issuhub.com

Internet of Things Architecture

(Elliott) #1 
Avoid transmitting

identifiers in clear

Encryption

mechanisms for

wireless connections

(DC P.3)

No impact

Integration of a

wireless security

algorithm (DC P.4)

Minimize

unauthorized

access to implicit

information

Access control

management (DC P.5)

Stored Information

must be managed in a

way to support access

control mechanisms

(DC P.6)

IoT-A Authorisation FC

(DC P.7)

Enablement of a

scalable and secure

key distribution

between

communicating

subjects (DC P.8)

No impact

Encrypt

communication with

Resolution

Components and with

Services (e.g. KEM

FC) (DC P.9)

Enable the user to

control the privacy

settings

Addresses privacy

questions so that a

user can operate

anonymously (DC

P.10)

No impact

IoT-A Identity

Management FC (DC

P.11)

Privacy-aware

identification

Authentication of the

responding host, the

initiating host can stay

anonymous (DC P.12)

No impact

Requires TLS and

DTLS support (DC

P.13)

Table 26 : Tactics and corresponding Design Choices for Privacy.

Pseudonymisation


The tactic ―Pseudonymisation‖ refers to a procedure by which fields that enable
identification of a user within a data record or subject are replaced by one or
more artificial identifiers. The purpose is to render the subject less identifiable
and this way lower IoT user (e.g. customer or patient) objections to its use. This
is functionally implemented by the creation of a fictional identity (e.g. root
identity, secondary identity, pseudonym, or group identity) and can be realised
by integrating the IoT-A Identity Management FC (Section 3.7.3).


Avoid transmitting identifiers in clear


The transmission of identifiers in clear should be avoided in general. In a WSN,
a base station is not only in charge of collecting and analyzing data, but also
used as the gateway connecting the WSN with outside wireless or wired
network. In order to have a defence against local adversaries, the location
information or identifier of the base station is sent in clear in many protocols.
This information must be hidden from an eavesdropper, which can be done by
traditional cryptographic techniques (encryption). One option for encrypting
wireless connections is the integration of a wireless security algorithm proposed
by [Peris-Lopez 2007].


Minimize unauthorized access to implicit information

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2024. All rights reserved.