Security Services PlatfoRm for the INternet of Things

Funded by Spanish Ministry of Science (TIN 2009-09237)
Duration: 01/01/2010 to 31/12/2013
Website: http://www.nics.uma.es/SPRINT/

Project Overview: 

The Internet of Things (IoT) depicts an scenario where both the virtual and real world interweave by embedding sensors, actuators, RFID tags and other similar technologies in everyday objects. Furthermore, such objects will be connected to the Internet providing the network with real-time information. In this landscape, a new range of security services is expected. Consequently, the goal of this project is to develop a Security Services Platform to facilitate future software developers the seamless integration of secure services into their software specifically designed for the IoT scenario.

The SPRINT platform requires an in-depth analysis of the original IoT security requirements since it introduces significant differences in comparison with traditional Internet scenarios [1][2][3]. The development of basic and network security services is deemed critical for a fruitful integration of tiny limited devices with the current computer-based Internet [4]. More precisely, a secure network connectivity service [5] as well as a distributed intrusion detection service will be devised [6]. Also, the SPRINT platform will incorporate a service for trading off between security and quality of service, which is of vital importance given the extreme resource limitation of the involved objects.

The aforementioned services will provide a basis for the development of advanced security services specifically redesigned for the IoT environment. An identity and privacy management service will provide a privacy-preserving identification scheme depending on the requirements of the other communicating party, whether a human or another object. Also, a trust management service in order for objects to determine what relationships might be established with each other. Moreover, a secure object location service will guarantee the localization of objects[7], an intrinsic problem to the interaction with the objects of the physical world. Finally, all these services will be integrated into the platform and evaluated.


  1. R. Roman, and J. Lopez, "Integrating Wireless Sensor Networks and the Internet: A Security Analysis",
    Internet Research, vol. 19, no. 2, Emerald, pp. 246-259, Mar 2009. DOI (I.F.: 0.844)More..


    Purpose: This paper aims to analyze the security issues that arise when integrating wireless sensor networks (WSN) and the internet. Also, it seeks to review whether existing technology mechanisms are suitable and can be applied in this context.

    Design/methodology/approach: The paper considers the possible approaches that can be used to connect a WSN with the internet, and analyzes the security of their interactions.

    Findings: By providing the services of the network through a front-end proxy, a sensor network and the internet can interact securely. There are other challenges to be solved if the sensor nodes are integrated into the internet infrastructure, although there exists interesting advances on his matter.

    Research limitations and implications: The complete integration of sensor networks and the internet still remains as an open issue.

    Practical implications: With the current state of the art, it is possible to develop a secure sensor network that can provide its services to internet hosts with certain security properties.

    Originality/value: The paper studies the interactions between sensor networks and the internet from the point of view of security. It identifies both solutions and research challenges.

    Impact Factor: 0.844
    Journal Citation Reports® Science Edition (Thomson Reuters, 2009)

  2. J. Lopez, R. Roman, and P. Najera, "Los Desafíos de Seguridad en la Internet de los Objetos",
    Revista SIC, vol. 88, Ediciones CODA, pp. 66-73, Feb 2010. More..


    El paradigma de la Internet de los Objetos, donde todos aquellos objetos físicos que nos rodean tendrán la capacidad de generar y consumir información en el ámbito de un mundo virtual, se encuentra cada vez más cerca. Es ahora un buen momento para llamar la atención sobre sus principales desafíos de seguridad, tanto desde un punto de vista global como asociados a sus elementos más importantes (la tecnología RFID y las redes de sensores). Así, este paradigma puede ser plenamente comprendido y protegido, evolucionando hacia uno de los nuevos pilares del futuro.

  3. R. Roman, C. Alcaraz, J. Lopez, and N. Sklavos, "Key management systems for sensor networks in the context of the Internet of Things",
    Computers & Electrical Engineering, vol. 37, Elsevier, pp. 147-159, Mar 2011. DOI (I.F.: 0.837)More..


