Skip to main content
SpringerLink
Log in
Book cover

Internet of Things Security and Data Protection pp 191–209Cite as

User-Centric Privacy

  • Chapter
  • First Online:

Part of the book series: Internet of Things ((ITTCC))

Abstract

Security and privacy aspects are crucial for the acceptance of IoT environments. Accordingly, this chapter will focus on new approaches to enable end user to better control and protect their privacy and personal data. In particular, it will describe the work carried out in the context of the EU project SMARTIE, which proposed a user-centric platform for secure exchange and sharing based on the use of advanced cryptographic schemes. This platform is, in turn, an instantiation of a reference functional architecture derived from the IoT-A project that is also explained. Furthermore, the chapter provides a description about the use of specific technologies and approaches that are employed in the context of Smart Buildings, where data protection aspects are addressed through the mentioned platform.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD   199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/_les/2014/wp223en.pdf.

  2. 2.

    http://ec.europa.eu/justice/policies/privacy/docs/95-46-ce/dir1995-46 part1en.pdf.

  3. 3.

    http://ec.europa.eu/justice/data-protection/reform/indexen.htm.

  4. 4.

    https://ec.europa.eu/digital-single-market/en/network-and-information-security-nis-directive.

  5. 5.

    https://ec.europa.eu/digital-single-market/en/news/evaluation-and-review-directive-200258-privacy-and-electronic-communication-sector.

  6. 6.

    https://datatracker.ietf.org/wg/dice/about/.

  7. 7.

    https://cpaas.bfh.ch/.

References

  1. J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of Things (IoT): a vision, architectural elements, and future directions. Futur. Gener. Comput. Syst. 29(7), 1645–1660 (2013)

    Article  Google Scholar 

  2. G. Kortuem, F. Kawsar, V. Sundramoorthy, D. Fitton, Smart objects as building blocks for the internet of things. IEEE Internet Comput. 14(1), 44–51 (2010)

    Article  Google Scholar 

  3. E. Rescorla, N. Modadugu, Datagram transport layer security version 1.2. (No. RFC 6347) (2012)

    Google Scholar 

  4. L. Seitz, S. Gerdes, G. Selander, M. Mani, S. Kumar, Use cases for authentication and authorisation in constrained environments (No. RFC 7744) (2016)

    Google Scholar 

  5. J.L. Hernández-Ramos, D.G. Carrillo, A. Skarmeta, F. Gonçalves, L. Cortesão, J.M. Bohli, M. Bauer, SMARTIE: a secure platform for Smart Cities and IoT. Eng. Secure Intern. Things Syst. 2, 75 (2016)

    Article  Google Scholar 

  6. D. Bonino, M.T.D. Alizo, A. Alapetite, T. Gilbert, M. Axling, H. Udsen, et al., Almanac: internet of things for smart cities, in Future Internet of Things and Cloud (FiCloud), 2015 3rd International Conference, (IEEE, New York, 2015), pp. 309–316

    Chapter  Google Scholar 

  7. H.C. Pöhls, V. Angelakis, S. Suppan, K. Fischer, G. Oikonomou, E.Z. Tragos, et al., RERUM: building a reliable IoT upon privacy-and security-enabled smart objects, in Wireless Communications and Networking Conference Workshops (WCNCW), 2014 IEEE, (IEEE, New York, 2014), pp. 122–127

    Google Scholar 

  8. J.B. Bernabe, I. Elicegui, E. Gandrille, N. Gligoric, A. Gluhak, C. Hennebert, et al., SocIoTal—the development and architecture of a social IoT framework, in Global internet of things summit (GIoTS), 2017, (IEEE, New York, 2017), pp. 1–6

    Google Scholar 

  9. A. Bassi, M. Bauer, M. Fiedler, T. Kramp, R. Van Kranenburg, S. Lange, S. Meissner, Enabling things to talk (Springer, Berlin, 2016)

    Google Scholar 

  10. T. Cooper, R. LaSalle, Guarding and growing personal data value. Accenture Institute for High Performance (2015)

    Google Scholar 

  11. A. Poikola, K. Kuikkaniemi, H. Honko, Mydata a nordic model for human-centered personal data management and processing. Finnish Ministry of Transport and Communications (2015)

    Google Scholar 

  12. D. Ferraiolo, J. Cugini, D.R. Kuhn. Role-based access control (RBAC): features and motivations. In Proceedings of 11th annual computer security application conference (1995), pp. 241–248

    Google Scholar 

  13. E. Yuan, J. Tong, Attributed based access control (ABAC) for web services, in Web Services, 2005. ICWS 2005. Proceedings. 2005 IEEE International Conference, (IEEE, New York, 2005)

