Internet of Things
The vision of the Internet of Things (IoT) can be realized in multiple ways: from passive objects connected to centralized cloud infrastructures, to distributed and collaborative systems where decisions can be delegated to the edge of the network – either to the things themselves or to edge devices in paradigms like fog computing. Nevertheless, all these approaches share a common goal: "to create a worldwide network of interconnected entities". These entities range from human beings to everyday objects (cars, appliances) and specialized tools (industrial machinery, medical devices). Within the context of the IoT, all of these entities can behave as producers and consumers of services, and can also communicate with each other - either directly or indirectly, However, it is not a trivial task to create fault-tolerant IoT infrastructures that are protected against failures and attacks. For this very reason, over the last few years NICS has been working on the development of novel security mechanisms in this area.
In previous projects, NICS has developed several IoT security mechanisms in various scenarios, such as i) Smart Cities (ENVIA, BIO-VIA), where we studied how smart pavement and other local (e.g. mobile phones) and remote entities (e.g. Internet Services) could securely interact with each other; ii) Intelligent Transport systems (DEPHISIT), where sensors located within a vehicle enabled value-added services such as traffic management and road safety, iii) e-Health, where we analyzed the secure interaction of IoT building blocks (WSN, RFID) , and iv) Smart grids (TIGRIS), where we addressed authentication and authorization within particular critical areas and the secure interaction with the cloud.
Another area that NICS has studied in these last years is related to the security requirements and protocols that will be needed in a distributed IoT. Here, multiple entities located at the edge of the network can locally and remotely collaborate with each other without depending on a purely centralized infrastructure. In the context of various projects, such as SPRINT, NESSoS, IOT-SEC, and ENVIA, we studied the security challenges  and secure engineering challenges  related to this particular deployment strategy, and developed various security protocols such as key exchange between constrained clients and servers . Currently we are studying various nascent hierarchical and distributed infrastructures, such as Fog Computing and Mobile Edge Computing, whose goal is to push IoT intelligence to the edge .
NICS is also currently working in the secure integration of IoT infrastructures in industrial systems. In the subject of cyber-physical systems and control wireless networks, we are aiming to achieve automatic restoration and self-healing while complying with properties such as optimization and robustness , and we have also studied the integration such control wireless networks with external services (e.g. cloud services) within an industrial substation . Moreover, the development of advanced detection systems that can limit the effect of Advanced Persistent Threats (APT) in the context of the Industrial Internet of Things / Industry 4.0 is one of the main goals of the SADCIP project.
Finally, by harnessing the power of a network of connected of collaborative systems, it is possible to develop novel concepts, such as the idea of a ‘Digital Witness’ – coined by NICS members and currently on development under the umbrella of the IoTest project. Here, IoT devices are capable of obtaining and safeguarding electronic evidence related to a (cyber)crime. This evidence can then be securely transmitted, both directly and in a distributed fashion, to any authorized parties . In the development of this concept we have carefully considered the privacy of users, actively involving the user in the authorization process. In fact, as privacy preservation is one of the major challenges in the development of the IoT, NICS is actively working in this area .
- "User-centric secure integration of personal RFID tags and sensor networks",
In Security and Communication Networks, vol. 6, Wiley-Blackwell, pp. 1177–1197, Oct 2013.
ISI JCR Impact Factor 2013: 0.433
A personal network (PN) should enable the collaboration of user’s devices and services in a flexible, self-organizing and friendly manner. For such purpose, the PN must securely accommodate heterogeneous technologies with uneven computational and communication resources. In particular, personal RFID tags can enable seamless recognition of user’s context, provide user authentication and enable novel services enhancing the quality and quantity of data handled by the PN. However, the highly constrained features of common RFID tags and their passive role in the network highlights the need of an adequate secure communication model with personal tags which enables their participation as a member of the PN. In this paper, we present our concept of PN, with special emphasis on the role of RFID and sensor networks, and define a secure architecture for PNs including methods for the secure access to context-aware technologies from both local PN members and the Internet of Things. The PN architecture is designed to support differentiated security mechanisms to maximize the level of security for each type of personal device. Furthermore, we analyze which security solutions available in the literature can be adapted for our architecture, as well as the challenges and security mechanisms still necessary in the secure integration of personal tags.Impact Factor: 0.433Journal Citation Reports® Science Edition (Thomson Reuters, 2013)
- "On the features and challenges of security and privacy in distributed internet of things",
In Computer Networks, vol. 57, Elsevier, pp. 2266–2279, July 2013.
