Security and Privacy in the Internet of Things : Antonio F. Skarmeta

Transcription

1 Security and Privacy in the Internet of Things : Antonio F. Skarmeta <skarmeta@um.es> University of Murcia (UMU) SPAIN

2 Motivation Security and privacy concerns were always there but we need to move from an enterprise-centric, to usercentric approaches to smart object-centric solutions IoT testbeds are not labs, but cities involving citizens and their devices! The data sharing paradox in IoT - To share or not to share, this is NOT the question People want/like/need to share (Facebook, Twitter, ) the question is how, what, why and under which circumstances! 2

3 Motivation The data sharing paradox in IoT - To share or not to share, this is NOT the question I want to share my energy consumption, but not if I am at home! Who owns the information on a Smart City? Citizens? City Council? Need for cross and multidisciplinary approaches: Involvement of citizens is crucial Smart Cities are for them! Able to address the lifecycle of Smart Objects Security and privacy are cross Operational concerns do not matter if smart objects were given fake credentials! 3

4 Motivation: Moving towards an user s environment connected Internet Servers & PCs Internet Humans & People Internet Smart objects Internet Extend Identity to Things Right delegation Current Internet evolving towards a global network of interconnected smart objects affecting our everyday lives Development of wireless communications accelerating this trend Unprecedented economic and social opportunities companies people for and Add things temporarily to their personal space 4

5 Extend IdM to Virtual IDs in IoT and Users make sense of it Digital ID designate Identity refer to Entity 5 Used partial ID Ideal target: no link Best of two worlds Block the link between partial ID to entity privacy Maximize capability of partial ID to support functions & operations functionality Real Passport Passport idea Partial Digital ID Partial Identity filter Virtual Identity* filter Full IdM Identity Construct / Concept? INTERNET * e.g. role based 5

6 Trust relationships vs. SN links Access to devices is assigned trust levels (bubbles). These trust levels are expressed as additional qualifiers in the social network relationship of a person. In this example Trust level A also encompasses devices/ data providers under trust level B. Ownership encompasses personal access to devices and data providers. Trust level A Trust level B Person B Ownership level (full access) Is-a-friend Person A Ownership level (full access) Is-a-friend Person C IoT devices IoT device IoT devices DP 1 DP 2 DP n DP 1 DP 2 DP 3 DP 4 DP 1 DP 2 DP n 6

7 Virtual Identities in IoT 7

8 Infrastructure for Identity and IoT Real need exists for a suitable infrastructure to be in place: IoT Addressing: an IoT address refers to an identifier of a smart object and/or its virtual representation. IoT Naming: it refers to mechanisms and techniques for assigning names to objects and supporting their resolution/mapping to IoT addresses. IoT Discovery: it refers to the process of locating and retrieving IoT resources in the scope of a large and complex space of smart objects. The attributes managed and associated to an identifier can be exploited by an identity management system: Restricting the access to attributes to authorized smart objects. Anonymous credential provisioning and partial identity management based on the attributes that are registered. Generation of authorization credentials to enable M2M secure communications, based on attributes to make access control decisions. 8

9 The lifecycle of a device in the Internet of Things Let start from the beginning!!! 9

10 Trust, Security and Privacy challenges Requirements from Security Lightweight design and efficient implementation of security mechanisms and cryptographic algorithms Secure implementations in hardware and/or software Interoperable and scalable security mechanisms Requirements from Privacy Need for considering privacy in earlier stages (privacy-by design) Scenarios managing particularly sensitive information, access control mechanisms are essential Mechanisms supporting minimal or selective disclosure of PII Requirements from Trust From privacy by design to trustworthy by design Dynamic Trust Management 10

11 Operational challenges in Security Standard security and access control mechanisms are used over the Internet today These proposals often based on heavy primitives, difficult application on resource-constrained devices Unlike current Internet, smart objects are working in harsh and uncontrolled environments, prone to attacks and misuse and being controlled by nonexpert users Control on information sharing in IoT sharing requires advanced privacypreserving IdM techniques Requirements from Management Scenarios with millions of heterogeneous devices can not be managed by centralized and out-of-band approaches self-management techniques should be supported It includes the application of scalable mechanisms for bootstrapping, configuration, upgrading and key management 11

12 Integral Security Security and and Privacy Privacy Framework Framework (Operation) Based on lightweight and flexible security approaches to make them available even for M2M constrained environments (CE): IETF ACE, DICE WGs focused on security for CE Use of the Constrained Application Protocol (CoAP - RFC 7252) as an application protocol Use of Datagram Transport Layer Security (DTLS) (RFC 6347) based on ECC Raw Public Keys for authentication Use of the Distributed Capability-Based Access Control (DCapBAC) approach for authorization 12

13 Integral Security Security and and Privacy Privacy Framework Framework (Operation) Use of advanced and flexible cryptographic schemes enabling secure group communications: Based on certificateless public key cryptography (CP-ABE) CP-ABE keys obtained during the registration associated to smart object s attributes Additional use of partial identities for minimal PII disclosure integration Proof-of-Possession (PoP) based on anonymous credentials systems (e.g. Idemix) with DCapBAC tokens 13

14 Conclusion: Security Challenges in a fully connected World Trust Framework 1. Policies for trust in heterogeneous environment: definition of policies that include technical, organization and business aspects. Auditing and enforcement schemes for policies 2. Trusted environment on the device: device integrity, using TPM, PKI and eid systems. Bootstrapping trust on the device, related functions and protocols 3. Service integrity (ensuring trusted and reliable operations): CA, reputation system as complementary schemes. Methods for the development of trusted services integrity by design. Disaster recovery, graceful recovery from failure 4. Data lifecycle management: access control, secure storage revision management and collaborative schemes and proof of termination. Security and Trustworthiness 1. Transparent of the trust and accountability: Security audit and Service integrity 2. Vision from the user on interaction with the trust. Transversal Approach 1. the educational and training actions seems to be disperse over subsection that could be more clearly related. Curricula and training programs 2. multidisciplinary research in security. It is important to introduce some reference to the collaboration between disciplines to take into account the different perspectives. 14

15 Thanks Antonio F. Skarmeta University of Murcia (UMU) SPAIN 15