SlideShare a Scribd company logo

The Internet of Things: Privacy and Security Issues

European Union Agency for Network and Information Security (ENISA)
European Union Agency for Network and Information Security (ENISA)

The Internet of Things: Privacy and Security Issues, Stefan Schiffner NIS expert, ENISA

Internet
1 of 21
The Internet of Things: Privacy and Security Issues Stefan Schiffner NIS expert, ENISA European Union Agency for Network and Information Security www.enisa.europa.eu
ENISA’’s Mission European Union Agency for Network and Information Security www.enisa.europa.eu
Securing Europe’s Information Society Operational Office in Athens Seat in Heraklion European Union Agency for Network and Information Security www.enisa.europa.eu
ENISA activities Policy Recommendations Implementation Mobilising Communities Hands on European Union Agency for Network and Information Security www.enisa.europa.eu
Privacy in the internet of things European Union Agency for Network and Information Security www.enisa.europa.eu
What is the internet of things? • Network of interconnected objects for data processing – Cyber physical – Self configuration • Specialized & Embedded – Seamless integration – Reduced HCI • Multiple stake holders – For common or individual goals • Integrated in legacy systems O i i d d t i f t t • Or in independent infrastructure European Union Agency for Network and Information Security www.enisa.europa.eu 6
Privacy concerns • An object can reveal information about the individual • IoT introduces new ways of collecting and processing such information from objects: – collection of data from different sources – correlation and association – > abuse potential S i i d h • Storing is easy and cheap European Union Agency for Network and Information Security www.enisa.europa.eu 7
Security concerns • Objects are small and everywhere – Prone to environmental influences – Unprotected places (unnoticed manipulation) – Weak calculation power (limited crypto) • Autonomous – Acting without user awareness European Union Agency for Network and Information Security www.enisa.europa.eu 8
The data protection challenge and requirements European Union Agency for Network and Information Security www.enisa.europa.eu
Trust assumption for crypto trusted environment trusted environment protected communication adversairial environment European Union Agency for Network and Information Security www.enisa.europa.eu 10
Security silos • The world is divided in In and Out group • They might be nested and intersecting • complex structures • Rather static •• Administrative overhead • Fragile European Union Agency for Network and Information Security www.enisa.europa.eu 11
To avoid new silos we need: • Reduction of management burden wrt security and privacy policies • Dynamic Automatic negotiation of policies •• Resilience • Leads to new (priority) of requirements European Union Agency for Network and Information Security www.enisa.europa.eu 12
Control • How to obtain informed consent? – How can information be presented? – How can individuals have overall control over their data? European Union Agency for Network and Information Security www.enisa.europa.eu 13
Liability and enforcement • Who is responsible • How can rights be exercised – access, deletion • How can data be safeguarded – Detection of attacks and damages European Union Agency for Network and Information Security www.enisa.europa.eu 14
Data Protection requirements • Privacy & security by design • Purpose limitation – no use beyond predefined purposes • Data minimization: – collect & process only necessary data – anonymize or delete data after use • Distributed protection models – move away from walled gardens – multi layer security – Resilience • Automated decisions European Union Agency for Network and Information Security www.enisa.europa.eu 15
The role and needs for standards • Privacy – as part of the IoT ontologies and semantics • New protection protocols • As an integral control mechanism for the development and implementation of M2M architectures European Union Agency for Network and Information Security www.enisa.europa.eu 16
ENISA’s work on IoT & data protection European Union Agency for Network and Information Security www.enisa.europa.eu
ENISA activities Policy Recommendations Implementation Mobilising Communities Hands on European Union Agency for Network and Information Security www.enisa.europa.eu
Current activities • Support all involved stakeholders in the translation of legal requirements to technical solutions: • Privacy by design and by default – Technical tools and mechanisms for information and control – Privacy Principles – Anonymisation and pseudonymisation techniques • Technical protection measures – Cryptographic algorithms, parameters, key sizes European Union Agency for Network and Information Security www.enisa.europa.eu 19
Published Reports – Survey of accountability, trust, consent, tracking, security and privacy mechanisms in online environments (2011) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/survey‐pat – Privacy, Accountability and Trust – Challenges and Opportunities (2011) http://www.enisa.europa.eu/activities/identity‐and‐trust/privacy‐and‐trust/pat/activities‐initiated‐in‐2010 – Bittersweet cookies. Some security and privacy considerations (2011) http://www enisa europa www.enisa.europa.eu/activities/identity‐and‐trust/library/pp/cookies – Study on the use of cryptographic techniques in Europe (2011) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/the‐use‐of‐cryptographic‐techniques‐in‐europe – Report on trust and reputation models (2011) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/trust‐and‐reputation‐models – Study on monetising privacy. An economic model for pricing personal information (2012) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/monetising‐privacy – Study on data collection and storage in the EU (2012) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/data‐collection – Privacy considerations of online behavioural tracking (2012) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/privacy‐considerations‐of‐online‐behavioural‐tracking – The right to be forgotten – between expectations and practice (2012) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/the‐right‐to‐be‐forgotten – Security certification practice in the EU ‐ Information Security Management Systems ‐ A case study (November,2013) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/security‐certification‐practice‐in‐the‐eu‐information‐security‐management‐systems‐a‐case‐study – Algorithms, Key Sizes and Parameters Report. 2013 Recommendations (October 2013) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/algorithms‐key‐sizes‐and‐parameters‐report – Recommended cryptographic measures ‐ Securing personal data (November 2013) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/recommended‐cryptographic‐measures‐securing‐personal‐data – Securing personal data in the context of data retention. Analysis and recommendations (December 2013) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/securing‐personal‐data‐in‐the‐context‐of‐data‐retention – On the security, privacy and usability of online seals. An overview . (December 2013) http://www www.enisa enisa.europa europa.eu/activities/identity identity‐and and‐trust/library/deliverables/on on‐the the‐security security‐privacy privacy‐and and‐usability usability‐of of‐online online‐seals European Union Agency for Network and Information Security www.enisa.europa.eu 20
Thank you very much for your attention Follow ENISA: European Union Agency for Network and Information Security www.enisa.europa.eu