ISI JCR Impact Factor 2013: 1.282
In the Internet of Things, services can be provisioned using centralized architectures, where central entities acquire, process, and provide information. Alternatively, distributed architectures, where entities at the edge of the network exchange information and collaborate with each other in a dynamic way, can also be used. In order to understand the applicability and viability of this distributed approach, it is necessary to know its advantages and disadvantages – not only in terms of features but also in terms of security and privacy challenges. The purpose of this paper is to show that the distributed approach has various challenges that need to be solved, but also various interesting properties and strengths.Impact Factor: 1.282Journal Citation Reports® Science Edition (Thomson Reuters, 2013)
- "Towards Engineering Trust-aware Future Internet Systems",
In 3rd International Workshop on Information Systems Security Engineering (WISSE 2013), X. Franch, and P. Soffer Eds., LNBIP 148, Springer-Verlag, pp. 490-501, Jun 2013.
Security must be a primary concern when engineering Future Internet (FI) systems and applications. In order to achieve secure solutions, we need to capture security requirements early in the Software Development Life Cycle (SDLC). Whereas the security community has traditionally focused on providing tools and mechanisms to capture and express hard security requirements (e.g. confidentiality), little attention has been paid to other important requirements such as trust and reputation. We argue that these soft security requirements can leverage security in open, distributed, heterogeneous systems and applications and that they must be included in an early phase as part of the development process. In this paper we propose a UML extension for specifying trust and reputation requirements, and we apply it to an eHealth case study.
- "Key management systems for sensor networks in the context of the Internet of Things",
In Computers & Electrical Engineering, vol. 37, Elsevier, pp. 147-159, Mar 2011.
ISI JCR Impact Factor 2011: 0.837
If a wireless sensor network (WSN) is to be completely integrated into the Internet as part of the Internet of Things (IoT), it is necessary to consider various security challenges, such as the creation of a secure channel between an Internet host and a sensor node. In order to create such a channel, it is necessary to provide key management mechanisms that allow two remote devices to negotiate certain security credentials (e.g. secret keys) that will be used to protect the information flow. In this paper we will analyse not only the applicability of existing mechanisms such as public key cryptography and pre-shared keys for sensor nodes in the IoT context, but also the applicability of those link-layer oriented key management systems (KMS) whose original purpose is to provide shared keys for sensor nodes belonging to the same WSN.Impact Factor: 0.837Journal Citation Reports® Science Edition (Thomson Reuters, 2011)
- "Mobile edge computing, Fog et al.: A survey and analysis of security threats and challenges",
In Future Generation Computer Systems, Elsevier, 12/2016, In Press.
ISI JCR Impact Factor 2016: 3.997
For various reasons, the cloud computing paradigm is unable to meet certain requirements (e.g. low latency and jitter, context awareness, mobility support) that are crucial for several applications (e.g. vehicular networks, augmented reality). To fulfil these requirements, various paradigms, such as fog computing, mobile edge computing, and mobile cloud computing, have emerged in recent years. While these edge paradigms share several features, most of the existing research is compartmentalised; no synergies have been explored. This is especially true in the field of security, where most analyses focus only on one edge paradigm, while ignoring the others. The main goal of this study is to holistically analyse the security threats, challenges, and mechanisms inherent in all edge paradigms, while highlighting potential synergies and venues of collaboration. In our results, we will show that all edge paradigms should consider the advances in other paradigms.Impact Factor: 3.997Journal Citation Reports® Science Edition (Thomson Reuters, 2016)
- "Safeguarding Structural Controllability in Cyber-Physical Control Systems",
In The 21st European Symposium on Research in Computer Security (ESORICS 2016), vol. 9879, Springer, pp. 471-489, 2016.