    If a wireless sensor network (WSN) is to be completely integrated into the Internet as part of the Internet of Things (IoT), it is necessary to consider various security challenges, such as the creation of a secure channel between an Internet host and a sensor node. In order to create such a channel, it is necessary to provide key management mechanisms that allow two remote devices to negotiate certain security credentials (e.g. secret keys) that will be used to protect the information flow. In this paper we will analyse not only the applicability of existing mechanisms such as public key cryptography and pre-shared keys for sensor nodes in the IoT context, but also the applicability of those link-layer oriented key management systems (KMS) whose original purpose is to provide shared keys for sensor nodes belonging to the same WSN.

    Impact Factor: 0.837
    Journal Citation Reports® Science Edition (Thomson Reuters, 2011)

  4. C. Alcaraz, R. Roman, P. Najera, and J. Lopez, "Acceso seguro a redes de sensores en SCADA a través de Internet",
    XI Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2010), pp. 337-342, September, 2010. More..


    Las Infraestructuras Críticas (ICs) son monitorizadas por sistemas altamente complejos, conocidos como sistemas SCADA (Sistemas de Control y Adquisición de Datos), cuyo principal soporte se encuentra en las subestaciones, las cuales miden de primera instancia el estado real de tales ICs. Para mejorar este control, la industria está actualmente demandando la integración en el modelo tradicional de dos avances tecnológicos: Internet y las redes de sensores inalámbricas. Sin embargo, su incorporación requiere analizar los requisitos de seguridad que surgen en dicho contexto, así como diversos aspectos correlacionados (ej. mantenimiento, rendimiento, seguridad y optimización) y, en base a estos, la estrategia de integración más adecuada para satisfacer dichos requisitos. Este artículo proporciona dicho análisis en profundidad con el fin de ofrecer un modelo de integración seguro adecuado para entornos críticos.

  5. C. Alcaraz, P. Najera, J. Lopez, and R. Roman, "Wireless Sensor Networks and the Internet of Things: Do We Need a Complete Integration?",
    1st International Workshop on the Security of the Internet of Things (SecIoT’10), IEEE, pp. xxxx, December, 2010. More..


    Wireless sensor networks (WSN) behave as a digital skin, providing a virtual layer where the information about the physical world can be accessed by any computational system. As a result, they are an invaluable resource for realizing the vision of the Internet of Things (IoT). However, it is necessary to consider whether the devices of a WSN should be completely integrated into the Internet or not. In this paper, we tackle this question from the perspective of security. While we will mention the different security challenges that may arise in such integration process, we will focus on the issues that take place at the network level.

  6. C. Alcaraz, A. Balastegui, and J. Lopez, "Early Warning System for Cascading Effect Control in Energy Control Systems",
    5th International conference on Critical Information Infrastructures Security (CRITIS’10), LNCS 6712, Springer, pp. 55-67, September, 2010. More..


    A way of controlling a cascading effect caused by a failure or a threat in a critical system is using intelligent mechanisms capable of predicting anomalous behaviours and also capable of reacting against them in advance. These mechanisms are known as Early Warning Systems (EWS) and this will be precisely the main topic of this paper. Specially, we present an EWS design based on a Wireless Sensor Network (using the ISA100.11a standard) that constantly supervise the application context. This EWS is also based on forensic techniques to provide dynamic learning capacities. As a result, this new approach will aid to provide a reliable control of incidences by offering a dynamic alarm management, identification of the most suitable field operator to attend an alarm, reporting of causes and responsible operators, and learning from new anomalous situations.

  7. R. Rios, and J. Lopez, "Source Location Privacy Considerations in Wireless Sensor Networks",
    4th International Symposium of Ubiquitous Computing and Ambient Intelligence (UCAmI’10), L. Fuentes, N. Gámez, and J. Bravo Eds., IBERGARCETA PUBLICACIONES, S.L., pp. 29 - 38, Sept., 2010. More..


    Wireless Sensor Networks are considered to be one of the cornerstones of Ambient Intelligence since they can be used in countless applications, where sensors are unobtrusively embedded into the environment to perform operations like monitoring, tracking and reporting. In such scenarios, privacy issues must be carefully considered since the mere observation of the network operation might reveal great amounts of private information to unauthorised parties. One of the problems that is gaining more attention in the realm of privacy, is the location privacy problem, which aims to prevent an attacker from obtaining the location of specific nodes of interest to him. In this paper we provide a general overview of the proposed solutions to counter this threat. Finally, we will also discuss some open challenges and future directions of research for a convenient management of privacy issues in smart environments.