birmingham, Birmingham, UK, a Research Scientist with the Institute for Infocomm Research, Singapore, and an Assistant Professor with the Chinese Academy of Sciences. He has authored or coauthored more than 80 research publications in the areas of applied cryptography and telecommunication security. His main research interests include the analysis, design, and applications of digital signatures and security protocols.

Dr. Wang has served as a Program Cochair for six international security conferences, a Committee Member for more than 60 international conferences or workshops, and a Reviewer for over 20 international journals.

View full text

Evolving privacy: From sensors to the Internet of Things

Highlights

Abstract

Introduction

Section snippets

User-centric privacy

Content-oriented privacy

Context-oriented privacy

Further identified challenges

Conclusion

Acknowledgements

Comput. Netw.

Future Gener. Comput. Syst.

Comput. Law Secur. Rev.

Comput. Netw.

Comput. Commun.

Comput. Netw.

Comput. Commun.

Comput. Netw.

Comput. Netw.

Pervasive Mob. Comput.

Inform. Sci.

The Internet of things will change our world

ERCIM News

Privacy in the internet of things: threats andchallenges

Secur. Commun. Netw.

The quest for privacy in the internet of things

IEEE Cloud Comput.

Analysis of location privacy solutions in wireless sensor networks

IET Commun.

(Un)suitability of anonymous communication systems to WSN

IEEE Syst. J.

Design and technical evaluation of an implantable passive sensor for minimally invasive wireless intracranial pressure monitoring

What was samsung thinking?

IEEE Secur. Privacy

Efficient and provably secure aggregation of encrypted data in wireless sensor networks

ACM Trans. Sensor Netw.

Confidentiality and integrity for data aggregation in wsn using homomorphic encryption

Wirel. Pers. Commun.

RCDA: Recoverable concealed data aggregation for data integrity in wireless sensor networks

IEEE Trans. Parallel Distrib. Syst.

CDAMA: Concealed data aggregation scheme for multiple applications in wireless sensor networks

IEEE Trans. Knowl. Data Eng.

Precision-enhanced and encryption-mixed privacy-preserving data aggregation in wireless sensor networks

Int. J. Distrib. Sens. Netw.

GP2S: Generic privacy-preservation solutions for approximate aggregation of sensor data