Abstract
In this paper, we summarize a new approach to make security and privacy issues in the Internet of Things (IoT) more transparent for vulnerable users. As a pilot project, we investigate monitoring of Alzheimer’s patients for a low-cost early warning system based on bio-markers supported with smart technologies. To provide trustworthy and secure IoT infrastructures, we employ formal methods and techniques that allow specification of IoT scenarios with human actors, refinement and analysis of attacks and generation of certified code for IoT component architectures.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
SUCCESS: SecUre aCCESSibility for the internet of things. CHIST-ERA (2016). http://www.chistera.eu/projects/success
Basu, A., Bensalem, S., Bozga, M., Combaz, J., Jaber, M., Nguyen, T.-H., Sifakis, J.: Rigorous component-based system design using the BIP framework. IEEE Softw. 28(3), 41–48 (2011)
Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.I.A.: Time-dependent analysis of attacks. In: Principles of Security and Trust, POST 2014. LNCS, pp. 285–305 (2014)
Kammüller, F.: Formal modeling and analysis with humans in infrastructures for IoT healthcare systems. In: 5th International Conference on Human Aspects of Information Security, Privacy, and Trust, HAS 2017, co-located with HCII 2017. LNAI. Springer, Heidelberg (2017)
Ben Said, N., Abdellatif, T., Bensalem, S., Bozga, M.: Model-driven information flow security for component-based systems. In: ETAPS Workshop ‘From Programs to Systems’, FPS@ETAPS, vol. 2014, pp. 1–20 (2014)
Kammüller, F., Probst, C.W.: Modeling and verification of insider threats using logical analysis. IEEE Syst. J. PP(99), 1–12 (2016)
Kammüller, F., Kerber, M., Probst, C.W.: Insider threats for auctions: formal modeling, proof, and certified code. Spec. Issue J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. (JoWUA) 8(1), 44–78 (2017)
Schneier, B.: Secrets and Lies: Digital Security in a Networked World. Wiley, New York (2004)
Wikipedia: Bluetooth. https://en.wikipedia.org/wiki/Bluetooth. Accessed 4 Mar 2017
JSON. ECMA-404: The JSON Data Interchange Standard (2017). http://www.json.org
OASIS: Web services security: SOAP message security. Working Draft 13, Document identifier: WSS: SOAP Message Security -13, OASIS Open 2002. http://www.oasis-open.org/committees/documents.php
Paulson, L.C.: Inductive analysis of the internet protocol TLS. ACM Trans. Inf. Syst. Secur. 2(3), 332–351 (1999)
Kammüller, F.: Verification of DNSsec delegation signatures. In: 21st International Conference on Telecommunication. IEEE (2014)
Wong, F.-L., Stajano, F., Clulow, J.: Repairing the bluetooth pairing protocol. In: Security Protocols 2005. LNCS, vol. 4631, pp. 31–45. Springer, Heidelberg (2007)
Acknowledgments
Part of the research leading to these results has received funding from the European Union (CHIST-ERA 2015) under grant agreement no. 102112 (SUCCESS). This publication reflects only the authors’ views and the Union is not liable for any use that may be made of the information contained herein.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Kammüller, F. (2018). Human Centric Security and Privacy for the IoT Using Formal Techniques. In: Nicholson, D. (eds) Advances in Human Factors in Cybersecurity. AHFE 2017. Advances in Intelligent Systems and Computing, vol 593. Springer, Cham. https://doi.org/10.1007/978-3-319-60585-2_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-60585-2_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-60584-5
Online ISBN: 978-3-319-60585-2
eBook Packages: EngineeringEngineering (R0)