Difference between revisions of "IoTSec:Y1 Suggestions Research Council"
From its-wiki.no
Josef.Noll (Talk | contribs) |
Josef.Noll (Talk | contribs) (→IoTSec recommendations for future research) |
||
| Line 1: | Line 1: | ||
== IoTSec recommendations for future research == | == IoTSec recommendations for future research == | ||
| − | + | High-level recommendations and more detailed research specific challenges as identified by IoTSec (''Nov2016'') | |
| + | |||
* '''Privacy labelling''': We have identified privacy labelling as a potential for making privacy work into a commercially viable alternative for companies that put more privacy into their products, apps, services. These can be seen for privacy the same as the energy labels for electronic equipment. | * '''Privacy labelling''': We have identified privacy labelling as a potential for making privacy work into a commercially viable alternative for companies that put more privacy into their products, apps, services. These can be seen for privacy the same as the energy labels for electronic equipment. | ||
* '''Regulations and policies''': Development in this area is going to be so fast that we need closer collaboration with regulative bodies. | * '''Regulations and policies''': Development in this area is going to be so fast that we need closer collaboration with regulative bodies. | ||
| Line 6: | Line 7: | ||
* '''Early design''': Use of fast prototyping and visualisation as a tool for reducing research cost. When ideas are tested in early stage, critical mistakes may be avoided, thus saving resources. | * '''Early design''': Use of fast prototyping and visualisation as a tool for reducing research cost. When ideas are tested in early stage, critical mistakes may be avoided, thus saving resources. | ||
| − | Research specific challenges | + | |
| + | ==Research specific challenges== | ||
* '''Complexity''' due to the concurrency and distributed nature of IoT systems | * '''Complexity''' due to the concurrency and distributed nature of IoT systems | ||
| − | * '''Context-centric computation''', since the IoT devices, e.g., in the Smart Home, must be aware of the humans | + | * '''Context-centric computation''', since the IoT devices, e.g., in the Smart Home, must be aware of the humans. Includes also concepts for privacy-aware cloud computing, e.g. fog/edge computing |
| − | * '''Lack of semantics''', since IoT systems would produce large amounts of data, | + | * '''Lack of semantics''', since IoT systems would produce large amounts of data, need semantic information in order to become usable. |
* '''Models vs. programs''': Analysis and evaluation for agile prototyping based on executable models and semantic-based tools, as and evolution from programming and their low-level tools. | * '''Models vs. programs''': Analysis and evaluation for agile prototyping based on executable models and semantic-based tools, as and evolution from programming and their low-level tools. | ||
* '''Semantics for Security and Privacy''': Semantic technologies and ontologies are need to establish a unified terminology for fields of privacy and security. This would provide machine-readable data and would allow development of more automated tools. | * '''Semantics for Security and Privacy''': Semantic technologies and ontologies are need to establish a unified terminology for fields of privacy and security. This would provide machine-readable data and would allow development of more automated tools. | ||
* '''Edge and fog computing''' for privacy | * '''Edge and fog computing''' for privacy | ||
| − | * '''Measurable security and privacy''': | + | * '''Measurable security and privacy''': A novel concept being in conflict with some purist researchers in security. Though, part of day-to-day business in companies, often entitled as "risk analysis". We see a lack of automated tools and methodologies to help in measuring such important “unmeasurable” aspects like security, privacy, or robustness, which are essential in evaluating smart infrastructures. |
| − | + | * '''Metrics''' for translating (functional and non-functional) security into measurable units, e.g. AES 2048 = 85(?) (scale: 0...100) | |
| − | '' | + | |
Revision as of 22:47, 21 November 2016
| Security in IoT for Smart Grids | |||||||
|---|---|---|---|---|---|---|---|
|
|
IoTSec recommendations for future research
High-level recommendations and more detailed research specific challenges as identified by IoTSec (Nov2016)
- Privacy labelling: We have identified privacy labelling as a potential for making privacy work into a commercially viable alternative for companies that put more privacy into their products, apps, services. These can be seen for privacy the same as the energy labels for electronic equipment.
- Regulations and policies: Development in this area is going to be so fast that we need closer collaboration with regulative bodies.
- User-involvement: Research should be directed more towards the society, towards people. Incorporate citizens in projects, give them power to participate.
- Early design: Use of fast prototyping and visualisation as a tool for reducing research cost. When ideas are tested in early stage, critical mistakes may be avoided, thus saving resources.
Research specific challenges
- Complexity due to the concurrency and distributed nature of IoT systems
- Context-centric computation, since the IoT devices, e.g., in the Smart Home, must be aware of the humans. Includes also concepts for privacy-aware cloud computing, e.g. fog/edge computing
- Lack of semantics, since IoT systems would produce large amounts of data, need semantic information in order to become usable.
- Models vs. programs: Analysis and evaluation for agile prototyping based on executable models and semantic-based tools, as and evolution from programming and their low-level tools.
- Semantics for Security and Privacy: Semantic technologies and ontologies are need to establish a unified terminology for fields of privacy and security. This would provide machine-readable data and would allow development of more automated tools.
- Edge and fog computing for privacy
- Measurable security and privacy: A novel concept being in conflict with some purist researchers in security. Though, part of day-to-day business in companies, often entitled as "risk analysis". We see a lack of automated tools and methodologies to help in measuring such important “unmeasurable” aspects like security, privacy, or robustness, which are essential in evaluating smart infrastructures.
- Metrics for translating (functional and non-functional) security into measurable units, e.g. AES 2048 = 85(?) (scale: 0...100)