Recommended

A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
University of Ontario Institute of Technology (UOIT)
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of Things
Somasundaram Jambunathan
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
Anastasios Economides
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot device
Mayank Pandey
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Stanford School of Engineering
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
CableLabs
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
sreelekha appakondappagari
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
CableLabs
 

Recommended

A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
University of Ontario Institute of Technology (UOIT)
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of Things
Somasundaram Jambunathan
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
Anastasios Economides
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot device
Mayank Pandey
 
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of ThingsMark Horowitz - Stanford Engineering - Securing the Internet of Things
Mark Horowitz - Stanford Engineering - Securing the Internet of Things
Stanford School of Engineering
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
CableLabs
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
sreelekha appakondappagari
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
CableLabs
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
Automatski - The Internet of Things - Privacy in IoT
Automatski - The Internet of Things - Privacy in IoTAutomatski - The Internet of Things - Privacy in IoT
Automatski - The Internet of Things - Privacy in IoT
automatskicorporation
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prusty
amarprusty
 
IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015
Hildebrand Technology
 
Security in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) EcosystemSecurity in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) Ecosystem
rahulbindra
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
Eurotech
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
CableLabs
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
Usman Anjum
 
IoT Security
IoT SecurityIoT Security
IoT Security
Peter Waher
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
Security and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT EnvironmentSecurity and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT Environment
Dr. Amarjeet Singh
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
Radouane Mrabet
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT Colleges
Potato
 
Iot and ethics
Iot and ethicsIot and ethics
Iot and ethics
Erling Hesselberg
 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.
Dr. Michael Agbaje
 
Internet of things security challenges
Internet of things security challengesInternet of things security challenges
Internet of things security challenges
Hadi Fadlallah
 
Internet of things
Internet of thingsInternet of things
Internet of things
varungoyal98
 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
Clearnetwork
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List Conference
Cigdem Sengul
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
SecPod Technologies
 
