SECURITY RISK MANAGEMENT FOR THE INTERNET OF THINGS TECHNOLOGIES AND TECHNIQUES FOR IOT SECURITY,PRIVACY AND DATA PROTECTION JOHN SOLDATOS (Editor) Published, sold and distributed by: now Publishers Inc. PO Box 1024 Hanover, MA 02339 United States Tel. +1-781-985-4510 www.nowpublishers.com [email protected] Outside North America: now Publishers Inc. PO Box 179 2600 AD Delft The Netherlands Tel. +31-6-51115274 ISBN: 978-1-68083-682-0 E-ISBN: 978-1-68083-683-7 DOI: 10.1561/9781680836837 Copyright © 2020 John Soldatos Suggested citation: John Soldatos (ed.). (2020). Security Risk Management for the Internet of Things. Boston–Delft: Now Publishers The work will be available online open access and governed by the Creative Commons “Attribution-Non Commercial” License (CC BY-NC), according to https://creativecommons.org/ licenses/by-nc/4.0/ Table of Contents Foreword xi Preface xv Glossary xxi Chapter 1 Introduction 1 By John Soldatos 1.1 Introduction...............................................1 1.2 Overview and Limitations of Security Risk Assessment Frameworks................................................5 1.2.1 Overview of Security Risk Assessment.........................5 1.2.2 Limitations of Security Risk Assessment Frameworks for IoT.....7 1.3 New Technology Enablers and Novel Security Concepts..........9 1.3.1 IoT Security Knowledge Bases...............................9 1.3.2 IoT Reference Architectures and Security Frameworks........... 10 1.3.3 Blockchain Technology for Decentralized Secure Data Sharing for Security in IoT Value Chains............................. 10 1.3.4 Technologies Facilitating GDPR Compliance.................. 12 1.3.5 Machine Learning and Artificial Intelligence Technologies for Data-driven Security........................................ 13 1.4 Conclusion................................................. 13 Acknowledgments............................................... 14 References...................................................... 14 iii iv Table of Contents Chapter 2 Security Data Modelling for Configurable Risk Assessment as a Service in IoT Systems 17 By Nikos Kefalakis, Angela-Maria Despotopoulou, Spyridon Evangelatos and John Soldatos 2.1 Introduction............................................... 18 2.2 Data-driven Security Architecture............................. 21 2.2.1 Overview.................................................. 21 2.2.2 The Data Management Group............................... 23 2.2.3 The Analytics Group........................................ 23 2.2.4 The Global Repository...................................... 24 2.2.5 The Security and Privacy Group.............................. 25 2.2.6 The Risk Assessment Service Group........................... 26 2.2.7 The Compliance Auditing Service (CAS) Group................ 26 2.2.8 The Programming Support Group............................ 27 2.2.9 The SLA Group............................................ 27 2.3 Data Modelling for Security Systems Interoperability and Configurability............................................. 28 2.3.1 Overview.................................................. 28 2.3.2 Modelling Security Data: The Observation Entity.............. 29 2.3.3 Configuring and Managing the Data Collection and Routing Process: The Data Management Group....................... 30 2.3.4 Modelling Security Analytics: The Analytics Group............. 32 2.3.5 Security Knowledge Base.................................... 33 2.3.6 Modelling for Risk Assessment Services: The Risk Assessment Group.................................................... 33 2.3.7 Configuring the Data-driven Security System: The Configuration Management Database..................... 34 2.3.8 Managing Service Level Agreements (SLA): The SLA Group..... 35 2.4 Risk Assessment Services..................................... 36 2.4.1 Risk Assessment & Mitigation Service Overview and Components.............................................. 36 2.4.2 Risk Assessment & Mitigation Implementation Scenario......... 38 2.4.3 Modelling of Security Information Flows and Reports........... 38 2.4.3.1 Risk Analysis...................................... 40 2.4.3.2 SecureIoT Required Configuration Entities............ 41 2.4.3.3 RA&MS-specific Configuration Entities.............. 44 2.5 Conclusions................................................ 46 Acknowledgments............................................... 47 References...................................................... 47 Table of Contents v Chapter 3 Data-driven IoT Security Using Deep Learning Techniques 49 By Stefanos Astaras, Nikos Kefalakis, Angela-Maria Despotopoulou and John Soldatos 3.1 Introduction............................................... 50 3.2 Methodology and Datasets................................... 53 3.2.1 CRISP-DM Methodology................................... 53 3.2.2 Connected Cars Dataset..................................... 54 3.2.3 Socially Assistive Robots Datasets............................. 54 3.3 Variational Autoencoders for Anomaly Detection................ 55 3.3.1 VAE Architecture........................................... 55 3.3.2 VAE Training.............................................. 57 3.3.3 Algorithm Fitness.......................................... 58 3.4 Application and Validation Results............................ 59 3.4.1 Anomaly Detection in Connected Cars........................ 59 3.4.2 Anomaly Detection in Socially Assistive Robots Use Cases....... 61 3.4.2.1 QT Robot Dataset................................. 61 3.4.2.2 IoT-cloud Platform (CloudCare2U) Dataset........... 62 3.4.3 Prototype Implementation................................... 65 3.5 Conclusions and Discussion.................................. 65 Acknowledgments............................................... 66 References...................................................... 66 Chapter 4 Privacy Awareness, Risk Assessment, and Control Measures in IoT Platforms: BRAIN-IoT Approach 69 By Mohammad Rifat Ahmmad Rashid, Davide Conzon, Xu Tao and Enrico Ferrera 4.1 Introduction............................................... 70 4.2 Literature Review........................................... 71 4.2.1 GDPR Requirements Related to IoT Domain.................. 71 4.2.2 Current Standards and Tools for PIA.......................... 72 4.3 A Conceptual Privacy Awareness Framework.................... 74 4.3.1 Context................................................... 74 4.3.2 Privacy Principles........................................... 75 4.3.3 Privacy Risks............................................... 78 4.3.4 Privacy Compliance Evaluation............................... 79 4.4 Experimental Analysis....................................... 80 4.5 Discussion................................................. 84 4.6 Conclusion and Future Work................................. 85 Acknowledgments............................................... 86 References...................................................... 86 vi Table of Contents Chapter 5 IoT Network Risk Assessment and Mitigation: The SerIoT Approach 88 By Gianmarco Baldini, Piotr Fröhlich, Erol Gelenbe, Jose Luis Hernandez-Ramos, Mateusz Nowak, Slawek Nowak, Stavros Papadopoulos, Anastasis Drosou and Dimitrios Tzovaras 5.1 Introduction............................................... 89 5.2 Risk Management in IoT.................................... 90 5.3 Autopolicy System.......................................... 93 5.4 Towards Distributed Attack Detection......................... 95 5.5 Conclusions................................................ 99 Acknowledgments............................................... 100 References...................................................... 100 Chapter 6 Chariot-integrated Approach to Safety, Privacy, and Security – CHARIOT IPSE 105 By Aydin Ulas, Bora Caglayan, Sofiane Zemouri, George Theofilis, Konstantinos Loupos, Antonis Mygiakis, Andrea Battaglia, Mario Villiani, Christos Skoufis and Stelios Christofi 6.1 The CHARIOT Safety Supervision Engine..................... 106 6.2 The CHARIOT Privacy Engine............................... 110 6.2.1 IoTL Language Extension—Access Control.................... 111 6.3 The CHARIOT Security Engine.............................. 114 6.3.1 Up-to-date Firmware....................................... 115 6.3.2 Firmware Threats and Exploitations........................... 116 6.4 IPSE Dashboard and User Interfacing.......................... 116 6.5 Conclusions and Future Work................................ 119 Acknowledgments............................................... 120 References...................................................... 120 Chapter 7 Pattern-driven Security, Privacy, Dependability and Interoperability in IoT 121 By Nikolaos Petroulakis, Konstantinos Fysarakis, Henrich C. Pöhls, Vivek Kulkarni, George Spanoudakis, Arne Bröring, Manos Papoutsakis, Manolis Michalodimitrakis and Sotiris Ioannidis 7.1 Introduction............................................... 121 7.2 Background and Challenges.................................. 123 7.2.1 IoT Security............................................... 124 7.2.2 Privacy Invasion............................................ 124 7.2.3 Network Dependability..................................... 125 Table of Contents vii 7.2.4 IoT Interoperability......................................... 127 7.2.5 Achieving Security, Privacy, Dependability and Interoperability by Design................................................. 128 7.3 SPDI Patterns.............................................
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages288 Page
-
File Size-