Ciência-IUL
Publications
Publication Detailed Description
Towards transparent and secure IoT: Improving the security and privacy through a user-centric rules-based system
Journal Title
Electronics
Year (definitive publication)
2023
Language
English
Country
Switzerland
More Information
Web of Science®
Scopus
Google Scholar
Abstract
In recent years, we have seen a growing wave in the integration of IoT (Internet of Things) technologies into society. This has created new opportunities, but at the same time given rise to several critical issues, creating new challenges that need to be addressed. One of the main challenges is the security and privacy of information that is processed by IoT devices in our daily lives. Users are, most of the time, unaware of IoT devices’ personal information collection and transmission activities that affect their security and privacy. In this work, we propose a solution that aims to increase the privacy and security of data in IoT devices, through a system that controls the IoT device’s communication on the network. This system is based on two basic and simple principles. First, the IoT device manufacturer declares their device’s data collection intentions. Second, the user declares their own preferences of what is permitted to the IoT device. The design of the system includes tools capable of analyzing packets sent by IoT devices and applying network traffic control rules. The objective is to allow the declaration and verification of communication intentions of IoT devices and control the communication of such devices to detect potential security and privacy violations. We have created a test-bed to validate the developed solution, based on virtual machines, and we concluded that our system has little impact on how the overall system performed.
Acknowledgements
We would like to thank all the support provided by SCNL Truphone, S.A. Also, we would like to thank the research environment provided by the Information Sciences, Technologies, and Architecture Research Center (ISTAR), supported by Fundação para a Ciência
Keywords
Security,Privacy,IoT networks,Intent declaration,Communication rights and permissions,Traffic analysis
Fields of Science and Technology Classification
- Computer and Information Sciences - Natural Sciences
- Physical Sciences - Natural Sciences
- Civil Engineering - Engineering and Technology
- Electrical Engineering, Electronic Engineering, Information Engineering - Engineering and Technology
Funding Records
Funding Reference | Funding Entity |
---|---|
UIDB/04466/2020 | Fundação para a Ciência e a Tecnologia |
UIDP/04466/2020 | Fundação para a Ciência e a Tecnologia |
Related Projects
This publication is an output of the following project(s):