Introduction to the Special Issue on Security and Privacy for Connected Cyber-physical Systems

IF 2 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS ACM Transactions on Cyber-Physical Systems Pub Date : 2020-12-30 DOI:10.1145/3431201
Moreno Ambrosin, M. Conti, R. Lazzeretti, Chia-Mu Yu
{"title":"Introduction to the Special Issue on Security and Privacy for Connected Cyber-physical Systems","authors":"Moreno Ambrosin, M. Conti, R. Lazzeretti, Chia-Mu Yu","doi":"10.1145/3431201","DOIUrl":null,"url":null,"abstract":"Cyber-Physical Systems (CPS) are becoming pervasive and changing our lives. Smart cyberphysical devices can be used in many different fields, such as connected vehicles, smart homes, mobile social networks and Internet of People, and Industrial Cyber-Physical Systems. CPS devices usually leverage on Machine-to-Machine (M2M) communication. This allows these devices to operate in interconnected groups, enabling them to autonomously perform critical operations, take decisions, or perform tasks that single devices cannot do. As we move towards an era of “automation,” interconnected CPS certainly make their existence as a panacea to address several issues in the smart world, but also are an attractive target for attackers, which can operate on single devices or on the whole network. In fact, these devices are usually resource-constrained and unable to defend themselves against security threats. Even a single compromised node in a group of cooperating devices can pose a serious security threat, e.g., by either disrupting communications (and thus the coordination) within the group, or sharing critical information to unauthorized external parties. Attackers can use devices as a vector to other targets, as in the case of Denial of Service (DoS) attacks, interfere with the normal functionality of the network to force abnormal behaviors, or simply infer private information through compromised devices. As such, security and privacy are a major concern to guarantee both the correct operational capabilities of devices and prevent data thefts and/or privacy violations. This special issue provides significant contributions for the improvement of different interconnected Cyber-physical Systems in several fields with the goal of improving their security and/or privacy. We start our special issue with two articles focusing on smart home security. Kafle et al. provide a systematic security analysis of Google Nest and Philips Hue, two widely popular data store-based smart home platforms. In “Security in Centralized Data Store-based Home Automation Platforms: A Systematic Analysis of Nest and Hue,” authors evaluate the security of the two platforms, identify vulnerabilities in them, and propose solutions for their mitigations. In “Canopy: A Verifiable Privacy-preserving Token Ring–based Communication Protocol for Smart Homes,” Panwar et al. propose a protocol that prevents privacy breaches in smart homes that can arise from the analysis of the traffic generated by smart devices. The protocol is based on a cryptographically secure token circulation in a ring network to which smart home devices are connected. We then continue with two articles whose subject is the network of connected people. Azad et al. in “Privacy-preserving Crowd-sensed Trust Aggregation in the User-centric Internet of People Networks” propose a protocol that uses homomorphic cryptosystem in a decentralized way","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":"5 1","pages":"1 - 2"},"PeriodicalIF":2.0000,"publicationDate":"2020-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1145/3431201","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Cyber-Physical Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3431201","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
引用次数: 0

