Imp Research On IoT Privacy Security Risks
Imp Research On IoT Privacy Security Risks
Integration
Abstract—As IoT being gradually applied, people’s life is strong focus in academia. These information are as sensitive
becoming more and more convenient. However, when people privacy information, once leaked, it may make users uneasy,
enjoy those convenience brought by the IoT, there also be some and cause privacy security risks on the entire network. Thus,
certain risks of privacy security. How to ensure that how to prevent the risks needed further studies..
convenience, and reduce the risks at the same time, which
seems to be a long-term work. From this perspective, the paper II. RESEARCH ACTUALITY
studied the causes of privacy security risks, and put forward
some relevant IoT risk prevention methods. These research
Due to many applications of the IoT systems are needed
results have some certain practicabilities, which would provide to collect personal information, IoT is facing more serious
an important theoretical reference value in the field of privacy security risks [6]. For example, compared with the
scientific research and engineering. traditional Internet, those privacy security problems are
usually related to the users only, and people can set through
Keywords- IoT; privacy security risks; risk causes; risk the terminal to protect their privacies, but in IoT system,
prevention methods even those who don't use the IoT maybe also at privacy risks
[7]. A typical case, considering an IoT system contained
I. INTRODUCTION multiple cameras, the images obtained by the cameras belong
to personal privacy, once the images associated with
The Internet of things, which refers to "an Internet that individuals’ identity information, there may appear some
the things around people are connected to", it through threats like information leakage in the data transmission,
information sensing equipment such as RFID, infrared bringing about personal privacy risks.
sensors, and GPS to make objects connected to the Internet At present, many scholars have focused on the IoT
in accordance with the existing contract agreements, thus privacy security issues. But due to its development is still in
producing information exchange and communication, the initial stage, most studies are concentrated on various
realizing the intelligent identification, tracking, monitoring technologies and different industry applications, and then
and management of the objects in the network [1]. But give some corresponding solutions [8]. Common on the IoT
Zhang Yanxue once changed the expression to define IoT as security researches mainly can be divided into several
a giant network, all the objects in it can be freely contacted aspects, and the related representative researches are
by some technologies such as RFID and wireless data summarized in the following tables.
communication technology, under the action of these
technologies to realize the objects’ sharing, interconnection TABLE 1 THE RESEARCH OF SENSOR NETWORK SECURITY
and management without people's intervention [2]. What’s
more, Liu Yongmou thought the nature of IoT maybe boil author time research program
down to "super sense", that is to say, the things in IoT are Authentication and key agreement scheme
perceived through feeling layer, and then through the Juang, Nien 2008 based on bilinear pairings under the
corresponding calculation layer to get a certain degree of environment of wireless sensor network [9]
User authentication scheme based on
intelligence, in order to possess some similar characteristics Das M L 2009 password under the hierarchical wireless
to the subjects [3]. And according to Wu Chuankun, the IoT sensor network environment [10]
has led to the third wave of information industry revolution Rasheed A, Key distribution scheme in pairs in three
2012
[4], which would become an important infrastructure in the Mahapatra R N layer architecture sensor network [11]
social and economic development, what’s more, it may Key early allocation scheme based on the
accelerate social progress and promote scientific and Bechkit et al. 2013 theory of the Unital design under the
enhanced sensors network environment [12]
technological innovation.
However, with the rapid development of IoT supporting Perrig A et al. 2002 SPINS protocol [13]
technologies, the problems of privacy security are becoming Karlof C,
2003 INSENS protocol [14]
serious [5], which have aroused people's attention. In some Wagner D.
Hu Y C, Routing protocol based on the one-way
applications such as electronic commerce and business Johnson D B.
2003
hashing function [15]
transactions, the situations of the system’s or users’ privacy
information leakage occur from time to time, triggering a
260
A. Risks in Politics Field B. Improve the Level of IoT Privacy Protection
To some degree, all the people and objects are in a state Technology
of " seeing and being seen " in the IoT system [29]. The To effectively implement the IoT privacy protections,
feeling layers of IoT collect the related information, then except for relevant legal safeguard, it also need to notice
pass them to the computing center to calculate, finally form technology itself. IoT is a novel thing based on the Internet,
the scientific solution which means the "science" action if the technologies have not considered privacy protection,
rules. But if all these procedures are lack of effective it’s easy to appear privacy security risks caused by
supervision, IoT maybe utilized as a monitoring tool or even authentication security and RFID security, so it’s important
to monitor the opponents and dissidents. Thus, it’s necessary to strengthen core technologies, such as the authentication
to alert the relevant person abusing the IoT systems in the and access control and data encryption processing [34], so as
government. to guarantee the in-depth application of the IoT systems.
B. Risks in Economic Field C. Strengthen the IoT privacy Security Awareness
In order to make profit, businessmen always have the In addition to the legal and technical support, it’s also
impulse of abusing IoT information. Various sensors joined necessary to improve the users’ safety consciousness [35].
to the IoT systems creating new business opportunities for IoT services and IoT information collection organizations
mining personal privacy. For example, many malls promote should advocate IoT safety knowledge, in order to improve
products by analyzing the preference to customers whether the overall awareness of IoT privacy security protections,
they are useful or not. avoiding the unnecessary losses.
