Internet of Things

Internet of Things

IoT Governance, Privacy and Security Issues

EUROPEAN RESEARCH CLUSTER ON THE INTERNET OF THINGS

January, 2015

"Just as energy is the basis of life itself, and ideas the source of innovation, so is innovation the vital spark of all human change, improvement and progress."

Ted Levitt

IERC - EUROPEAN RESEARCH CLUSTER ON THE INTERNET OF THINGS

IERC Coordinators: Ovidiu Vermesan, Coordinator IERC Cluster, Ovidiu.VERMESAN@sintef.no Peter Friess, Coordinator IERC Cluster, European Commission, Peter.FRIESS@ec.europa.eu Authors Gianmarco Baldini, (DG JRC-EC) Trevor Peirce (Avanta Global), Maarten Botterman (GNKS Consult) Maria Chiara Talacchini, (DG JRC-EC) Angela Pereira (DG JRC ? EC) Marcus Handte (University of Duisburg-Essen), Domenico Rotondi (TXT Group), Henrich C. P?hls (Passau University), Ovidiu Vermesan (SINTEF), Atta Baddii (University of Reading), Bertrand Copigneaux (Inno Ag), Schreckling, Daniel (Passau University), Luca Vigano (University of Verona), Gary Steri (DG JRC ? EC) Salvatore Piccione (TXT Group), Panagiotis Vlacheas (UPRC) Vera Stavroulaki (UPRC) Dimitris Kelaidonis (UPRC) Ricardo Neisse (DG JRC-EC) Elias Tragos (ICS - FORTH), Philippe Smadja (GEMALTO) Christine Hennebert (CEA LETI) Martin Serrano (National University of Ireland Galway) Stefano Severi (Jacobs University) Giuseppe Abreu (Jacobs University) Peter T. Kirstein (University College London) Socrates Varakliotis (University College London) Antonio Skarmeta (University of Murcia)

Contributing SDOs, Projects and Initiatives

iCore, GAMBAS, BUTLER, CEN/CENELEC, ETSI, ISO, PROBE-IT, SPaCIoS, IoT@Work, COMPOSE, RERUM, OpenIoT, IoT6, Value-Ageing

IERC

??? 2 / 128

IERC - EUROPEAN RESEARCH CLUSTER ON THE INTERNET OF THINGS

Acknowledgements The IERC would like to thank the European Commission services for their support in the planning and preparation of this document. The recommendations and opinions expressed in this document do not necessarily represent those of the European Commission. The views expressed herein do not commit the European Commission in any way.

? European Communities, 2015. Reproduction authorised for non-commercial purposes provided the source is acknowledge.

IERC

??? 3 / 128

Table of content

Table of content.....................................................................................................4 Executive Summary................................................................................................9 Introduction ......................................................................................................... 10 Overview of IoT Governance, Privacy and Security Issues .....................................13

RELATED WORK......................................................................................................... 13 IDENTIFICATION OF CHALLENGES FOR GOVERNANCE SECURITY AND PRIVACY IN IOT .................................................................................................................................. 15

Context based security and privacy....................................................................... 15 Cyber-Physical systems and IoT............................................................................. 16 Identification in a distributed environment........................................................... 17 Device authentication............................................................................................ 18 Data Correlation and Information Retrieval ......................................................... 18 Anonymization of users' data in a distributed and mobile environment.............. 18 Anonymization of protocol metadata in a distributed and mobile environment . 18 Scalability for the billions of devices in IoT............................................................ 19 Secure Setup and Configuration ............................................................................ 19 Physical availability of devices .............................................................................. 19 Critical infrastructures and IoT .............................................................................. 20 Conflicting market interest.................................................................................... 20 Considering IoT in an evolving Internet................................................................. 20 Delegation of human autonomy in IoT ................................................................. 21 Human IoT Trust relationship ................................................................................ 21 Risks of isolation and confinement........................................................................ 22 Ethics and Internet of Things ................................................................................23 ETHICS AND SCIENCE & TECHNOLOGY ................................................................................. 23 ETHICS & ICT................................................................................................................ 24 ETHICS AND ASSISTIVE ROBOTICS ...................................................................................... 25 FROM ICT TO IOT ETHICS ................................................................................................ 27 SOME ETHICAL HINTS FOR IOT .......................................................................................... 29 SPACES FOR ETHICS IN THE GOVERNANCE OF IOT ...................................................... 31 Map of FP7 projects in the cluster ........................................................................33 INTRODUCTION.............................................................................................................. 33

MAP OF DELIVERABLES FROM FP7 PROJECTS TO GOVERNANCE, SECURITY, PRIVACY AND ETHICS. .. 33 MAP OF THE RESULTS/TECHNICAL SOLUTIONS FROM FP7 PROJECTS ......................................... 34 PROJECTS CONTRIBUTING TO AC05 CLUSTER....................................................................... 36

iCore....................................................................................................................... 36 BUTLER .................................................................................................................. 37 GAMBAS ................................................................................................................ 39 SPaCIoS .................................................................................................................. 40 RERUM................................................................................................................... 41 IoT@Work.............................................................................................................. 43 COMPOSE .............................................................................................................. 45 OpenIoT ................................................................................................................. 47 Value-Ageing ......................................................................................................... 49 IoT6 ........................................................................................................................ 50 Technological enablers and design solutions.........................................................52 SOLUTIONS FROM CLUSTERS PROJECTS ............................................................................... 53 Usage Control Toolkit ............................................................................................ 53 Sticky Flow Policies ................................................................................................ 56 Secure Middleware based on policy management ............................................... 57 Capabilities based policy management................................................................. 58 Contracts ............................................................................................................... 58 Models for verification and testing ....................................................................... 59 Authentication/Authorization ............................................................................... 61 Authorisation and Service Composition using HANDLE ........................................ 62 Cryptography in IoT ............................................................................................... 64 Management functions ......................................................................................... 65 Secure Setup and Configuration ............................................................................ 66 Audit and monitoring solutions ............................................................................. 66 Using Pseudonymization ....................................................................................... 67 Trust and Reputation Systems............................................................................... 67 SOLUTIONS NOT DEFINED IN THE CLUSTER PROJECTS ............................................................. 68 Identity management ............................................................................................ 68 Autonomic Computing........................................................................................... 70 Anonymizing the Traffic in the Networks .............................................................. 70 Privacy Enhancing Technologies (Anonymous Credentials) .................................. 72 Trust Negotiation .................................................................................................. 73 Physical Unclonable Functions .............................................................................. 74

IERC

??? 5 / 128

IERC - EUROPEAN RESEARCH CLUSTER ON THE INTERNET OF THINGS

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download