    Google Scholar 

  14. T. Moses, Extensible access control markup language (xacml) version 2.0. Oasis Standard, 2005 (2005)

    Google Scholar 

  15. J.L. Hernández-Ramos, A.J. Jara, L. Marín, A.F. Skarmeta Gómez, DCapBAC: embedding authorisation logic into smart things through ECC optimisations. Int. J. Comput. Math. 93(2), 345–366 (2016)

    Article  Google Scholar 

  16. C.M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. M. Thomas, T. Ylonen, SPKI certificate theory (1999), RFC2693

    Google Scholar 

  17. M. Jones, J. Bradley, N. Sakimura, Json web token (jwt) (No. RFC 7519) (2015)

    Google Scholar 

  18. J.B. Bernabe, J.L.H. Ramos, A.F.S. Gomez, TACIoT: multidimensional trust-aware access control system for the Internet of Things. Soft. Comput. 20(5), 1763–1779 (2016)

    Article  Google Scholar 

  19. T. Hardjono, E. Maler, M. Machulak, D. Catalano. User-managed access (uma) profile of oauth 2.0. Kantara Initiative, Recommendation, 04 (2014)

    Google Scholar 

  20. J.L. Hernández-Ramos, J.B. Bernabe, M. Moreno, A.F. Skarmeta, Preserving smart objects privacy through anonymous and accountable access control for a m2m-enabled internet of things. Sensors 15(7), 15611–15639 (2015)

    Article  Google Scholar 

  21. J. Camenisch, E. Van Herreweghen, Design and implementation of the idemix anonymous credential system, in Proceedings of the 9th ACM conference on Computer and communications security, (ACM, New York, 2002), pp. 21–30

    Google Scholar 

  22. Z. Shelby, K. Hartke, C. Bormann, B. Frank. The Constrained Application Protocol (CoAP)(RFC 7252), 2014 (2016)

    Google Scholar 

  23. A. Sahai, B. Waters, Fuzzy identity-based encryption. Eur. Secur. 3494, 457–473 (2005)

    MathSciNet  MATH  Google Scholar 

  24. V. Goyal, O. Pandey, A. Sahai, B. Waters, Attribute-based encryption for fine-grained access control of encrypted data, in Proceedings of the 13th ACM conference on Computer and communications security, (ACM, New York, 2006), pp. 89–98

    Google Scholar 

  25. J. Bethencourt, A. Sahai, B. Waters, Ciphertext-policy attribute-based encryption, in Security and Privacy, 2007. SP’07. IEEE Symposium on, (IEEE, New York, 2007), pp. 321–334

    Chapter  Google Scholar 

  26. SMARTIE. Deliverable 2.3: SMARTIE initial architecture specification, http://www.smartie-project.eu/download/D2.3-Initial%20Architecture%20Specification.pdf

  27. J.L. Hernandez-Ramos, J.B. Bernabé, A. Skarmeta, ARMY: architecture for a secure and privacy-aware lifecycle of smart objects in the internet of my things. IEEE Commun. Mag. 54(9), 28–35 (2016)

    Article  Google Scholar 

  28. D. Forsberg, Y. Ohba, B. Patil, H. Tschofenig, A. Yegin. Protocol for carrying authentication for network access (PANA) (No. RFC 5191) (2008)

    Google Scholar 

  29. J.L. Hernández-Ramos, D.G. Carrillo, R. Marín-López, A.F. Skarmeta, Dynamic security credentials pana-based provisioning for IoT smart objects, in Internet of Things (WF-IoT), 2015 IEEE 2nd World Forum, (IEEE, New York, 2015), pp. 783–788

    Chapter  Google Scholar 

Download references

Acknowledgment

This chapter includes results shared by the European research project CPaaS.io (Grant Agreement N° 723076); IoTCrawler (Grant Agreement N° 779852); and Fed4IoT (Grant Agreement N° 814918), which has received partial funding from the European Commission as well as by the Spanish Ministry of Economy and Competitiveness through the Torres Quevedo program (Grant Agreement N° TQ-15-08073).

Author information

Authors and Affiliations

  1. Universidad de Murcia, Murcia, Spain

    Antonio Skarmeta & José L. Hernández-Ramos

  2. Odin Solutions, Murcia, Spain

    Juan A. Martinez

Authors
  1. Antonio Skarmeta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. José L. Hernández-Ramos
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Juan A. Martinez
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Antonio Skarmeta .

Editor information

Editors and Affiliations

  1. Mandat International, Geneva, Switzerland

    Sébastien Ziegler

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Skarmeta, A., Hernández-Ramos, J.L., Martinez, J.A. (2019). User-Centric Privacy. In: Ziegler, S. (eds) Internet of Things Security and Data Protection. Internet of Things. Springer, Cham. https://doi.org/10.1007/978-3-030-04984-3_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-04984-3_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-04983-6

  • Online ISBN: 978-3-030-04984-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation