A digital identity stack to improve privacy in the IoT

Stephen Wilson, Nour Moustafa, Elena Sitnikova

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Citations (Scopus)

Abstract

The Internet of Things increasingly involves collection, processing and transmission of a wide variety of data to services and other devices. Business and engineering considerations are both increasing the volumes and detail of IoT data flows. Reasonably obvious privacy risks result from IoT-connected devices when they emit identifiable information, for this can reveal the activities of device users. More subtle risks arise when bulk device data is available for analysis, and linkage to auxiliary data sets, because identification or re-identification of users can follow. At the same time, security engineers are now designing for the 'Identity of Things', exploiting embedded cryptography and SIM-like modules to help with the authentication and authorization of devices acting as independent agents in the IoT. To help protect privacy while allowing precise authentication, this paper sets out a new model for digital identity management, comprising a stack of identities, attributes, and attribute metadata. As with the familiar OSI network stack, the digital identity stack helps to decouple different layers of authentication technology, so that IoT data is shared on an explicit need-to-know basis, and extraneous disclosures are minimized.

Original languageEnglish
Title of host publicationIEEE World Forum on Internet of Things, WF-IoT 2018 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages25-29
Number of pages5
ISBN (Electronic)9781467399449
DOIs
Publication statusPublished - 4 May 2018
Externally publishedYes
Event4th IEEE World Forum on Internet of Things, WF-IoT 2018 - Singapore, Singapore
Duration: 5 Feb 20188 Feb 2018

Publication series

NameIEEE World Forum on Internet of Things, WF-IoT 2018 - Proceedings
Volume2018-January

Conference

Conference4th IEEE World Forum on Internet of Things, WF-IoT 2018
Country/TerritorySingapore
CitySingapore
Period5/02/188/02/18

Keywords

  • authentication
  • digital signatures
  • Internet of Things
  • privacy
  • public key infrastructure
  • security

Fingerprint

Dive into the research topics of 'A digital identity stack to improve privacy in the IoT'. Together they form a unique fingerprint.

Cite this