0% found this document useful (0 votes)
45 views4 pages

Imp Research On IoT Privacy Security Risks

Uploaded by

ِAl Turaihi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
45 views4 pages

Imp Research On IoT Privacy Security Risks

Uploaded by

ِAl Turaihi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

2016 International Conference on Industrial Informatics - Computing Technology, Intelligent Technology, Industrial Information

Integration

Research on IoT Privacy Security Risks

Wang Xi Luo Ling


School of management School of management
Wuhan University of Technology Wuhan University of Technology
Wuhan, China Wuhan, China
349287768@qq.com luoling69599@qq.com

Abstract—As IoT being gradually applied, people’s life is strong focus in academia. These information are as sensitive
becoming more and more convenient. However, when people privacy information, once leaked, it may make users uneasy,
enjoy those convenience brought by the IoT, there also be some and cause privacy security risks on the entire network. Thus,
certain risks of privacy security. How to ensure that how to prevent the risks needed further studies..
convenience, and reduce the risks at the same time, which
seems to be a long-term work. From this perspective, the paper II. RESEARCH ACTUALITY
studied the causes of privacy security risks, and put forward
some relevant IoT risk prevention methods. These research
Due to many applications of the IoT systems are needed
results have some certain practicabilities, which would provide to collect personal information, IoT is facing more serious
an important theoretical reference value in the field of privacy security risks [6]. For example, compared with the
scientific research and engineering. traditional Internet, those privacy security problems are
usually related to the users only, and people can set through
Keywords- IoT; privacy security risks; risk causes; risk the terminal to protect their privacies, but in IoT system,
prevention methods even those who don't use the IoT maybe also at privacy risks
[7]. A typical case, considering an IoT system contained
I. INTRODUCTION multiple cameras, the images obtained by the cameras belong
to personal privacy, once the images associated with
The Internet of things, which refers to "an Internet that individuals’ identity information, there may appear some
the things around people are connected to", it through threats like information leakage in the data transmission,
information sensing equipment such as RFID, infrared bringing about personal privacy risks.
sensors, and GPS to make objects connected to the Internet At present, many scholars have focused on the IoT
in accordance with the existing contract agreements, thus privacy security issues. But due to its development is still in
producing information exchange and communication, the initial stage, most studies are concentrated on various
realizing the intelligent identification, tracking, monitoring technologies and different industry applications, and then
and management of the objects in the network [1]. But give some corresponding solutions [8]. Common on the IoT
Zhang Yanxue once changed the expression to define IoT as security researches mainly can be divided into several
a giant network, all the objects in it can be freely contacted aspects, and the related representative researches are
by some technologies such as RFID and wireless data summarized in the following tables.
communication technology, under the action of these
technologies to realize the objects’ sharing, interconnection TABLE 1 THE RESEARCH OF SENSOR NETWORK SECURITY
and management without people's intervention [2]. What’s
more, Liu Yongmou thought the nature of IoT maybe boil author time research program
down to "super sense", that is to say, the things in IoT are Authentication and key agreement scheme
perceived through feeling layer, and then through the Juang, Nien 2008 based on bilinear pairings under the
corresponding calculation layer to get a certain degree of environment of wireless sensor network [9]
User authentication scheme based on
intelligence, in order to possess some similar characteristics Das M L 2009 password under the hierarchical wireless
to the subjects [3]. And according to Wu Chuankun, the IoT sensor network environment [10]
has led to the third wave of information industry revolution Rasheed A, Key distribution scheme in pairs in three
2012
[4], which would become an important infrastructure in the Mahapatra R N layer architecture sensor network [11]
social and economic development, what’s more, it may Key early allocation scheme based on the
accelerate social progress and promote scientific and Bechkit et al. 2013 theory of the Unital design under the
enhanced sensors network environment [12]
technological innovation.
However, with the rapid development of IoT supporting Perrig A et al. 2002 SPINS protocol [13]
technologies, the problems of privacy security are becoming Karlof C,
2003 INSENS protocol [14]
serious [5], which have aroused people's attention. In some Wagner D.
Hu Y C, Routing protocol based on the one-way
applications such as electronic commerce and business Johnson D B.
2003
hashing function [15]
transactions, the situations of the system’s or users’ privacy
information leakage occur from time to time, triggering a

978-1-5090-3575-5/16 $31.00 © 2016 IEEE 259


DOI 10.1109/ICIICII.2016.80
It can be seen from the table above, the researches about A. Risk of Safety Certification
the safety of sensor network mainly concentrated in the Because there are lots of sensors or objects contained
domains such as the key distribution and management of RFID tags in the IoT system, it may bring certification
sensor network technology, authentication technology and problems inevitably in the deployment or use of these
the safety routing technology of the sensor network. equipment [25]. Currently, the IoT system authentication
problems mainly concentrated in RFID certification and
TABLE 2 THE RESEARCH OF RFID SYSTEM SECURITY sensor network certification. Although there are many
author time research program
mature authentication protocols in the traditional network
environment, most of these just designed for the terminals
RFID two-way authentication protocol based which based on strong desktop computing powers, that
Sun, Zhong 2012
on secure hashing function [16]
means they cannot be directly applied to those RFID tags or
Huang Y C,
RFID two-way authentication protocol based intelligent terminals which with low cost or weak calculation
2012 on the standard of EPC global Class-1 Gen-2 ability. So in the new IoT environment, it’s worthy of note
Jiang J-R.
[17]
about the IoT privacy security risks that due to the unsafe
RFID two-way authentication protocol based certification link.
Pang L, He L, on the standard of EPC global Class-1 Gen-
2013
Pei Q, et al 2(the same with Huang et al. but more B. Risk of RFID Technology Security
comprehensive) [18]
As RFID technology widely used in logistics systems,
Built a ultra-lightweight RFID two-way safety management systems and some other fields, the
Niu B, Zhu X, authentication scheme used the random
Li H
2013
number generator and exclusive or operation
problems about its safety increasingly triggered researchers’
[19] attention. Because the RFID tags always using a noncontact
Put forward a new RFID solutions, through the way of wireless channel to pass information to the readers, it
Hakeem et al. 2013 shift register to update the label certification gives the rivals opportunity to wiretap the reader or use some
and access key [20] other means to implement label tracking.
As we can see from the table 2, at present, the researches Besides, RFID tags connect with readers by means of
about the safety of RFID system mainly concentrated in the wireless communication, that means the RFID tags maybe
following aspects such as the privacy protection of those suffered with signal interference and then fail to work,
who use RFID tags and a two-way identity authentication affecting the normal operation of the whole RFID system
based on RFID tags. [26]. What’s more, some rivals may embed malicious code
or script language through the RFID tags, and this way of
TABLE 3 THE RESEARCH OF PRIVACY PROTECTION attack may cause fatal damage to the backend database. For
example, a professor from Amsterdam named Melanie
author time research program Rieback once said, computer virus can be passed through
Sweeney L 2002 K-anonymity method [21] RFID readers to the backend database and thus cause great
further perfected the K-anonymity method damage [27].
Gedik B, Liu L 2008
based on the previous research [22]
Olumofin F,
C. Risk of Information Leakage
Put forward a user query privacy solution that
Tysowski P K, 2010
don't need to trust the thirdparty [23] Since most IoT applications are connected by wireless
Goldberg I. communication, attackers can wiretap the wireless signals to
Xiao P, put forward a privacy protection based on
Xing H, cloaking greedy algorithm to protect user's obtain some important information that sent by the various
2010 nodes [28]. Especially with the large-scaled popularization of
Xiaofeng M continuously query [24]
As we can see from the table 3, the researches related to smartphones, people often use their smartphones to access
the privacy protection currently focused on the following the relevant applications or necessary services, but in these
domains such as the users’ location information protection processes, the users need to fill in their identity information
and privacy protection. In addition, there are some scholars or share location information, if such sensitive information
also attempt to study and establish the IoT system security being leaked out, or even being obtained by criminals then
architecture and security policy, in order to effectively suffered malicious use, that will cause a certain degree of
protect the users' privacy. privacy security risks, bringing about lots of unnecessary
losses.
III. RISK CAUSES OF IOT PRIVACY SECURITY
IV. RISK FORMS OF IOT PRIVACY SECURITS
Although the arrival of IoT makes people's life more
comfortable and convenient, it may also bring about some As the IoT privacy problems can become privacy
privacy security risks due to various reasons. By reading the security risks due to various reasons, if they cannot be
related literatures, the main risks causes can be summarized effectively dealt with, those risks may be brought about.
as follows: Based on the related researches, the privacy security risks
can be concluded as the following several forms.

