5 minute read
ENSURING THE SECURITY OF CLOUD-ASSISTED AND IOT-INTEGRATED SMART CITIES
As more cities transform to become smart cities, the challenge of securing cloud integration and IoT components becomes more pressing.
Merging infrastructure with electronic and digital technologies, smart cities are urban areas that collect data in order to provide improved operations and enhance quality of life. The data is analyzed to produce insights that not only help manage assets and resources, but also provide services efficiently.
Advertisement
Two important technology models that are key to smart city development are the Internet of Things (IoT) and cloud computing. The former leverages sensors for real-time monitoring, data gathering, and management of operations and services, while the latter provides the digital infrastructure of smart cities, storing and analyzing any data gathered. As both of these information and computing technologies utilize wireless internet access, ensuring robust security is of paramount importance. The more “connected” a city is, the more at risk it is for security breaches and even malicious hacks. This has already been seen in other parts of the world, like Dallas in 2018, when city residents were sent into a panic when hackers activated the city’s tornado warning system.
The UAE has focused on creating and integrating smart city solutions as part of its ongoing development. The Smart Dubai project was launched back in 2013 to make Dubai one of the world’s smartest cities by 2030. Additionally, ‘Smart City Applications and Solutions’ is one of the 24 focus areas of the UAE’s Science, Technology & Innovation Policy. In response to this focus, Abu Dhabi and Dubai currently rank in the world’s top 50 smart cities, ranking at 42 and 43 respectively, according to the IMD Smart City Index 2020.
“This world is rapidly changing with advancements in information technology, especially as huge steps are being taken to expand the IoT for the development of smart cities. Integration of cloud computing enhances distributed resources in the smart city, so improper management of a cloudassisted IoT system’s security requirements can bring about risks to availability, security, performance, confidentiality, and privacy. In light of these facts, we decided to explore the importance of IoT in developing a smart city for the future,” said Dr. Mohammad Usman Tariq, Assistant Professor of Quality Management at the Abu Dhabi School of Management (ADSM).
Dr. Tariq has partnered with researchers in Pakistan, Vietnam, Saudi Arabia, and Botswana to address related challenges. The team recently wrote a paper on its solution that was published in Computers, Materials & Continua journal, with its members proposing a system that will ensure the necessary security of cloud-assisted and IoT-enabled smart cities. They suggest that the security requirements are collected during the initial development phase instead of the active phase, as is common.
“The most common problems to cloudassisted and IoT-enabled smart city environments are availability, security, performance, data confidentiality, and audit and privacy issues. These risks arise due to the management of requirements related to developing IoT-enabled applications,” Dr. Tariq explained. In response to this problem, the research team proposed a smart city security framework composed of three-layered architecture. The layers include privacypreserved stakeholder analysis, security requirement modeling and validation, and secure cloud assistance – and the goal of each layer is guarding security.
“In our work, we studied the security requirements of IoT-enabled systems and devised a framework to collect them,” Dr. Tariq said.
In the team’s proposed framework, questions are designed to classify stakeholders, from which their security requirements are analyzed. As a result, stakeholder security requirements are ranked and grouped together – they are ranked based on resource availability, importance, and development before being grouped according to similarity. Together, the optimized grouping method and analytical hierarchy process perform prioritization and avoid biased decisions.
ABU DHABI AND DUBAI CURRENTLY RANK IN THE WORLD’S TOP 50 SMART CITIES, RANKING AT 42 AND 43 RESPECTIVELY, ACCORDING TO THE IMD SMART CITY INDEX 2020
“The security of the stakeholder is important because if stakeholder information is vulnerable, then it could be compromised and affect the smart city applications. The stakeholder of the smart city application could be a citizen who uses the services of the system, a developer who develops the system, or a tester who tests the system, among others,” Dr. Tariq explained.
For the security requirements modeling and validation layer, researchers proposed usage-oriented analysis. Through this analysis, the framework’s users would organize workshops and trainings with the smart city’s stakeholders in order to document their security requirements, analyze the communication gap between stakeholders, and enable real-world testing of the validation requirements for new domains. This particular layer analyzes the security requirements for cloud-assisted IoT applications, facilitates negotiation of those requirements to eliminate uncertainties, and specifies and documents the security requirements.
The final layer – secure cloud assistance – is conducted using a secure cloud assistant with specific structure and functionalities that are defined by the researchers. Dr. Tariq and his collaborators identified the stakeholders using the model’s privacypreserved stakeholder analysis mechanism to collect security requirements. In this way, the secure cloud assistance layer provides secure access to cloud-assisted IoT applications and their functionalities.
- Dr. Mohammad Usman Tariq Assistant Professor of Quality Management Abu Dhabi School of Management
The novel system proposed by the team provides a framework to collect security requirements during the early development of cloud-assisted and IoT-enabled smart city applications. By considering the requirements upfront, the security system can be designed to serve the unique needs of a smart city’s stakeholders and the services they produce.
Having developed the framework, Dr. Tariq and his colleagues then tested it in a healthcare case study. In the cloud- and IoT-enabled healthcare system, smart devices collect patients’ medical readings, which are then automatically shared with their doctors through the internet. By testing its system using this case study, the research team successfully identified the healthcare system’s required specifications.
“The next step for this area of our research is to extend the cloud-assisted model to other domains. We aim to extend the model to the edge and fog computing paradigm. Edge computing is utilized to provide the computation near the data to improve the processing and storage challenges. The fog, meanwhile, is used to manage the different edges in the system,” Dr. Tariq added.