In addition, IoT can also lead to labor transfer and
unemployment. Along with the popularity of IoT in the VI. CONCLUSIONS
future, the position demand of many professions such as Along with the rapid developments of social
cashier, guides and logistics will decrease sharply, and the informatization and computer technology, the IoT is at
demand of those jobs related to IoT will increase greatly, society special attention by its convenience and necessity. In
causing labor transfer, or even labor unemployment, bringing order to realize the widespread of information sharing, the
about some national economic risks. IoT system must be in the strict privacy protection to prevent
C. Risks in Social Security Field social privacy security risks. Based on the discussions above,
we can draw the following conclusions.
There are some problems in the IoT systems which may Firstly, because of the shortcomings about the safety
be the same with the Internet, such as hacker attacking, certification and RFID technology security, a certain degree
privacy abusing and so on. But the IoT systems also of IoT privacy security risks maybe brought about, slight
exacerbate these risks, making them more difficult to protect effects can be some information leakage, but the severe
against. For example, the criminals can utilize the impacts may be on the IoT system or even national level’s
interactions between the objects in the IOT to commit bad influence.
crimes, making it more difficult to tracking down the real Secondly, the IoT privacy security risks can be
culprits [30]. characterized in political, economic, and personal fields,
V. RISK PREVENTION FOR IOT PRIVACY SECURITY each of these forms would bring many privacy security risks
and deserves great attention in the future researches.
It can be known from the analyses above, IoT is a new Finally, on account of those causes and forms of the IoT
kind network of comprehensive information perception and privacy security risks, some measures have been summarized
access, seamless interconnection and collaboration, and it is to prevent them. Such as improving the security level of
with high degree of intelligence [31], so its development privacy protection system, researching on the IoT privacy
must be based on information security. Since the security security technology so as to get effective guarantee in the
issues are constantly increasing, IoT security solutions need link of information collection, transmission, processing and
constantly improvement [32]. Aiming at the risk causes and so on, meanwhile, paying more attention to the users’
its forms, this paper argues that the IoT privacy security risk privacy protection awareness seems equally important. I
preventions should be strengthened from the following think these prevention methods can provide certain theory
several aspects. reference value in the field of scientific research and
A. Speed Up the Related Policies and Regulations, engineering in the future.
Improving the Security System But because of the limitation of some data acquisition
about IOT, there couldn’t be any simulation experiment
In-depth application of IoT involves lots legal problems research for each specific type of those risks, it is also the
[33]. At present the information security laws in our country insufficiency about this paper. Hope we can obtain a large-
still difficult to adapt to the need of IoT rapid development, scaled data in the future, so that we can combine with the
therefore, making clear IoT security policies and regulations risk simulation models for the specific risks in the further
is particularly important. These policies and regulations will studies.
further improve the security system of IoT security and
privacy protection. ACKNOWLEDGMENT
261
First of all, I want to express my great gratefulness to my vector routing for mobile wireless ad hoc networks [J]. Ad Hoc
dear teacher----professor Luo. She is so knowledgeable, with Networks, 2003, 1 (1): 175-192.
wide threads of thought and can always grasp the forefront of [16] Sun D-Z, Zhong J-D. A hash-based RFID security protocol for strong
privacy protection [J]. IEEE Transactions on Consumer Electronics,
knowledge. Under her guidance, I learned many researches 2012, 58 (4): 1246-1252.
in the related field of IoT, which greatly broadened my view [17] Huang Y C, Jiang J-R. An Ultralightweight Mutual Authentication
of academic, meanwhile it laid the important theoretical Protocol for EPC C1G2 RF1D Tags [C]. In Fifth International
basis for this article. In terms of the paper writing, my Symposium on Parallel Architectures, Algorithms and Progrunming
teacher gave me the directional guidance and constructive (PAAP), 2012: 133-140.
suggestions. Besides, she also gave me the unselfish help in [18] Pang L, He L, Pei Q, et al. Secure and efficient mutual authentication
my life, let me felt so impressed. protocol for RFID conforming to the EPC C-1 G-2 standard [C]. In
IEEE Wireless Communications and Networking Conference
Then I want to say thanks to my family and friends, they (WCNC), 2013, 2013: 1870-1875.
gave me lots of confidence and courage when I felt so upset,
[19] Niu B, Zhu X, Li H. An ultralightweight and privacy-preserving
so I could overcome the difficulties during the paper writing. authentication protocol for mobile[C]. In IEEE Wireless
If not because of them, I cannot finish the paper smoothly. Communications and Networking Conference (WCNC 13),
In a word, the teacher’s meticulous working style, earnest 2013:1864-1869.
and positive attitude towards life, my family and friends’ [20] Hakeem M J, Raahemifar K, Khan G N. HPAP: A novel
enthusiastic support and encouragement, all these will authentication scheme for RFID systems [C]. In 26th Annual IEEE
always inspire me, helping me to be a better me in the future Canadian Conference on Electrical and Computer Engineering
(CCECE), 2013: 1-6.
work and life.