260
A. Risks in Politics Field B. Improve the Level of IoT Privacy Protection
To some degree, all the people and objects are in a state Technology
of " seeing and being seen " in the IoT system [29]. The To effectively implement the IoT privacy protections,
feeling layers of IoT collect the related information, then except for relevant legal safeguard, it also need to notice
pass them to the computing center to calculate, finally form technology itself. IoT is a novel thing based on the Internet,
the scientific solution which means the "science" action if the technologies have not considered privacy protection,
rules. But if all these procedures are lack of effective it’s easy to appear privacy security risks caused by
supervision, IoT maybe utilized as a monitoring tool or even authentication security and RFID security, so it’s important
to monitor the opponents and dissidents. Thus, it’s necessary to strengthen core technologies, such as the authentication
to alert the relevant person abusing the IoT systems in the and access control and data encryption processing [34], so as
government. to guarantee the in-depth application of the IoT systems.
B. Risks in Economic Field C. Strengthen the IoT privacy Security Awareness
In order to make profit, businessmen always have the In addition to the legal and technical support, it’s also
impulse of abusing IoT information. Various sensors joined necessary to improve the users’ safety consciousness [35].
to the IoT systems creating new business opportunities for IoT services and IoT information collection organizations
mining personal privacy. For example, many malls promote should advocate IoT safety knowledge, in order to improve
products by analyzing the preference to customers whether the overall awareness of IoT privacy security protections,
they are useful or not. avoiding the unnecessary losses.
In addition, IoT can also lead to labor transfer and
unemployment. Along with the popularity of IoT in the VI. CONCLUSIONS
future, the position demand of many professions such as Along with the rapid developments of social
cashier, guides and logistics will decrease sharply, and the informatization and computer technology, the IoT is at
demand of those jobs related to IoT will increase greatly, society special attention by its convenience and necessity. In
causing labor transfer, or even labor unemployment, bringing order to realize the widespread of information sharing, the
about some national economic risks. IoT system must be in the strict privacy protection to prevent
C. Risks in Social Security Field social privacy security risks. Based on the discussions above,
we can draw the following conclusions.
There are some problems in the IoT systems which may Firstly, because of the shortcomings about the safety
be the same with the Internet, such as hacker attacking, certification and RFID technology security, a certain degree
privacy abusing and so on. But the IoT systems also of IoT privacy security risks maybe brought about, slight
exacerbate these risks, making them more difficult to protect effects can be some information leakage, but the severe
against. For example, the criminals can utilize the impacts may be on the IoT system or even national level’s
interactions between the objects in the IOT to commit bad influence.
crimes, making it more difficult to tracking down the real Secondly, the IoT privacy security risks can be
culprits [30]. characterized in political, economic, and personal fields,
V. RISK PREVENTION FOR IOT PRIVACY SECURITY each of these forms would bring many privacy security risks
and deserves great attention in the future researches.
It can be known from the analyses above, IoT is a new Finally, on account of those causes and forms of the IoT
kind network of comprehensive information perception and privacy security risks, some measures have been summarized
access, seamless interconnection and collaboration, and it is to prevent them. Such as improving the security level of
with high degree of intelligence [31], so its development privacy protection system, researching on the IoT privacy
must be based on information security. Since the security security technology so as to get effective guarantee in the
issues are constantly increasing, IoT security solutions need link of information collection, transmission, processing and
constantly improvement [32]. Aiming at the risk causes and so on, meanwhile, paying more attention to the users’
its forms, this paper argues that the IoT privacy security risk privacy protection awareness seems equally important. I
preventions should be strengthened from the following think these prevention methods can provide certain theory
several aspects. reference value in the field of scientific research and
A. Speed Up the Related Policies and Regulations, engineering in the future.
Improving the Security System But because of the limitation of some data acquisition
about IOT, there couldn’t be any simulation experiment
In-depth application of IoT involves lots legal problems research for each specific type of those risks, it is also the
[33]. At present the information security laws in our country insufficiency about this paper. Hope we can obtain a large-
still difficult to adapt to the need of IoT rapid development, scaled data in the future, so that we can combine with the
therefore, making clear IoT security policies and regulations risk simulation models for the specific risks in the further
is particularly important. These policies and regulations will studies.
further improve the security system of IoT security and
privacy protection. ACKNOWLEDGMENT

