The security of the Internet of Things in our society

Technology and innovation are in constant evolution providing new services, products and solutions at the swiftest pace in human history. Progress and competitiveness incentivize businesses to pursue a continuous improvement that we expect will benefit society as a whole. Still, the speed at which all these changes arrive in society make it difficult for a proper analysis of the implications regarding personal aspects such as privacy and security.

Regulatory bodies struggle to seek a balance in the laws to keep allowing innovation in products and technologies to market without hindering rights related to personal data. An excess in regulation could forestall innovation depriving users of valuable services in significant areas such as health systems, industry and e-commerce.

The Internet of Things (IoT) has a critical role in many business sectors and should address the privacy and security concerns. IoT devices have typically addressed security in a similar way to traditional computers. However, IoT devices with ubiquitous 24/7 unattended operating schedules constitute a significant source of risk if not handled adequately. My research agenda aims to exploit these differences in order to improve security and communication architectures while taking into consideration stakeholder interests. For example,

  • Users should enjoy technologies that are accessible, inexpensive and upgradeable.
  • Developers expect to be provided with simplified regulations that help them shorten development times and maintenance.
  • Regulatory bodies pursue feasible schemes to address holistically procedures to certify security and privacy aspects in diverse devices and scenarios.
  • Industry is eagerly promoting specialized security roles to provide services transversally among projects instead of vertically, which would also foster communication, cooperation and synergies between technologies.

Leveraging modularization and security decoupling in IoT communications can significantly contribute to addressing the above challenges in a standardized way. Instead of reinventing the wheel, widely spread technology with long-term support can be leveraged as dependable cogs with reliable solutions. Common security issues should be addressed apart from the particulars of each IoT equipment in ways that improve software designs, maintenance, and reducing costs. Modularity applied to security decoupling in IoT systems shall provide support for novel technologies as well as for legacy devices while fostering interoperability and feasibility to abide by regulations.