Automatic restoration of control wireless networks based on dynamic cyber-physical systems has become a hot topic in recent years, since most of their elements tend to have serious vulnerabilities that may be exploited by attackers. In fact, any exploitation may rapidly extend to the entire control network due to its problem of non-locality, where control properties of a system and its structural controllability can disintegrate over time. Unfortunately, automated self-healing processes may become costly procedures in which the reliability of the strategies and the time-critical of any recovery of the control can become key factors to re-establish the control properties in due time. This operational need is precisely the aim of this paper, in which four reachability-based recovery strategies from a thereotical point of view are proposed so as to find the best option/s in terms of optimization, robustness and complexity. To do this, new definitions related to structural controllability in relation to the type of distribution of the network and its control load capacity are given in this paper, resulting in an interesting practical study.
- "Security of Industrial Sensor Network-based Remote Substations in the context of the Internet of Things",
In Ad Hoc Networks, vol. 11, Elsevier, pp. 1091–1104, 2013.
ISI JCR Impact Factor 2013: 1.943
The main objective of remote substations is to provide the central system with sensitive information from critical infrastructures, such as generation, distribution or transmission power systems. Wireless sensor networks have been recently applied in this particular context due to their attractive services and inherent benefits, such as simplicity, reliability and cost savings. However, as the number of control and data acquisition systems that use the Internet infrastructure to connect to substations increases, it is necessary to consider what connectivity model the sensor infrastructure should follow: either completely isolated from the Internet or integrated with it as part of the Internet of Things paradigm. This paper therefore addresses this question by providing a thorough analysis of both security requirements and infrastructural requirements corresponding to all those TCP/IP integration strategies that can be applicable to networks with constrained computational resources.Impact Factor: 1.943Journal Citation Reports® Science Edition (Thomson Reuters, 2013)
- "Digital Witness: Safeguarding Digital Evidence by using Secure Architectures in Personal Devices",
In IEEE Network, IEEE Communications Society, pp. 12-19, 2016.
ISI JCR Impact Factor 2016: 7.230
Personal devices contain electronic evidence associated with the behaviour of their owners and other devices in their environment, which can help clarify the facts of a cyber-crime scene. These devices are usually analysed as containers of proof. However, it is possible to harness the boom of personal devices to define the concept of digital witnesses, where personal devices are able to actively acquire, store, and transmit digital evidence to an authorised entity, reliably and securely. This article introduces this novel concept, providing a preliminary analysis on the management of digital evidence and the technologies that can be used to implement it with security guarantees in IoT environments. Moreover, the basic building blocks of a digital witness are defined.Impact Factor: 7.230Journal Citation Reports® Science Edition (Thomson Reuters, 2016)
- "Evolución y nuevos desafios de privacidad en la Internet de las Cosas",
In XIV Reunión Española sobre Criptología y Seguridad de la Información, pp. 209-213, 10/2016.
La Internet de las Cosas (en inglés, Internet of Things (IoT)) es una evolución de la Internet tal y como lo conocemos. Esta nueva versión de Internet incorpora objetos de la vida cotidiana, rompiendo así barrera de los digital y extendiéndose al mundo físico. Estos objetos interactuarán entre sí y con otras entidades tanto de manera local como remota, y estarán dotados de cierta capacidad computacional y sensores para que sean conscientes de lo que ocurre en su entorno. Esto traerá consigo un sinfín de posibilidades y nuevos servicios, pero también dará lugar a nuevos y mayores riesgos de privacidad para los ciudadanos. En este artículo, estudiamos los problemas de privacidad actuales de una de las tecnologías claves para el desarrollo de este prometedor paradigma, las redes de sensores, y analizamos como pueden evolucionar y surgir nuevos riesgos de privacidad al ser completamente integradas en la Internet.