protecing data security and privacy in internet of things Open Access
Downloadable ContentDownload PDF
Internet of Things (IoT) describes the ubiquitous connection of everyday objects. With the dramatically increasing deployment of IoT devices, tremendous interactions between physical objects are enabled, which brings improved efficiency, accuracy and economicbenefits while reducing human interventions. However, in IoT systems such as smart grid, smart home, and implantable medical systems, sensitive user data can be leaked to outside adversaries and the service provider. The problem is hard to solve: firstly, IoT devices are power-restricted, and traditional cryptographic mechanisms cannot be directly applied; secondly, service providers usually need to collect data from IoT devices for data aggregations, which leads to the following challenge: how to protect security and data privacy from the service providers while still maintaining the service?In my work, data protection is considered in two aspects: data aggregation and data storage. For example, in a smart grid system, smarter meters report fine-grained data to the server for data aggregation. However, exposing user's data will leak private information of user's daily activities, and the privacy of fine-grained data should be protected. Recent works have suggested using homomorphic encryption to protect data privacy. However, homomorphic encryption consumes too much computation and is not suitable for this application. To solve this problem, we define a novel problem, and the solution to this problem leads to a secure and efficient protocol in smart grid data aggregation. Date storage is another aspect we consider. In a traditional IoT structure, sensitive patient data is collected and sent to a centralized server for storage. This indicates high storage requirement of the server, and the risk of information leakage from the server. Therefore, a secure decentralized structure is in need for IoT data storage. In this dissertation, smart shopping and smart home systems are also studied as two typical IoT systems. Particularly, the first secure smart shopping system is proposed, and a smart shopping cart prototype is designed and tested. Furthermore, a secure and efficient protocol based on chaotic cryptography is designed for smart home system.