Abstract
The synergy between Cloud and IoT has emerged largely due to the Cloud having attributes which directly benefit IoT and enable its continued growth. IoT adopting Cloud services has brought new security challenges. In this book chapter, we pursue two main goals: (1) to analyse the different components of Cloud computing and IoT and (2) to present security and privacy problems that these systems face. We thoroughly investigate current security and privacy preservation solutions that exist in this area, with an eye on the Industrial Internet of Things, discuss open issues and propose future directions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
A. Alamri, W.S. Ansari, M.M. Hassan, M.S. Hossain, A. Alelaiwi, M.A. Hossain, A survey on sensor-cloud: architecture, applications, and approaches. Int. J. Distrib. Sens. Netw. 9(2), 917923 (2013). https://doi.org/10.1155/2013/917923
Amazon: Amazon go. Online (2017), https://www.amazon.com/b?node=16008589011
M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica et al., A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)
J. Bacon, D. Eyers, T.F.M. Pasquier, J. Singh, I. Papagiannis, P. Pietzuch, Information flow control for secure cloud computing. IEEE Trans. Netw. Serv. Manag. 11(1), 76–89 (2014)
A. Bansal, T. Chen, S. Zhong, Privacy preserving Back-propagation neural network learning over arbitrarily partitioned data. Neural Comput. Appl. 20(1), 143–150 (2011)
J. Bartje, The top 10 iot application areas - based on real iot projects (2016), https://iot-analytics.com/top-10-iot-project-application-areas-q3-2016/
D. Boneh, C. Gentry, B. Lynn, H. Shacham, Aggregate and Verifiably Encrypted Signatures from Bilinear Maps, Intenational Conference on the Theory Applications of Cryptographic Technology (Springer, Berlin, Heidelberg, 2003), pp. 416–432
F. Bonomi, R. Milito, J. Zhu, S. Addepalli, Fog computing and its role in the internet of things, in Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing (ACM, 2012), pp. 13–16
A. Botta, W. de Donato, V. Persico, A. Pescap, Integration of cloud computing and internet of things: a survey. Future Gener. Comput. Syst. 56, 684–700 (2016), http://www.sciencedirect.com/science/article/pii/S0167739X15003015
W. Boyang, L. Baochun, L. Hui, Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans. Cloud Comput. 2(1), 43–56 (2014)
I. Butun, S.D. Morgera, R. Sankar, A survey of intrusion detection systems in wireless sensor networks. IEEE Commun. Surv. Tutor. 16(1), 266–282 (2014)
B.V., I.N.: CompTIA Cloud Essentials Certification Study Guide (Exam CLO-001) (McGraw-Hill, New York, 2014)
N. Cao, C. Wang, M. Li, K. Ren, W. Lou, Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 25(1), 222–233 (2014)
M. Crosbie, E.H. Spafford, Active defense of a computer system using autonomous agents (1995)
T. Cruz, L. Rosa, J. Proença, L. Maglaras, M. Aubigny, L. Lev, J. Jiang, P. Simões, A cybersecurity detection framework for supervisory control and data acquisition systems. IEEE Trans. Ind. Inf. 12(6), 2236–2246 (2016)
J. Daniels, Server virtualization architecture and implementation. Crossroads 16(1), 8–12 (2009)
M. Díaz, C. Martín, B. Rubio, State-of-the-art, challenges, and open issues in the integration of internet of things and cloud computing. J. Netw. Comput. Appl. 67(C), 99–117 (2016). https://doi.org/10.1016/j.jnca.2016.01.010
X. Dong, J. Yu, Y. Luo, Y. Chen, G. Xue, M. Li, Achieving an effective, scalable and privacy-preserving data sharing service in cloud computing. Comput. Secur. 42, 151–164 (2014)
E. Elmroth, F.G. Marquez, D. Henriksson, D.P. Ferrera, Accounting and billing for federated cloud infrastructures, in Eighth International Conference on Grid and Cooperative Computing, 2009 GCC’09 (IEEE, 2009), pp. 268–275
A. Ericsson, Ericsson mobility report: On the pulse of the networked society. Ericsson, Sweden, Technical Report EAB-14 61078 (2015)
M.A. Ferrag, A. Ahmim, Esspr: an efficient secure routing scheme based on searchable encryption with vehicle proxy re-encryption for vehicular peer-to-peer social network. Telecommun. Syst. 1–23 (2017). https://doi.org/10.1007/s11235-017-0299-y
