Visible to the public International Conferences: Workshop on IoT Privacy, Trust, and Security, 2015, Singapore

SoS Newsletter- Advanced Book Block

SoS Logo

International Conferences: Workshop on IoT Privacy, Trust, and Security, 2015, Singapore


The 2015 ACM Workshop on IoT Privacy, Trust, and Security was held 14-17 April 2015. The conference organizers say that, “at a basic level, the Internet of Things (IoT) refers simply to networked devices, but the IoT vision consists of a complex ecosystem that ranges from cloud backend services and big-data analytics to home, public, industrial, and wearable sensor devices and appliances. Architectures for these systems are in the formative stages, and IoTPTS 2015 gives researchers and practitioners a unique opportunity ensure privacy, trust, and security are designed into these systems from the beginning.” For the inaugural year of the IoTPTS Workshop, there were 13 submissions worldwide from 12 countries and 4 continents. The final program contained 5 papers (representing an acceptance rate of 38%) and a keynote. 


Ihor Vasyltsov, Seunghwan Lee; “Entropy Extraction from Bio-Signals in Healthcare IoT;” IoTPTS '15 Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security, April 2015, Pages 11-17. Doi: 10.1145/2732209.2732213
Abstract: In this paper, the theoretical approach to estimate the amount of entropy which can be extracted from heart-rate based biomedical signals has been considered. Mathematical models for estimating the values of min-entropy, Shannon entropy, and collision entropy have been created. This allows obtaining the theoretical background and estimations for upper bound of entropy that can be extracted from the biomedical inter-pulse interval signal for the usage in healthcare and biomedical applications. These results will be useful when estimating the security of healthcare systems and during the certification of the devices.
Keywords:  ecg, entropy, heart rate, hrv, inter-pulse interval, mathematical model, ppg (ID#: 15-5527)



Tobias Rauter, Andrea Höller, Nermin Kajtazovic, Christian Kreiner; “Privilege-Based Remote Attestation: Towards Integrity Assurance for Lightweight Clients;” IoTPTS '15 Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security, April 2015, Pages 3-9. doi: 10.1145/2732209.2732211
Abstract: Remote attestation is used to assure the integrity of a trusted platform (prover) to a remote party (challenger). Traditionally, plain binary attestation (i.e., attesting the integrity of software by measuring their binaries) is the method of choice. Especially in the resource-constrained embedded domain with the ever-growing number of integrated services per platform, this approach is not feasible since the challenger has to know all possible 'good' configurations of the prover. In this work, a new approach based on software privileges is presented. It reduces the number of possible configurations the challenger has to know by ignoring all services on the prover that are not used by the challenger. For the ignored services, the challenger ensures that they do not have the privileges to manipulate the used services. To achieve this, the prover measures the privileges of its software modules by parsing their binaries for particular system API calls. The results show significant reduction of need-to-know configurations. The implementation of the central system parts show its practicability, especially if combined with a fine-grained system API.
Keywords: embedded systems, privilege classification, remote attestation, trusted computing (ID#: 15-5528)


Feng Hao, Xun Yi, Liqun Chen, Siamak Fayyaz Shahandashti; “The Fairy-Ring Dance: Password Authenticated Key Exchange in a Group;” IoTPTS '15 Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security, April 2015, Pages 22-37. doi: 10.1145/2732209.2732212
Abstract: In this paper, we study Password Authenticated Key Exchange (PAKE) in a group. First, we present a generic "fairy-ring dance" construction that transforms any secure two-party PAKE scheme to a group PAKE protocol while preserving the round efficiency in the optimal way. Based on this generic construction, we present two concrete instantiations based on using SPEKE and J-PAKE as the underlying PAKE primitives respectively. The first protocol, called SPEKE+, accomplishes authenticated key exchange in a group with explicit key confirmation in just two rounds. This is more round-efficient than any existing group PAKE protocols in the literature. The second protocol, called J-PAKE+, requires one more round than SPEKE+, but is computationally faster. Finally, we present full implementations of SPEKE+ and J-PAKE+ with detailed performance measurements. Our experiments suggest that both protocols are feasible for practical applications in which the group size may vary from three to several dozen. This makes them useful, as we believe, for a wide range of applications - e.g., to bootstrap secure communication among a group of smart devices in the Internet of Things (IoT).
Keywords: group key exchange, j-pake, pake, speke (ID#: 15-5529)


Pawel Szalachowski, Adrian Perrig; “Lightweight Protection of Group Content Distribution;” IoTPTS '15 Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security, April 2015, Pages 35-42. doi: 10.1145/2732209.2732215
Abstract: Achieving security properties in distributed, hardware-limited, and unattended networks is a challenging task. This setting is challenging because an adversary can capture and physically compromise unattended nodes. In this setting, this paper presents one-way group communication protocols with strong security properties. In particular, how to send messages to a group of hardware-limited nodes with message secrecy and authenticity? We present several protocols and analyze them in terms of security, efficiency, and deployability. The resulting solutions are generic and can be useful in a variety of distributed systems.
Keywords: broadcast authentication, broadcast encryption, internet of things security, secure sensor networks (ID#: 15-5530)


Yong Ho Hwang; “IoT Security & Privacy: Threats and Challenges;”  IoTPTS '15 Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security, April 2015, Page 1. doi: 10.1145/2732209.2732216
Abstract: The era of the Internet of Things (IoT) has already started and it will profoundly change our way of life. While IoT provides us many valuable benefits, IoT also exposes us to many different types of security threats in our daily life. Before the advent of IoT, most security threats were just related to information leakage and the loss of service. With IoT, security threats have become closely related to our non-virtual lives and they can directly influence physical security risk.  The Internet of Things consists of various platforms and devices with different capabilities, and each system will need security solutions depending on its characteristics. There is a demand for security solutions that are able to support multi-profile platforms and provide equivalent security levels for various device interactions. In addition, user privacy will become more important in the IoT environment because a lot of personal information will be delivered and shared among connected things. Therefore, we need mechanisms to protect personal data and monitor their flow from things to the cloud. In this talk, we describe threats and concerns for security and privacy arising from IoT services, and introduce approaches to solve these security and privacy issues in the industrial field.
Keywords: data protection, internet of things, platform security, privacy protection (ID#: 15-5531)


Lihua Wang, Ryo Nojima, Shiho Moriai; “A Secure Automobile Information Sharing System;” IoTPTS '15 Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security, April 2015, Pages 19-26. doi: 10.1145/2732209.2732214
Abstract: Utilizing the proxy re-encryption technique described in \cite{w-IBPdr}, we construct a secure storage system named PRINCESS Proxy Re-encryption with INd-Cca security in an Encrypted file Storage System). With PRINCESS, the files encrypted in accordance with the confidentiality levels can be shared among appointed users while remaining encrypted. Furthermore, we implement an automobile information-sharing system based on PRINCESS. With this system, location information obtained from a GPS and the vehicle data obtained via on-board diagnosis and Bluetooth can be shared flexibly and securely. By using this system, it is possible to share automobile information, such as the position and speed, and even the engine's rotational frequency, while ensuring user control and privacy. This system facilitates the potential for new services that require automobile information to be shared securely via cloud technology.
Keywords: automobile information sharing, cloud security, privacy, proxy re-encryption (ID#: 15-5532)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.