[21] Sweeney L. k-anonymity: A model for protecting privacy
[J].International Journal of Uncertainty, Fuzziness and Knowledge-
Based Systems, 2002,10 (OS): 557-570.
REFERENCES
[22] Gedik B, Liu L. Protecting location privacy with personalized k-
[1] Jason I. Hong, James A. Landay. An Architecture for Privacy- anonymity: Architecture and algo rithms [J].IEEE Transactions on
Sensitive Ubiquitous Computing MobiSys'04, Boston, Massachusetts, Mobile Computing, 2008, 7 (1): 1-18.
USA June 6-9, 2004: 177-189. [23] Olumofin F, Tysowski P K, Goldberg I, et al. Achieving efficient
[2] Zhang Yanxue, Song Zengguo. Analysis of the security of the IoT [J]. query privacy for location based services [C]. In Privacy Enhancing
computer security, 2012 (5): 67-70. Technologies, 2010: 93-110.
[3] Liu Yongmou, Wu Linhai. The nature and risks of the IoT, and its [24] Xiao P, Xing H, Xiaofeng M. Privacy Preserving towards Continuous
countermeasures [J]. Journal of Renmin University of China, 2011 Query in Location-based Services [J]. Journal of Computer Research
(04): 35-40. and Development, 2010, 1: 018.
[4] Wu Chuankun. The key security technology and the challenges of IoT [25] Zhang Junsong. Research on the key issues of security and privacy
[J]. Journal of cryptography, 2015 (01): 40-53. protection in the Internet of things [D]. Beijing University of Posts
[5] Vladimir Oleshchuk. Internet of things and privacy preserving and Telecommunications, 2014
technologies [C]. Wireless VITAE 2009. Aalborg, Denmark, May [26] Rieback M R, Crispo B, Tanenbaum A S. Is your cat infected with a
2009: 336-340. computer virus? [C]. In IEEE International Conference on Pervasive
[6] Qian Ping, Wu Meng. Research and methods of IoT privacy Computing and Communications (PerCom), 2006., 2006: 10-18.
protection [J]. computer application research, 2013, 30 (1): 13-20. [27] Rieback M R, Crispo B, Tanenbaum A S. Rfid malware: truth vs.
[7] Atzori L, Iera A, Morabiot G. The Internet of things: a survey[J]. myth [J]. IEEE Security&Privacy, 2006, 4 (4): 70-72.
Computer Networks, 2010, 54 (15): 2787-2805. [28] Shu Jun. Security crisis and countermeasures of IoT [J]. Chinese
[8] Zhang Junsong. Research on the key issues of security and privacy Public Security: academic edition, 2010 (4): 101-105.
protection in the Internet of things [D]. Beijing University of Posts [29] Liu Yongmou, Wu Linhai. The nature and risks of the IoT, and its
and Telecommunications, 2014 countermeasures [J]. Journal of Renmin University of China, 2011
[9] Juang W S, Nien W K. Efficient password authenticated key (04): 35-40.
agreement using bilinear pairings[J]. Mathematical & Computer [30] Yi Xianghe, Xiao Jianyu. Comprehensive impact of the development
Modelling, 2008, 47(11–12):1238-1245. of IoT and its risk aversion [J]. Tianzhong Journal , 2012, 27 (1): 61-
[10] Das M L. Ttvo-factor user authentication in wireless sensor networks 64.
[J]. IEEE Transactions on Wireless Communications, 2009, 8 (3): [31] Li Yong, Xu Yuangen, Wang Jun. Research on security framework
1086-1090. and risk assessment of Internet of things [J]. electronic test, 2015
[11] Rasheed A, Mahapatra R N. The three-tier security scheme in (19): 81-84.
wireless sensor networks with mobile sinks[J].IEEE Transactions on [32] Paul Liu, Chen Hui, Wang Haitao, et al. Study on the security of the
Parallel and Distributed Systems, 2012, 23 (5): 958-965. IoT and its security model [J]. computer and digital engineering, 2012,
[12] Bechkit W, Challat Y, Bouabdallah A, et al. A highly scalable key 40 (11): 21-24.
pre-distribution scheme for wireless sensor networks [J]. IEEE [33] Shen Bin, Liu yuan. Review of the security and privacy issues in the
Transactions on Wireless Communications, 2013, 12 (2): 948-959. IoT applications [J]. natural dialectics newsletter, 2011 (06): 77-83.
[13] Perrig A, Szewczyk R,Tygar J, et al. SPINS: Security protocols for
sensor networks [J]. Wireless networks, 2002, 8 (5): 521-534. [34] Li Zhiqing. Study on the security of Internet of things [J]. computer
security, 2011 (10): 57-59.
[14] Karlof C, Wagner D. Secure routing in wireless sensor networks:
Attacks and countermeasures [J]. Ad hoc networks, 2003, 1 (2): 293- [35] Ye Chunqing. The risks of Internet of things [J]. era of financial
315. technology, 2014 (1).
[15] Hu Y C, Johnson D B, Perrig A. SEAD: Secure efficient distance
262