The world is going through growth in smart cities, and this is possible because of a revolution of information technology contributing towards social and economic changes and hence endowing challenges of security and privacy. At present, everything is connected through internet of things in homes, transport, public progress, social systems, etc. Nevertheless, they are imparting incomparable development in standard of living. Unified structure commits to welfare, well-being, and protection of people. This chapter surveys two consequential threats, that is, privacy and security. This chapter puts forward review of some paperwork done before consequently finding the contributions made by author and what subsequent work can be carried out in the future. The major emphasis is on privacy security of smart cities and how to overcome the challenges in achievement of protected smart city structure.
Top1 Introduction
Kevin Ashton first used the term “Internet of Things” in 1999 (Ashton, n.d.). It was during his work at Procter & Gamble. Though the term IoT was coined just 21 years ago, the concept itself has been relevant since the 1970s. In (Domingue et al., 2009), IoT is defined as, “A world where physical objects are seamlessly integrated into a sophisticated network” and “Services are available to mingle with the help of these ‘physical objects’ over the Internet”.
The IoT shows a lot of promise as a technology however, the concern lies in the security practices and height of privacy that this technology has achieved and can achieve. This paper focuses on different technicalities that stand out as drawbacks of IoTs and different techniques that have been employed, proposed or are being practiced currently. This paper is divided into 5 sections. Different aspects of security have been further discussed with different approaches that people all over the world have taken to counter this short-coming. The safety features of IoTs are very well covered under three aspects as shown in figure below (Ngu et al., 2016):
The security is often defined in terms of 3 traits- Confidentiality, Integrity and Availability as in (Jang-Jaccard & Nepal, 2014). Confidentiality ensures that the data is safe and no one gets it except the one that the data is meant for. Integrity ensures that data is handled or dealt in an honest manner by the desired people. And availability means the system is strong and stable enough to cater all the needs and function properly for all. In (Lopez et al., 2009), more properties of security are discussed including forward and backward secrecy, etc.
The privacy characteristic ensures anonymity and seclusion from the entities that one doesn’t wish to share the data with. This characteristic provides the client or user the appropriate safety that their information is not viewed by undesirable people like hackers.
‘The trust is the characteristic that deals with developing a sense of accountability in the service providers with respect to the data or service pertaining to any client’. The trust factor plays vital role in getting people on board with the said technology with the recognition that they are protected by the enterprises they seek service from. The trust factor can be defined in terms of traits like authentication and authorization in addition to accountability. According to (Burrows et al., 1989), the authentication ensures that the data that is sent through the server is sent by a legit person, whereas (Cirani et al., 2015), states that authorization ensures that the data is received by an authorized person for processing.
In paper (Frustaci et al., 2018), the authors have discussed the present and future challenges to the security concern of the IoT technology. The authors take an approach by focusing on the different layers in the model of IoT viz., Perception Layer, Transportation Layer and Application Layer. This approach helps in focusing on threats and finding a valid solution for them in a robust manner.
Perception layer includes sensors like GPS, RFIDs,RSN, etc. Transportation layer is the medium for the devices in perception layer and Application Layer provides services requested by the devices. The certain vulnerabilities pertaining to each layer are studied to help form a better strategy for countering the element of risk in IoT adaptation. Perception layer is what connects people to IoTs. To make people comfortable with the notion of IoT and help them evolve to include it in their daily lives, Trust Factor plays a vital role.
According to (Jing et al., 2014) the digital signature is a very promising piece in trust management system to claim data authentication, device authentication and data exchange.
In transportation layer we arrive to issues that are unique to it. According to (Wang & Wang, 2011) & (Zhang et al., 2013), when the wide varieties of heterogeneous devices converge in the transport layer, security problems are bound to happen. The transportation layer is also the layer most vulnerable to DDos attacks (Yi, 2010), in addition to attacks like middle attacks, phishing sites attacks, etc. but according to (Zhang & Wang, 2006), these attacks can be countered with the help of required intrusion detection and authentication mechanisms.