M.A. Ferrag, L. Maglaras, A. Ahmim, Privacy-preserving schemes for ad hoc social networks: a survey. IEEE Commun. Surv. Tutor. 19(4), 3015–3045 (2017)
M.A. Ferrag, L.A. Maglaras, H. Janicke, J. Jiang, A Survey on Privacy-preserving Schemes for Smart Grid Communications (2016), ar**v:1611.07722
M.A. Ferrag, L.A. Maglaras, H. Janicke, J. Jiang, Authentication Protocols for Internet of Things: A Comprehensive Survey (2016), ar**v:1612.07206
I. Foster, Y. Zhao, I. Raicu, S. Lu, Cloud computing and grid computing 360-degree compared, in Grid Computing Environments Workshop, 2008. GCE’08 (IEEE, 2008), pp. 1–10
Gartner, Inc: Gartner says 6.4 billion connected “things” will be in use in 2016, up 30 percent from 2015 (2015), http://www.gartner.com/newsroom/id/3165317
R.L. Grossman, Y. Gu, M. Sabala, W. Zhang, Compute and storage clouds using wide area high performance networks. Future Gener. Comput. Syst. 25(2), 179–183 (2009)
J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of things (iot): a vision, architectural elements, and future directions. Future Gener. Comput. Syst. 29(7), 1645–1660 (2013)
C. Guy, Wireless Sensor Networks, in Sixth International Symposium on Instrumentation and Control Technology: Signal Analysis, Measurement Theory, Photo-Electronic Technology, and Artificial Intelligence, ed. by J. Fang, Z. Wang, (eds.) SPIE-International society for optical engineering, vol. 6357 (2006), pp. 63571I–63571I–4. https://doi.org/10.1117/12.716964
K.K. Hausman, S.L. Cook, T. Sampaio, Cloud Essentials: CompTIA Authorized Courseware for Exam CLO-001 (Wiley, New York, 2013)
D. Hrestak, S. Picek, Homomorphic encryption in the cloud, in 2014 37th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (IEEE, 2014), pp. 1400–1404
M. Jensen, J. Schwenk, N. Gruschka, L.L. Iacono, On technical security issues in cloud computing. in IEEE International Conference on Cloud Computing, 2009. CLOUD’09 (IEEE, 2009), pp. 109–116
J. Yuan, S. Yu, Privacy preserving back-propagation neural network learning made practical with cloud computing. IEEE Trans. Parallel Distrib. Syst. 25(1), 212–221 (2014)
J. **, J. Gubbi, S. Marusic, M. Palaniswami, An information framework for creating a smart city through internet of things. IEEE Internet Things J. 1(2), 112–121 (2014)
Q. **g, A.V. Vasilakos, J. Wan, J. Lu, D. Qiu, Security of the internet of things: perspectives and challenges. Wirel. Netw. 20(8), 2481–2501 (2014)
J.B. Kennedy, When woman is boss: an interview with nikola tesla, in Colliers (1926)
R. Khan, S.U. Khan, R. Zaheer, S. Khan, Future internet: the internet of things architecture, possible applications and key challenges, in 2012 10th International Conference on Frontiers of Information Technology (FIT) (IEEE, 2012), pp. 257–260
M.T. Khorshed, A.S. Ali, S.A. Wasimi, A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing. Future Gener. Comput. Syst. 28(6), 833–851 (2012)
J. Kirschnick, J.M.A. Calero, L. Wilcock, N. Edwards, Toward an architecture for the automated provisioning of cloud services. IEEE Commun. Mag. 48(12), 124–131 (2010)
S. Kumar, Classification and detection of computer intrusions. Ph.D. thesis, Purdue University (1995)
I. Lee, K. Lee, The internet of things (iot): applications, investments, and challenges for enterprises. Bus. Horiz. 58(4), 431–440 (2015), http://www.sciencedirect.com/science/article/pii/S0007681315000373
Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings, in International Conference on Security and. Privacy in Communication Systems (Springer, Berlin, Heidelberg, 2010), pp. 89–106, http://springer.longhoe.net/10.1007/978-3-642-16161-2_6
H. Liu, H. Ning, Q. **ong, L.T. Yang, Shared authority based privacy-preserving authentication protocol in cloud computing. IEEE Trans. Parallel Distrib. Syst. 26(1), 241–251 (2015)
C. Lyu, S.F. Sun, Y. Zhang, A. Pande, H. Lu, D. Gu, Privacy-preserving data sharing scheme over cloud for social applications. J. Netw. Comput. Appl. 74, 44–55 (2016)
L.A. Maglaras, J. Jiang, T.J. Cruz, Combining ensemble methods and social network metrics for improving accuracy of ocsvm on intrusion detection in scada systems. J. Inf. Secur. Appl. 30, 15–26 (2016)
P. Mahalle, S. Babar, N.R. Prasad, R. Prasad, Identity management framework towards internet of things (iot): Roadmap and key challenges, in International Conference on Network Security and Applications (Springer, 2010), pp. 430–439
P. Massonet, S. Naqvi, C. Ponsard, J. Latanicki, B. Rochwerger, M. Villari, A monitoring and audit logging architecture for data location compliance in federated cloud infrastructures, in 2011 IEEE International Symposium on Parallel and Distributed Processing Workshops and Phd Forum (IPDPSW) (IEEE, 2011), pp. 1510–1517
P. Mell, T. Grance et al., The NIST Definition of Cloud Computing (2011)
C. Modi, D. Patel, B. Borisaniya, H. Patel, A. Patel, M. Rajarajan, A survey of intrusion detection techniques in cloud. J. Netw. Comput. Appl. 36(1), 42–57 (2013)
M. Naehrig, K. Lauter, V. Vaikuntanathan, Can homomorphic encryption be practical? in Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop (ACM, 2011), pp. 113–124
NHS England: Digital diabetes coach (2015), https://www.england.nhs.uk/ourwork/innovation/test-beds/diabetes-digital-coach/
M. Nitti, R. Girau, L. Atzori, Trustworthiness management in the social internet of things. IEEE Trans. Knowl. Data Eng. 26(5), 1253–1266 (2014)
A. Nordrum, Popular internet of things forecast of 50 billion devices by 2020 is outdated. IEEE Spectrum, http://spectrum.ieee.org/tech-talk/telecom/internet/popular-internet-of-things-forecast-of-50-billiondevices-by-2020-is-outdated. Accessed 18 2016
T.F.M. Pasquier, J. Singh, J. Bacon, Clouds of things need information flow control with hardware roots of trust, in 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom) (IEEE, 2015), pp. 467–470
S.K. Pasupuleti, S. Ramalingam, R. Buyya, An efficient and secure privacy-preserving approach for outsourced data of resource constrained mobile devices in cloud computing. J. Netw. Comput. Appl. 64, 12–22 (2016)
A. Rabkin, M. Arye, S. Sen, V.S. Pai, M.J. Freedman, Making every bit count in wide-area analytics, in HotOS (2013), p. 6
A. Rabkin, R.H. Katz, Chukwa: a system for reliable large-scale log collection. LISA 10, 1–15 (2010)
B.B.P. Rao, P. Saluia, N. Sharma, A. Mittal, S.V. Sharma, Cloud computing for internet of things & sensing based applications, in 2012 Sixth International Conference on Sensing Technology (ICST) (2012), pp. 374–380
Rico, J., Sancho, J., Cendon, B., Camus, M.: Parking easier by using context information of a smart city: enabling fast search and management of parking resources, in 2013 27th International Conference on Advanced Information Networking and Applications Workshops (2013), pp. 1380–1385
J.W. Rittinghouse, J.F. Ransome, Cloud computing: Implementation, Management, and Security (CRC press, Boca Raton, 2016)
R.J. Robles, T.h. Kim, D. Cook, S. Das, A review on security in smart home development. Int. J. Adv. Sci. Technol. 15 (2010)
SafeCast Project: Safecast project website (2017), http://safecast.jp/en/
P. Samarati, S.D.C. di Vimercati, S. Murugesan, I. Bojanova, Cloud Security: Issues and Concerns (Wiley, New York, 2016)
R.M. Savola, H. Abie, Metrics-driven security objective decomposition for an e-health application with adaptive security management, in Proceedings of the International Workshop on Adaptive Security (ACM, 2013), p. 6
J. Shao, R. Lu, X. Lin, FINE: A fine-grained privacy-preserving location-based service framework for mobile devices, in IEEE INFOCOM 2014 - IEEE Conference on Computer Communications (IEEE, 2016), pp. 244–252
J. Singh, J. Bacon, J. Crowcroft, A. Madhavapeddy, T. Pasquier, W.K. Hon, C. Millard, Regional clouds: technical considerations, University of Cambridge, Computer Laboratory, Technical Report (2014)
J. Singh, J. Bacon, D. Eyers, Policy enforcement within emerging distributed, event-based systems, in Proceedings of the 8th ACM International Conference on Distributed Event-Based Systems (ACM, 2014), pp. 246–255
J. Singh, T. Pasquier, J. Bacon, H. Ko, D. Eyers, Twenty security considerations for cloud-supported internet of things. IEEE Internet Things J. 3(3), 269–284 (2016)
W. Song, B. Wang, Q. Wang, Z. Peng, W. Lou, Y. Cui, A privacy-preserved full-text retrieval algorithm over encrypted data for cloud storage applications. J. Parallel Distrib. Comput. 99, 14–27 (2017)
B. Stewart, L. Rosa, L.A. Maglaras, T.J. Cruz, M.A. Ferrag, P. Simoes, H. Janicke, A novel intrusion detection mechanism for scada systems that automatically adapts to changes in network topology (2017)
J. Sun, X. Zhu, Y. Fang, A privacy-preserving scheme for online social networks with efficient revocation, in 2010 Proceedings IEEE INFOCOM (IEEE, 2010), pp. 1–9
W. Sun, B. Wang, N. Cao, M. Li, W. Lou, Y.T. Hou, H. Li, Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking. IEEE Trans. Parallel Distrib. Syst. 25(11), 3025–3035 (2014)
T. Chen, S. Zhong: Privacy-preserving backpropagation neural network learning. IEEE Trans. Neural Netw. 20(10), 1554–1564 (2009)
University of Southampton, Southampton researchers develop new tool to provide radiation monitoring in Japan (2013), http://www.southampton.ac.uk/news/2013/05/radiation-monitoring-in-japan.page
K. Venkatasubramanian, A. Banerjee, S. Gupta, PSKA: usable and secure key agreement scheme for body area networks. IEEE Trans. Inf. Technol. Biomed. 14(1), 60–68 (2010)
O. Vermesan, IERC Cluster Book 2016, Innovation and Deployment. European Research Cluster on the Internet of Things, IoT Digital Value Chain Connecting Research (2016)
O. Vermesan, P. Friess, P. Guillemin, S. Gusmeroli, H. Sundmaeker, A. Bassi, I.S. Jubert, M. Mazura, M. Harrison, M. Eisenhauer et al., Internet of things strategic research roadmap. Internet Things-Global Technol. Soc. Trends 1, 9–52 (2011)
B. Wang, S. Yu, W. Lou, Y.T. Hou, Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud, in IEEE INFOCOM 2014 - IEEE Conference on Computer Communications (IEEE, 2014), pp. 2112–2120
C. Wang, S.S. Chow, Q. Wang, K. Ren, W. Lou, Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)
L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia, Y. Chen, A.V. Vasilakos, Security and privacy for storage and computation in cloud computing. Inf. Sci. 258, 371–386 (2014)
S.G. Worku, C. Xu, J. Zhao, X. He, Secure and efficient privacy-preserving public auditing scheme for cloud storage. Comput. Electr. Eng. 40(5), 1703–1713 (2014)
Z. **a, X. Wang, X. Sun, Q. Wang, A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 27(2), 340–352 (2016)
Z. **a, X. Wang, L. Zhang, Z. Qin, X. Sun, K. Ren, A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Trans. Inf. Forensics Secur. 11(11), 2594–2608 (2016)
Z. **a, N.N. **ong, A.V. Vasilakos, X. Sun, EPCBIR: An efficient and privacy-preserving content-based image retrieval scheme in cloud computing. Inf. Sci. (Ny). 387, 195–204 (2017)
Z. Yan, P. Zhang, A.V. Vasilakos, A survey on trust management for internet of things. J. Netw. Comput. Appl. 42, 120–134 (2014)
Y. Yu, M.H. Au, G. Ateniese, X. Huang, W. Susilo, Y. Dai, G. Min, Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 767–778 (2017)
J. Zhou, Z. Cao, X. Dong, N. **ong, A.V. Vasilakos, 4S: a secure and privacy-preserving key management scheme for cloud-assisted wireless body area network in m-healthcare social networks. Inf. Sci. (Ny). 314, 255–276 (2015)
J. Zhou, X. Lin, X. Dong, Z. Cao, PSMPA: patient self-controllable and multi-level privacy-preserving cooperative authentication in distributedm-healthcare cloud computing system. IEEE Trans. Parallel Distrib. Syst. 26(6), 1693–1703 (2015)
H. Zhu, R. Lu, C. Huang, L. Chen, H. Li, An efficient privacy-preserving location-based services query scheme in outsourced cloud. IEEE Trans. Veh. Technol. 65(9), 7729–7739 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this chapter
Cite this chapter
Cook, A. et al. (2018). Internet of Cloud: Security and Privacy Issues. In: Mishra, B., Das, H., Dehuri, S., Jagadev, A. (eds) Cloud Computing for Optimization: Foundations, Applications, and Challenges. Studies in Big Data, vol 39. Springer, Cham. https://doi.org/10.1007/978-3-319-73676-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-73676-1_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-73675-4
Online ISBN: 978-3-319-73676-1
eBook Packages: EngineeringEngineering (R0)