Abstract
The growing use of ICT in public life has coerced the concept of smart cities. In a smart city, numerous physical devices coupled with latest ICT technologies are used by city authorities to provide better services and infrastructure to its citizens. Smart cities have unique security challenges. Owing to the involvement of numerous stakeholders, information security breaches can have wide ranging, long-lasting consequences. The challenges of smart city information security have not received the attention they deserve. This paper combines threat analysis and enterprise architecture modelling to address and mitigate these challenges from a holistic perspective. An information security architecture is presented, which can help stakeholders of the smart city projects to build more secure smart cities.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Al-Anbuky, A. Sensor-actuator smart lighting system: system organizational concept and challenges. In: ICT4S 2014. Atlantis Press (2014)
Anthopoulos, L., Fitsilis, P.: From digital to ubiquitous cities: defining a common architecture for urban development. In: 2010 Sixth International Conference on Intelligent Environments (IE), pp. 301–306. IEEE (2010)
Band, I., et al.: Modeling Enterprise Risk Management and Security with the ArchiMate (2015)
Bartoli, A., et al.: Security and privacy in your smart city. In: Proceeding of the Barcelona Smart Cities Congress, pp. 1–6 (2011)
Batty, M., et al.: Smart cities of the future. Eur. Phys. J. Spec. Top. 214(1), 481–518 (2012)
Bennett, C.H., Brassard, G.: Quantum Cryptography: Public Key Distribution and Con Tos5 (2014)
Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0024447
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13
Caragliu, A., Del Bo, C., Nijkamp, P.: Smart cities in Europe. J. Urban Technol. 18(2), 65–82 (2011)
Chourabi, H., et al.: Understanding smart cities: an integrative framework. In: 2012 45th Hawaii International Conference on System Science (HICSS), pp. 2289–2297. IEEE (2012)
Coplien, J., Hoffman, D., Weiss, D.: Commonality and variability in software engineering. IEEE Softw. 15(6), 37–45 (1998)
Danwei, C., Xiuli, H., Xunyi, R.: Access control of cloud service based on UCON. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) CloudCom 2009. LNCS, vol. 5931, pp. 559–564. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10665-1_52
Deng, H., Mukherjee, A., Agrawal, D.P.: Threshold and identity-based key management and authentication for wireless ad hoc networks. In: Proceedings International Conference on ITCC 2004, vol. 1, pp. 107–111. IEEE (2004)
de Oliveira Albuquerque, R., et al.: A layered trust information security architecture. Sensors 14(12), 22754–22772 (2014)
Dhillon, G., Backhouse, J.: Technical opinion: information system security management in the new millennium. Commun. ACM 43(7), 125–128 (2000)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Eschenauer, L., Gligor, V.D.: A key-management scheme for distributed sensor networks. In: Proceeding of the 9th ACM Conference on Computer and Communications Security, pp. 41–47. ACM (2002)
Filipponi, L., et al.: Smart city: an event driven architecture for monitoring public spaces with heterogeneous sensors. In: 2010 Fourth International Conference on SENSORCOMM, pp. 281–286. IEEE (2010)
Gaur, A., Scotney, B., Parr, G., McClean, S.: Smart city architecture and its applications based on IoT. Procedia Comput. Sci. 52, 1089–1094 (2015)
Jain, M.K.: Wireless sensor networks: security issues and challenges. Int. J. Comput. Inf. Technol. 2(1), 62–67 (2011)
Jalali, R., El-Khatib, K., McGregor, C.: Smart city architecture for community level services through the internet of things. In 2015 18th International Conference on ICIN, pp. 108–113. IEEE (2015)