Abstract

Cyber-Physical Systems (CPS) are becoming pervasive and changing our lives. Smart cyberphysical devices can be used in many different fields, such as connected vehicles, smart homes, mobile social networks and Internet of People, and Industrial Cyber-Physical Systems. CPS devices usually leverage on Machine-to-Machine (M2M) communication. This allows these devices to operate in interconnected groups, enabling them to autonomously perform critical operations, take decisions, or perform tasks that single devices cannot do. As we move towards an era of “automation,” interconnected CPS certainly make their existence as a panacea to address several issues in the smart world, but also are an attractive target for attackers, which can operate on single devices or on the whole network. In fact, these devices are usually resource-constrained and unable to defend themselves against security threats. Even a single compromised node in a group of cooperating devices can pose a serious security threat, e.g., by either disrupting communications (and thus the coordination) within the group, or sharing critical information to unauthorized external parties. Attackers can use devices as a vector to other targets, as in the case of Denial of Service (DoS) attacks, interfere with the normal functionality of the network to force abnormal behaviors, or simply infer private information through compromised devices. As such, security and privacy are a major concern to guarantee both the correct operational capabilities of devices and prevent data thefts and/or privacy violations. This special issue provides significant contributions for the improvement of different interconnected Cyber-physical Systems in several fields with the goal of improving their security and/or privacy. We start our special issue with two articles focusing on smart home security. Kafle et al. provide a systematic security analysis of Google Nest and Philips Hue, two widely popular data store-based smart home platforms. In “Security in Centralized Data Store-based Home Automation Platforms: A Systematic Analysis of Nest and Hue,” authors evaluate the security of the two platforms, identify vulnerabilities in them, and propose solutions for their mitigations. In “Canopy: A Verifiable Privacy-preserving Token Ring–based Communication Protocol for Smart Homes,” Panwar et al. propose a protocol that prevents privacy breaches in smart homes that can arise from the analysis of the traffic generated by smart devices. The protocol is based on a cryptographically secure token circulation in a ring network to which smart home devices are connected. We then continue with two articles whose subject is the network of connected people. Azad et al. in “Privacy-preserving Crowd-sensed Trust Aggregation in the User-centric Internet of People Networks” propose a protocol that uses homomorphic cryptosystem in a decentralized way
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
“互联网络物理系统的安全和隐私”特刊简介
信息物理系统(CPS)正变得无处不在,并改变着我们的生活。智能网络物理设备可以应用于许多不同的领域,如互联汽车、智能家居、移动社交网络和人联网、工业网络物理系统等。CPS设备通常利用机器对机器(M2M)通信。这允许这些设备在相互连接的组中运行,使它们能够自主执行关键操作、做出决策或执行单个设备无法完成的任务。随着我们走向“自动化”时代,相互连接的CPS肯定会成为解决智能世界中几个问题的灵丹妙药,但也会成为攻击者的一个有吸引力的目标,攻击者可以在单个设备或整个网络上操作。实际上,这些设备通常资源有限,无法抵御安全威胁。即使是一组协作设备中的单个受损节点也可能构成严重的安全威胁,例如,通过破坏组内的通信(从而破坏协调),或向未经授权的外部方共享关键信息。攻击者可以使用设备作为攻击其他目标的载体,例如在拒绝服务(DoS)攻击的情况下,干扰网络的正常功能以强制执行异常行为,或者简单地通过受损设备推断私人信息。因此,安全和隐私是保证设备正确操作能力和防止数据盗窃和/或隐私侵犯的主要关注点。本特刊为改进不同的互联网络物理系统在几个领域提供了重要的贡献,目的是提高其安全性和/或隐私。我们以两篇关于智能家居安全的文章作为特刊的开始。Kafle等人对谷歌Nest和Philips Hue这两个广受欢迎的基于数据存储的智能家居平台进行了系统的安全分析。在“基于集中式数据存储的家庭自动化平台的安全性:对Nest和Hue的系统分析”中,作者评估了这两个平台的安全性,确定了其中的漏洞,并提出了缓解这些漏洞的解决方案。在“Canopy:一种用于智能家居的可验证的隐私保护令牌环通信协议”中,Panwar等人提出了一种协议,可以防止智能家居中因分析智能设备产生的流量而导致的隐私泄露。该协议基于智能家居设备连接的环形网络中的加密安全令牌循环。然后我们继续看两篇文章,它们的主题是相互联系的人的网络。Azad等人在“以用户为中心的互联网中的隐私保护人群感知信任聚合”中提出了一种以去中心化方式使用同态密码系统的协议
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
ACM Transactions on Cyber-Physical Systems
ACM Transactions on Cyber-Physical Systems COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-
CiteScore
5.70
自引率
4.30%
发文量
40
期刊最新文献
On Cyber-Physical Fault Resilience in Data Communication: A Case From A LoRaWAN Network Systems Design DistressNet-NG: A Resilient Data Storage and Sharing Framework for Mobile Edge Computing in Cyber-Physical Systems A Blockchain Architecture to Increase the Resilience of Industrial Control Systems from the Effects of a Ransomware Attack: A Proposal and Initial Results A Combinatorial Optimization Analysis Method for Detecting Malicious Industrial Internet Attack Behaviors Statistical Verification using Surrogate Models and Conformal Inference and a Comparison with Risk-aware Verification
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1