Trustworthy infrastructure for personal data management
Trustworthy infrastructure for personal data management Trustworthy infrastructure for personal data management
Trustworthy infrastructure for personal data management
European Union Agency for Network and Information Security (ENISA)
 
Protecting Europe's Network Infrastructure
Protecting Europe's Network Infrastructure Protecting Europe's Network Infrastructure
Protecting Europe's Network Infrastructure
European Union Agency for Network and Information Security (ENISA)
 

More Related Content

What's hot

Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
Security and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT EnvironmentSecurity and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT Environment
Dr. Amarjeet Singh
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT Colleges
Potato
 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.
Dr. Michael Agbaje
 

What's hot (20)

IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Automatski - The Internet of Things - Privacy in IoT
Automatski - The Internet of Things - Privacy in IoTAutomatski - The Internet of Things - Privacy in IoT
Automatski - The Internet of Things - Privacy in IoT
 
Iot security amar prusty
Iot security amar prustyIot security amar prusty
Iot security amar prusty
 
IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015IoT: Security & Privacy at IGNITE 2015
IoT: Security & Privacy at IGNITE 2015
 
Security in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) EcosystemSecurity in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) Ecosystem
 
IoT Security Elements
IoT Security ElementsIoT Security Elements
IoT Security Elements
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
 
Security and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT EnvironmentSecurity and Privacy Issues in IoT Environment
Security and Privacy Issues in IoT Environment
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT Colleges
 
Iot and ethics
Iot and ethicsIot and ethics
Iot and ethics
 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.
 
Internet of things security challenges
Internet of things security challengesInternet of things security challenges
Internet of things security challenges
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
Cybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by ClearnetworkCybersecurity: A Manufacturers Guide by Clearnetwork
Cybersecurity: A Manufacturers Guide by Clearnetwork
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List Conference
 
Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)Hacking Internet of Things (IoT)
Hacking Internet of Things (IoT)
 

Similar to The Internet of Things: Privacy and Security Issues

Cybercrime Risks Eu
Cybercrime Risks EuCybercrime Risks Eu
Cybercrime Risks Eu
manelmedina
 
Isoc2011 new release
Isoc2011 new releaseIsoc2011 new release
Isoc2011 new release
Elena Zvarici
 

Similar to The Internet of Things: Privacy and Security Issues (20)

Trustworthy infrastructure for personal data management
Trustworthy infrastructure for personal data management Trustworthy infrastructure for personal data management
Trustworthy infrastructure for personal data management
 
Protecting Europe's Network Infrastructure
Protecting Europe's Network Infrastructure Protecting Europe's Network Infrastructure
Protecting Europe's Network Infrastructure
 
The European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agendaThe European cyber security cPPP strategic research & innovation agenda
The European cyber security cPPP strategic research & innovation agenda
 
Resilience of the Interdomain Routing System
Resilience of the Interdomain Routing System Resilience of the Interdomain Routing System
Resilience of the Interdomain Routing System
 
European priorities in information security
European priorities in information securityEuropean priorities in information security
European priorities in information security
 
BigDataEurope - Big Data & Transport
BigDataEurope - Big Data & TransportBigDataEurope - Big Data & Transport
BigDataEurope - Big Data & Transport
 
Enisa and cyber security standards
Enisa and cyber security standardsEnisa and cyber security standards
Enisa and cyber security standards
 
FIRE overview
FIRE overviewFIRE overview
FIRE overview
 
Steve Purser
Steve Purser Steve Purser
Steve Purser
 
European Critical Internet Infrastructure: past, present and future challenges
European Critical Internet Infrastructure: past, present and future challengesEuropean Critical Internet Infrastructure: past, present and future challenges
European Critical Internet Infrastructure: past, present and future challenges
 
Cybercrime Risks Eu
Cybercrime Risks EuCybercrime Risks Eu
Cybercrime Risks Eu
 
PrivacyOS2009
PrivacyOS2009PrivacyOS2009
PrivacyOS2009
 
28032012 Jacques Bus Privacy en Identiteit in Europese richtlijnen en program...
28032012 Jacques Bus Privacy en Identiteit in Europese richtlijnen en program...28032012 Jacques Bus Privacy en Identiteit in Europese richtlijnen en program...
28032012 Jacques Bus Privacy en Identiteit in Europese richtlijnen en program...
 