Jalali, S., Wohlin, C.: Systematic literature studies: database searches vs. backward snowballing. In: Proceedings of the ACM-IEEE International Symposium on Empirical Software Engineering and Measurement, pp. 29–38. ACM (2012)
Jin, J., Gubbi, J., Marusic, S., Palaniswami, M.: An information framework for creating a smart city through internet of things. IEEE Internet Things J. 1(2), 112–121 (2014)
Jonkers, H., Quartel, D.A.C.: Enterprise architecture-based risk and security modelling and analysis. In: Kordy, B., Ekstedt, M., Kim, D.S. (eds.) GraMSec 2016. LNCS, vol. 9987, pp. 94–101. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46263-9_6
Juels, A.: RFID security and privacy: a research survey. IEEE J. Sel. Areas Commun. 24(2), 381–394 (2006)
Kandukuri, B.R., Rakshit, A.: Cloud security issues. In: IEEE International Conference on Services Computing, SCC 2009, pp. 517–520. IEEE (2009)
Lankhorst, M.: Enterprise Architecture at Work, 352 p. Springer, Berlin (2009). https://doi.org/10.1007/978-3-642-01310-2
Lavallee, M., Robillard, P.N., Mirsalari, R.: Performing systematic literature reviews with novices: an iterative approach. IEEE Trans. Educ. 57(3), 175–181 (2014)
Merlino, G., et al.: A smart city lighting case study on an openstack-powered infrastructure. Sensors 15(7), 16314–16335 (2015)
Mukherjee, B., Heberlein, L.T., Levitt, K.N.: Network intrusion detection. IEEE Netw. 8(3), 26–41 (1994)
Murray, W.H.: Enterprise security architecture. Inf. Syst. Secur. 6(4), 43–54 (1998)
Nam, T., Pardo, T.A.: Conceptualizing smart city with dimensions of technology, people, and institutions. In: Proceeding of the 12th Annual International Digital Government Research Conference: Digital Government Innovation in Challenging times, pp. 282–291. ACM (2011)
Nardi, J.C., Almeida, J.P.A., et al.: Service commitments and capabilities across the ArchiMate architectural layers. In: 2016 IEEE 20th International EDOCW, pp. 1–10. IEEE (2016)
Perez, R., Sailer, R., van Doorn, L.: vTPM: virtualizing the trusted platform module. In: Proceedings of 15th Conference on USENIX Security Symposium, pp. 305–320 (2006)
Ralko, S., Kumar, S.: Smart City Security (2016)
Rivest, R.L., Shamir, A., Adleman, L.M.: U.S. Patent No. 4,405,829. U.S. Patent and Trademark Office, Washington, D.C. (1983)
SANS Institute (2013). www.sans.org.information-security.php
Suo, H., Wan, J., Zou, C., Liu, J.: Security in the internet of things: a review. In: 2012 international Conference on ICCSEE, vol. 3, pp. 648–651. IEEE (2012)
The Open Group: ArchiMate 3.0 Specification. Van Haren Publishing, Zaltbommel (2016)
van Drunen, H., Willemsz, E. (eds.): ArchiMate Made Practical. ArchiMate Foundation, Netherlands (2007)
Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: 2010 Proceedings of IEEE INFOCOM, pp. 1–9. IEEE (2010)
Wenge, R., et al.: Smart city architecture: a technology guide for implementation and design challenges. China Commun. 11(3), 56–69 (2014)
Muehlen, M.Z., Ho, D.T.-Y.: Risk management in the BPM lifecycle. In: Bussler, C.J., Haller, A. (eds.) BPM 2005. LNCS, vol. 3812, pp. 454–466. Springer, Heidelberg (2006). https://doi.org/10.1007/11678564_42
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Berkel, A.R.R., Singh, P.M., van Sinderen, M.J. (2018). An Information Security Architecture for Smart Cities. In: Shishkov, B. (eds) Business Modeling and Software Design. BMSD 2018. Lecture Notes in Business Information Processing, vol 319. Springer, Cham. https://doi.org/10.1007/978-3-319-94214-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-94214-8_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94213-1
Online ISBN: 978-3-319-94214-8
eBook Packages: Computer ScienceComputer Science (R0)