261
First of all, I want to express my great gratefulness to my vector routing for mobile wireless ad hoc networks [J]. Ad Hoc
dear teacher----professor Luo. She is so knowledgeable, with Networks, 2003, 1 (1): 175-192.
wide threads of thought and can always grasp the forefront of [16] Sun D-Z, Zhong J-D. A hash-based RFID security protocol for strong
privacy protection [J]. IEEE Transactions on Consumer Electronics,
knowledge. Under her guidance, I learned many researches 2012, 58 (4): 1246-1252.
in the related field of IoT, which greatly broadened my view [17] Huang Y C, Jiang J-R. An Ultralightweight Mutual Authentication
of academic, meanwhile it laid the important theoretical Protocol for EPC C1G2 RF1D Tags [C]. In Fifth International
basis for this article. In terms of the paper writing, my Symposium on Parallel Architectures, Algorithms and Progrunming
teacher gave me the directional guidance and constructive (PAAP), 2012: 133-140.
suggestions. Besides, she also gave me the unselfish help in [18] Pang L, He L, Pei Q, et al. Secure and efficient mutual authentication
my life, let me felt so impressed. protocol for RFID conforming to the EPC C-1 G-2 standard [C]. In
IEEE Wireless Communications and Networking Conference
Then I want to say thanks to my family and friends, they (WCNC), 2013, 2013: 1870-1875.
gave me lots of confidence and courage when I felt so upset,
[19] Niu B, Zhu X, Li H. An ultralightweight and privacy-preserving
so I could overcome the difficulties during the paper writing. authentication protocol for mobile[C]. In IEEE Wireless
If not because of them, I cannot finish the paper smoothly. Communications and Networking Conference (WCNC 13),
In a word, the teacher’s meticulous working style, earnest 2013:1864-1869.
and positive attitude towards life, my family and friends’ [20] Hakeem M J, Raahemifar K, Khan G N. HPAP: A novel
enthusiastic support and encouragement, all these will authentication scheme for RFID systems [C]. In 26th Annual IEEE
always inspire me, helping me to be a better me in the future Canadian Conference on Electrical and Computer Engineering
(CCECE), 2013: 1-6.
work and life.
[21] Sweeney L. k-anonymity: A model for protecting privacy
[J].International Journal of Uncertainty, Fuzziness and Knowledge-
Based Systems, 2002,10 (OS): 557-570.
REFERENCES
[22] Gedik B, Liu L. Protecting location privacy with personalized k-
[1] Jason I. Hong, James A. Landay. An Architecture for Privacy- anonymity: Architecture and algo rithms [J].IEEE Transactions on
Sensitive Ubiquitous Computing MobiSys'04, Boston, Massachusetts, Mobile Computing, 2008, 7 (1): 1-18.
USA June 6-9, 2004: 177-189. [23] Olumofin F, Tysowski P K, Goldberg I, et al. Achieving efficient
[2] Zhang Yanxue, Song Zengguo. Analysis of the security of the IoT [J]. query privacy for location based services [C]. In Privacy Enhancing
computer security, 2012 (5): 67-70. Technologies, 2010: 93-110.
[3] Liu Yongmou, Wu Linhai. The nature and risks of the IoT, and its [24] Xiao P, Xing H, Xiaofeng M. Privacy Preserving towards Continuous
countermeasures [J]. Journal of Renmin University of China, 2011 Query in Location-based Services [J]. Journal of Computer Research
(04): 35-40. and Development, 2010, 1: 018.