EU data protection issues in IoT
EU data protection issues in IoTEU data protection issues in IoT
EU data protection issues in IoT
 
Day 02 - EDPS Technology & Privacy unit.pdf
Day 02 - EDPS Technology & Privacy unit.pdfDay 02 - EDPS Technology & Privacy unit.pdf
Day 02 - EDPS Technology & Privacy unit.pdf
 
Big Data Europe SC6 WS 3: Where we are and are going for Big Data in OpenScie...
Big Data Europe SC6 WS 3: Where we are and are going for Big Data in OpenScie...Big Data Europe SC6 WS 3: Where we are and are going for Big Data in OpenScie...
Big Data Europe SC6 WS 3: Where we are and are going for Big Data in OpenScie...
 
Gérald Santucci
Gérald SantucciGérald Santucci
Gérald Santucci
 
Isoc2011 new release
Isoc2011 new releaseIsoc2011 new release
Isoc2011 new release
 
North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...
 
Smartie - Project overview
Smartie - Project overview Smartie - Project overview
Smartie - Project overview
 

Recently uploaded

Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Delhi Call girls
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
SUHANI PANDEY
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
Escorts Call Girls
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
ruhi
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
soniya singh
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Sheetaleventcompany
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
sexy call girls service in goa
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
Neha Pandey
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
soniya singh
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
kojalkojal131
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
imonikaupta
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
SUHANI PANDEY
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Chandigarh Call girls 9053900678 Call girls in Chandigarh
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
SUHANI PANDEY
 

Recently uploaded (20)

Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 

The Internet of Things: Privacy and Security Issues

  • 1. The Internet of Things: Privacy and Security Issues Stefan Schiffner NIS expert, ENISA European Union Agency for Network and Information Security www.enisa.europa.eu
  • 2. ENISA’’s Mission European Union Agency for Network and Information Security www.enisa.europa.eu
  • 3. Securing Europe’s Information Society Operational Office in Athens Seat in Heraklion European Union Agency for Network and Information Security www.enisa.europa.eu
  • 4. ENISA activities Policy Recommendations Implementation Mobilising Communities Hands on European Union Agency for Network and Information Security www.enisa.europa.eu
  • 5. Privacy in the internet of things European Union Agency for Network and Information Security www.enisa.europa.eu
  • 6. What is the internet of things? • Network of interconnected objects for data processing – Cyber physical – Self configuration • Specialized & Embedded – Seamless integration – Reduced HCI • Multiple stake holders – For common or individual goals • Integrated in legacy systems O i i d d t i f t t • Or in independent infrastructure European Union Agency for Network and Information Security www.enisa.europa.eu 6
  • 7. Privacy concerns • An object can reveal information about the individual • IoT introduces new ways of collecting and processing such information from objects: – collection of data from different sources – correlation and association – > abuse potential S i i d h • Storing is easy and cheap European Union Agency for Network and Information Security www.enisa.europa.eu 7
  • 8. Security concerns • Objects are small and everywhere – Prone to environmental influences – Unprotected places (unnoticed manipulation) – Weak calculation power (limited crypto) • Autonomous – Acting without user awareness European Union Agency for Network and Information Security www.enisa.europa.eu 8
  • 9. The data protection challenge and requirements European Union Agency for Network and Information Security www.enisa.europa.eu
  • 10. Trust assumption for crypto trusted environment trusted environment protected communication adversairial environment European Union Agency for Network and Information Security www.enisa.europa.eu 10
  • 11. Security silos • The world is divided in In and Out group • They might be nested and intersecting • complex structures • Rather static •• Administrative overhead • Fragile European Union Agency for Network and Information Security www.enisa.europa.eu 11
  • 12. To avoid new silos we need: • Reduction of management burden wrt security and privacy policies • Dynamic Automatic negotiation of policies •• Resilience • Leads to new (priority) of requirements European Union Agency for Network and Information Security www.enisa.europa.eu 12
  • 13. Control • How to obtain informed consent? – How can information be presented? – How can individuals have overall control over their data? European Union Agency for Network and Information Security www.enisa.europa.eu 13
  • 14. Liability and enforcement • Who is responsible • How can rights be exercised – access, deletion • How can data be safeguarded – Detection of attacks and damages European Union Agency for Network and Information Security www.enisa.europa.eu 14
  • 15. Data Protection requirements • Privacy & security by design • Purpose limitation – no use beyond predefined purposes • Data minimization: – collect & process only necessary data – anonymize or delete data after use • Distributed protection models – move away from walled gardens – multi layer security – Resilience • Automated decisions European Union Agency for Network and Information Security www.enisa.europa.eu 15
  • 16. The role and needs for standards • Privacy – as part of the IoT ontologies and semantics • New protection protocols • As an integral control mechanism for the development and implementation of M2M architectures European Union Agency for Network and Information Security www.enisa.europa.eu 16
  • 17. ENISA’s work on IoT & data protection European Union Agency for Network and Information Security www.enisa.europa.eu
  • 18. ENISA activities Policy Recommendations Implementation Mobilising Communities Hands on European Union Agency for Network and Information Security www.enisa.europa.eu
  • 19. Current activities • Support all involved stakeholders in the translation of legal requirements to technical solutions: • Privacy by design and by default – Technical tools and mechanisms for information and control – Privacy Principles – Anonymisation and pseudonymisation techniques • Technical protection measures – Cryptographic algorithms, parameters, key sizes European Union Agency for Network and Information Security www.enisa.europa.eu 19
  • 20. Published Reports – Survey of accountability, trust, consent, tracking, security and privacy mechanisms in online environments (2011) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/survey‐pat – Privacy, Accountability and Trust – Challenges and Opportunities (2011) http://www.enisa.europa.eu/activities/identity‐and‐trust/privacy‐and‐trust/pat/activities‐initiated‐in‐2010 – Bittersweet cookies. Some security and privacy considerations (2011) http://www enisa europa www.enisa.europa.eu/activities/identity‐and‐trust/library/pp/cookies – Study on the use of cryptographic techniques in Europe (2011) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/the‐use‐of‐cryptographic‐techniques‐in‐europe – Report on trust and reputation models (2011) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/trust‐and‐reputation‐models – Study on monetising privacy. An economic model for pricing personal information (2012) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/monetising‐privacy – Study on data collection and storage in the EU (2012) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/data‐collection – Privacy considerations of online behavioural tracking (2012) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/privacy‐considerations‐of‐online‐behavioural‐tracking – The right to be forgotten – between expectations and practice (2012) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/the‐right‐to‐be‐forgotten – Security certification practice in the EU ‐ Information Security Management Systems ‐ A case study (November,2013) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/security‐certification‐practice‐in‐the‐eu‐information‐security‐management‐systems‐a‐case‐study – Algorithms, Key Sizes and Parameters Report. 2013 Recommendations (October 2013) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/algorithms‐key‐sizes‐and‐parameters‐report – Recommended cryptographic measures ‐ Securing personal data (November 2013) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/recommended‐cryptographic‐measures‐securing‐personal‐data – Securing personal data in the context of data retention. Analysis and recommendations (December 2013) http://www.enisa.europa.eu/activities/identity‐and‐trust/library/deliverables/securing‐personal‐data‐in‐the‐context‐of‐data‐retention – On the security, privacy and usability of online seals. An overview . (December 2013) http://www www.enisa enisa.europa europa.eu/activities/identity identity‐and and‐trust/library/deliverables/on on‐the the‐security security‐privacy privacy‐and and‐usability usability‐of of‐online online‐seals European Union Agency for Network and Information Security www.enisa.europa.eu 20
  • 21. Thank you very much for your attention Follow ENISA: European Union Agency for Network and Information Security www.enisa.europa.eu