Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Networking

    German Professor Develops Method to Secure IoT Smart Device Data

    By
    Wayne Rash
    -
    February 1, 2015
    Share
    Facebook
    Twitter
    Linkedin
      Smart Device Security 2

      HANNOVER, Germany—I ran across professor Martina Zitterbart while visiting a few companies at the CeBIT Press Preview here. This event is designed to give members of the press a brief glance at some of the top exhibits coming for the CeBIT trade show in March.

      When I stopped by the display for the Karlsruhe Institute of Technology, I found the professor trying to explain a tough problem. The problem is finding effective ways to protect sensitive information when you have to share it.

      The specific issue Zitterbart was facing was finding ways to provide the data that public utilities such as the power and water companies need while not compromising customer privacy.

      In addition, she was working on ways to improve the security of the connections between smart devices in homes and businesses while still allowing them to work effectively. This is becoming ever more important with the expansion of what’s become known as the Internet of things (IoT).

      The problem is made more complex with smart devices because of their limited capabilities. You can’t just slap a software firewall on an electric meter, after all, because it doesn’t have the computing capacity.

      The problem boils down to finding a way to share necessary information with those government agencies and private companies that collect data, give them the information they actually need to do business with you, but still maintain security and privacy.

      In a connected world, this is a difficult problem because there’s some data you have to share to make your world work. But this data could tell anyone more about you than you might want them to know if it’s seen by prying eyes.

      Zitterbart is one of Europe’s top security and privacy researchers. She’s looking for approaches that balance the need of the government and private companies to know information about their customers so they can function while still protecting the public’s privacy.

      This is a growing problem in the U.S. and Europe. The problem exists everywhere there are smart devices, including water and power meters that automatically report their readings.

      But it goes beyond that and can include appliances such as cable boxes and Internet routers. The problem is there’s also a legitimate need to know some of this data if only to find out how much to charge you for your electric service or your pay-per-view choices.

      In the U.S. it’s common for law enforcement to monitor electricity use as a way to look for potential illegal activity. So if a certain house has higher consumption than the law enforcement organizations think is normal for a single-family home, that information can be used to obtain a search warrant.

      In many cases, this information may not be considered legally protected. Unfortunately, a detective or a prosecutor looking for a warrant can use such data without much else as an excuse to carry out a search.

      But how do you protect the usage information so that it remains private, while still giving the power, water or cable company the details it needs to bill you?

      German Professor Develops Method to Secure IoT Smart Device Data

      Zitterbart has developed a methodology in which usage data is anonymized by combining that total usage with several other nearby users, adding a random number and then dividing that total by the number of users.

      That way no single number being reported is the same as their actual usage, and because of the random number, their actual number can’t be easily determined.

      But because the power company has a legitimate need to know how much power is being used in a neighborhood so that it can configure the infrastructure to support demand, it can find out by adding the total usage and removing the random number.

      “They have exactly the information they need but not more,” Zitterbart told eWEEK. The same methodology can just as easily work for other types of smart devices, including water meters.

      Of course, the utility company still needs to be able to send you a bill, and that means that its accounting department must be able to receive detailed usage data, but otherwise the amount of power or water you use is nobody’s business.

      Unfortunately, the problem with utility meters or cable interfaces is only the beginning. While it’s important that you be able to keep your consumption numbers private from the prying eyes of others, especially if they’re your competitors, there are other even thornier problems.

      “Cars,” Zitterbart said. “They’re moving around in traffic, and you need information about traffic flow,” she said. “Cars will soon be talking to each other and to infrastructure components.”

      Already there are reports of the New Jersey Turnpike staff issuing tickets to drivers when their E-ZPass data showed that they might be speeding, and lawyers in cases ranging from criminal activity to divorce are using such data to show where someone may have been at any given time. The problem, obviously, is that reports of E-ZPass usage only show where the pass itself was, not who had it, why it was there or who was using it at the time.

      Zitterbart said that she’s already working on solutions to limit the amount of sharing that takes place. “We are playing around with not having such central solutions but having self-organized ways,” Zitterbart said. She noted that she can see this issue moving quickly into such problems as sharing parking places or planning routes through cities.

      The problem is only going to get worse as automated data sharing becomes more common. Right now, while automatic meter reporting is already well-established in some communities in the U.S. and Europe, it’s not yet widespread. But even in its early stages, such information can be misused. This becomes even worse when there are no established rules for data protection and sharing.

      Clearly, automated information can be about much more than how much electricity your company uses in a month. The real issue becomes, What can rightly be shared and under what circumstances?

      Wayne Rash
      https://www.eweek.com/author/wayne-rash/
      Wayne Rash is a freelance writer and editor with a 35-year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He is the author of five books, including his most recent, "Politics on the Nets." Rash is a former Executive Editor of eWEEK and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center and editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×