Security and PrIvacy foR the Internet of Things


  • Gareth Howells, coordinator, University of Kent / EDA, UK
  • Jean-Marc Ogier, Yacine Ghamri-Doudane, Petra Gomez-Krämer, Universite de La Rochelle, FR
  • Klaus McDonald- Maier, University of Essex, UK
  • Gilles Falquet, University of Geneva, CH

As the adoption of digital technologies expands, it becomes vital to build trust and confidence in the integrity of such technology. The SPIRIT project will investigate the Proof-of Concept of employing novel secure and privacy-ensuring techniques in services set-up in the Internet of Things (IoT) environment, aiming to increase the trust of users in IoT-based systems. The proposed system will address distinct issues related to security and privacy, hence, overcoming the lack of user confidence, which inhibits utilisation of IoT technology.

The proposed system will integrate three highly novel technology concepts developed independently by the consortium partners. Specifically, a technology, termed ICMetrics, for deriving encryption keys directly from the operating characteristics of digital devices comprising the Internet of Things (IoT) in order to provide an authentication framework for their operation. This prevents spoofing of such devices compromising users’ confidential data, and hence leading to increasing the trust and providence of such devices. This technology has been developed by the Universities of Kent and Essex in the UK.

Another technology, termed a Semantic firewall, is a highly flexible network security system, developed by the University of La Rochelle (ULR) in France. The semantic firewall is able to allow or deny the transmission of data derived from an IoT device according to the information contained within the data and the information gathered about the requester, hence ensuring that access to such data is governed by the access permissions commensurate with the requester.

Thirdly, a technology based on creating a content-based signature of user data /documents, in order to ensure the integrity of sent data upon arrival. This technology has also been developed at the University of La Rochelle but not as yet employed in the IoT domain.

The integration of these technologies will be demonstrated in use case scenario in an IoT based service. In the demonstrator, data extraction and analysis will also be carried out, in order to produce content and semantic information needed by both the content-based signature and the semantic firewall technologies. This part will be carried out jointly by the University of La Rochelle and the University of Geneva in Switzerland. This project aims to build upon the highly significant results produced by the partners and to research the challenges of how these technologies can be adapted for IoT environment.