Scientific journal paper Q2
Towards transparent and secure IoT: Improving the security and privacy through a user-centric rules-based system
João Lola (Lola, J.); Carlos Serrão (Serrão, C.); João Casal (Casal, J.);
Journal Title
Electronics
Year (definitive publication)
2023
Language
English
Country
Switzerland
More Information
Web of Science®

Times Cited: 0

(Last checked: 2024-11-21 14:23)

View record in Web of Science®

Scopus

Times Cited: 0

(Last checked: 2024-11-19 15:29)

View record in Scopus

Google Scholar

Times Cited: 1

(Last checked: 2024-11-17 14:14)

View record in Google Scholar

Abstract
In recent years, we have seen a growing wave in the integration of IoT (Internet of Things) technologies into society. This has created new opportunities, but at the same time given rise to several critical issues, creating new challenges that need to be addressed. One of the main challenges is the security and privacy of information that is processed by IoT devices in our daily lives. Users are, most of the time, unaware of IoT devices’ personal information collection and transmission activities that affect their security and privacy. In this work, we propose a solution that aims to increase the privacy and security of data in IoT devices, through a system that controls the IoT device’s communication on the network. This system is based on two basic and simple principles. First, the IoT device manufacturer declares their device’s data collection intentions. Second, the user declares their own preferences of what is permitted to the IoT device. The design of the system includes tools capable of analyzing packets sent by IoT devices and applying network traffic control rules. The objective is to allow the declaration and verification of communication intentions of IoT devices and control the communication of such devices to detect potential security and privacy violations. We have created a test-bed to validate the developed solution, based on virtual machines, and we concluded that our system has little impact on how the overall system performed.
Acknowledgements
We would like to thank all the support provided by SCNL Truphone, S.A. Also, we would like to thank the research environment provided by the Information Sciences, Technologies, and Architecture Research Center (ISTAR), supported by Fundação para a Ciência
Keywords
Security,Privacy,IoT networks,Intent declaration,Communication rights and permissions,Traffic analysis
  • Computer and Information Sciences - Natural Sciences
  • Physical Sciences - Natural Sciences
  • Civil Engineering - Engineering and Technology
  • Electrical Engineering, Electronic Engineering, Information Engineering - Engineering and Technology
Funding Records
Funding Reference Funding Entity
UIDB/04466/2020 Fundação para a Ciência e a Tecnologia
UIDP/04466/2020 Fundação para a Ciência e a Tecnologia
Related Projects

This publication is an output of the following project(s):