[4] Wu Chuankun. The key security technology and the challenges of IoT [25] Zhang Junsong. Research on the key issues of security and privacy
[J]. Journal of cryptography, 2015 (01): 40-53. protection in the Internet of things [D]. Beijing University of Posts
[5] Vladimir Oleshchuk. Internet of things and privacy preserving and Telecommunications, 2014
technologies [C]. Wireless VITAE 2009. Aalborg, Denmark, May [26] Rieback M R, Crispo B, Tanenbaum A S. Is your cat infected with a
2009: 336-340. computer virus? [C]. In IEEE International Conference on Pervasive
[6] Qian Ping, Wu Meng. Research and methods of IoT privacy Computing and Communications (PerCom), 2006., 2006: 10-18.
protection [J]. computer application research, 2013, 30 (1): 13-20. [27] Rieback M R, Crispo B, Tanenbaum A S. Rfid malware: truth vs.
[7] Atzori L, Iera A, Morabiot G. The Internet of things: a survey[J]. myth [J]. IEEE Security&Privacy, 2006, 4 (4): 70-72.
Computer Networks, 2010, 54 (15): 2787-2805. [28] Shu Jun. Security crisis and countermeasures of IoT [J]. Chinese
[8] Zhang Junsong. Research on the key issues of security and privacy Public Security: academic edition, 2010 (4): 101-105.
protection in the Internet of things [D]. Beijing University of Posts [29] Liu Yongmou, Wu Linhai. The nature and risks of the IoT, and its
and Telecommunications, 2014 countermeasures [J]. Journal of Renmin University of China, 2011
[9] Juang W S, Nien W K. Efficient password authenticated key (04): 35-40.
agreement using bilinear pairings[J]. Mathematical & Computer [30] Yi Xianghe, Xiao Jianyu. Comprehensive impact of the development
Modelling, 2008, 47(11–12):1238-1245. of IoT and its risk aversion [J]. Tianzhong Journal , 2012, 27 (1): 61-
[10] Das M L. Ttvo-factor user authentication in wireless sensor networks 64.
[J]. IEEE Transactions on Wireless Communications, 2009, 8 (3): [31] Li Yong, Xu Yuangen, Wang Jun. Research on security framework
1086-1090. and risk assessment of Internet of things [J]. electronic test, 2015
[11] Rasheed A, Mahapatra R N. The three-tier security scheme in (19): 81-84.
wireless sensor networks with mobile sinks[J].IEEE Transactions on [32] Paul Liu, Chen Hui, Wang Haitao, et al. Study on the security of the
Parallel and Distributed Systems, 2012, 23 (5): 958-965. IoT and its security model [J]. computer and digital engineering, 2012,
[12] Bechkit W, Challat Y, Bouabdallah A, et al. A highly scalable key 40 (11): 21-24.
pre-distribution scheme for wireless sensor networks [J]. IEEE [33] Shen Bin, Liu yuan. Review of the security and privacy issues in the
Transactions on Wireless Communications, 2013, 12 (2): 948-959. IoT applications [J]. natural dialectics newsletter, 2011 (06): 77-83.
[13] Perrig A, Szewczyk R,Tygar J, et al. SPINS: Security protocols for
sensor networks [J]. Wireless networks, 2002, 8 (5): 521-534. [34] Li Zhiqing. Study on the security of Internet of things [J]. computer
security, 2011 (10): 57-59.
[14] Karlof C, Wagner D. Secure routing in wireless sensor networks:
Attacks and countermeasures [J]. Ad hoc networks, 2003, 1 (2): 293- [35] Ye Chunqing. The risks of Internet of things [J]. era of financial
315. technology, 2014 (1).
[15] Hu Y C, Johnson D B, Perrig A. SEAD: Secure efficient distance

262

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy