Fysikkbygningen øst (kart)
Sem Sælands vei 24
The paper "Language-based mechanisms for Security-by-Design'' by Shukun Tokas, Olaf Owe, and Toktam Ramenzanifarkhani got the award for the "Best Paper" of the IFIP IFIP Summer School on Privacy and Identity Management.
Christos Dimitrakakis talks about the challenge of identity protection.
One good start in this topic is through the Drools engine (which is part of a large family of RedHat JBoss components). Already an XACML engine exists as a JBoss component called PicketBox, but this handles only XACML 2.0. Can you extend it to the current 3.0 version?
You may be spending time in the Tellu company, which has Drools at the core of their products and are interested in access control.
Most users are aware that email and most other forms of message exchange on the Internet is insecure, and after the disclosure of NSA documents by whistleblower Edward Snowden in 2012, it became clear that mass surveillance on the Internet was not only a theoretical possibility, but that an ongoing activity.
The CPS Lab focuses on a number of Enabling Technologies and their Applications having the physical organization divided into several Spaces pursuing the following goals:
(A) Provide a hands-on opportunity to several IFI courses taught at BSc and MSc levels, and MSc projects, inside the topics covered by this Lab. The topics of CPS Lab are meant to complement existing Lab initiatives at IFI and elsewhere, as far as we are aware of them (e.g., the Smart Grid lab of NTNU).
(B) Provide an open space for various MSc Topics offered at IFI by the applicants and others that want to use the Lab.
(C) Provide a platform for Industry to interact directly with IFI students by providing concrete problems through the Lab (e.g., as devices that need some form of investigation).
SCOTT: Secure COnnected Trustable Things will provide comprehensive cost-efficient solutions of wireless, end-to-end secure, trustworthy connectivity and interoperability to bridge the last mile to market implementation. SCOTT will not deal with just 'things that are connected', but 'trustable things that are connected', i.e. things interconnected by dependable wireless technology and valuing the end-users' privacy rules.
SCOTT bundles the European key players from several industrial domains including building and home / smart infrastructure, automotive, aeronautics, rail, and health to make full potential of cross-domain synergies and to strengthen Europe's position in the emerging technology field of secure IoT.
Previous work has established a Multi-Metrics (MM) Method for the analysis of measurable security and privacy. This MM approach is used in a.o. UNIK4750, and described more in IoTSec:T1.2. Some challenges of the method are related to the choice of metrics describing security functionality and their impact of the system. A further potential weakness is the dependency of system components, called "interconnection".
Embedded Systems (ES) becomes increasingly popular in modern times. This popularity increases the importance of the security for these systems. The reliable evaluation of the ES`s security is considered as a crucial requirement for the enhancement of its security.
Future Homes will have one or several gateways to information on the Internet. Norway will introduce Smart Meters by 2019, giving the opportunity to develop new services on top of this infrastructure. Current regulations suggest a reading of power values 1/hour, or in maximum every 15 min. Given a high-frequency reading of power consumption (1/s, 1/2s, 1/min) might give an opportunity to introduce new services. One of such services is the virtual fall sensor, establishing a probability of an abnormal situation with the readings from e.g. power consumption. Such an analysis, comparing the habits/profile of the user with the actual consumption, is suggested to be performed in the home of the user, and thus preserve privacy.
The Consumer Services of Norway (Forbrukerrådet) have established a report on privacy in Apps "App-Fail". In there they have found breach of privacy by apps. They identified a lack of "understandable privacy" as the main challenge.
The electric grid is undergoing changes. Natural resources like sun and wind contribute to the production of energy.
In this thesis, we are interested in the human aspect in security and privacy concerns in Internet of Things for smart grids. More precise, we will use case studies to find out exactly how humans can influence the security of the smart grid, and how humans perceive the privacy aspects.
Future Homes will have one or several gateways to information on the Internet. Norway will introduce Smart Meters by 2018, giving the opportunity to develop new services on top of this infrastructure. The envisaged modeling of the Smart Home Infrastructure will be based on the planned infrastructure for Smart Meters, and extended towards future capabilities. Main focus is on security and privacy for the user.
See project link. Ask for discussions with one of the supervisors, for more information or variations of the project.
IoT supports emerging applications such as intelligent transportation, smart homes, smart cities, and smart power grids, where this project is placed.
Data created by IoT-enabled devices in the home, at work, or while moving, generates however security and privacy challenges. These challenges are often related to physical access security, communication network security, and big data security. The privacy aspects are often of a totally new nature, especially in the smart grid.
IoTSec promotes development of a safe and secure IoT-enabled smart power grid infrastructure. Co-located with NCE Smart.