During the last decades we have witnessed the evolution of smart devices. Nowadays, the number of connected devices at the end of the last decade (2020) exceeded 30 billion. This interconnection of smart devices creates the Internet of Things (IoT) world where IoT devices become pervasive to our lives. As with all new technologies there are risks. Most IoT devices lack of even the basics of protection, thus becoming weak points in the network. Consumer IoT devices has entered our lives and changed the way we live, replacing old devices. Nowadays, we rely more and more on such devices even for our everyday needs.
Furthermore, in corporate domains we no longer rely on the fact that all devices that are connected to a corporate network are trusted and secure. Moreover, with the outburst of the Corona virus pandemic, we see that the corporate network perimeter concept is no longer valid and employees doing home office need to use IoT devices during their work. This must be done in such a secure way that the corporate network facilities remain trusted, and the access control violation is reduced to minimum. This leads to the fact we should focus on enabling the national and international institutions, corporations, and individuals to exercise sovereignty on their data, resources, and digital assets.
Mediating access requests via mechanisms implementing regulations established by security policies has become of paramount importance in both consumer IoT as well as when smart devices are used in corporate networks. Additional drawbacks of IoT devices are the lack of standardization and privacy mechanisms. IoT devices vary on various aspects, most importantly on the way they communicate, exchange information and control access requests and handle privacy of user data. So, ensuring privacy in personal data use including consent, transparency, unlinkability and intervenability (empowering the data subject to control Who, Where, When and How may use its personal data) has become of paramount importance. There are several examples in the recent literature indicating all the aforementioned problems.
This session targets on novel ideas towards security, privacy, dynamicity, adaptation, and Continuity of Access in the area of IoT.
Authors are invited to submit their original work that has not previously been submitted or published in any other venue. Each paper length should not exceed 8 pages. All papers need to be in IEEE CS format and submitted via the dedicated Easychair submission site according to the instructions on the Initial Submissions page.
Prof. Theo Dimitrakos, Research Director, German Research Center of Huawei
Theo Dimitrakos is a research area Director (Data Security & Privacy, IAM, European Digital Sovereignty) at the German Research Center of Huawei based in Munich and a (part time) Professor of Computer Science at the University of Kent, UK where he also chairs the advisory board of the interdisciplinary institute of cybersecurity for society (iCSS) https://research.kent.ac.uk/cyber/advisory-board/.
Theo has over 25 years of experience in Information and Communications Technology including 20 years of experience in Trust and Information Security. His experience spans a wide range of topics including IoT/IoV Security, Cloud Security, SOA and Web Services, SDN/NFV, Identity and Access Management, Applied Cryptography, Privacy, Data Protection, Uncertainty Reasoning and Trust Management, Security Risk Analysis, Automated Software Engineering and Program Synthesis, Formal Methods and Mathematical Logic. In the past, Theo has been a Chief Researcher at Research and Innovation headquarters of British Telecom (BT), UK. During that period, Theo directed the delivery of technological and business innovations in close collaboration with the Security Leadership Team and the IT Services and Security Portfolio product teams. Through his participation in expert groups and strategy boards, Theo has advised European Agencies, such as ENISA, industry forums such as ISF and CSA and the European Commission on both technological development and policy making issues. Theo has been a keynote speaker in international conferences and directed researchers in top Universities. He has also been a senior researcher at Rutherford Appleton Laboratory where he was involved at the realization of Grid computing and supported the W3C Office for UK and Ireland. He has authored several technical books, over a hundred scientific papers, guest editions of international journals and over forty patents. Many of his innovation projects have received industry awards and he has also received personal awards including a silver core medal from IFIP.
Dr. Fabio Martinelli, Research Director, Italian National Research Council
Fabio Martinelli is a research director of the Italian National Research Council (CNR) where he is referent for cybersecurity activities. He is co-author of more than four hundred of papers on international journals and conference/workshop proceedings. His main research interests involve security and privacy in distributed and mobile systems and foundations of security, privacy, and trust. He has been the co-chair of the Italian technological platform in homeland security (SERIT) and chaired the WG3 on Research and Innovation of the Network and Information Security (NIS) Platform promoted by the European Commission and as part of this duty, co-edited the first strategic research agenda for cybersecurity in Europe. He is partnership Director of the SPARTA competence network in cyber security. He also serves as expert in the H2020 Protection and Security Advisory Committee (PASAG) and acts as First Director in the Board of the European Cyber Security Organization (ECSO) and co-chairs ECSO WG6 SRIA.
Dr. Athanasios Rizos, Cloud Security Research Engineer, German Research Center of Huawei Technologies
Dr. Athanasios Rizos is a cloud security research engineer at the German Research Center of Huawei Technologies based in Munich. He holds a Ph.D. in Computer Science, and M.Sc. in Informatics and an M.Eng. in Electrical and Computer Engineering. He has 5 years of combined experience both as engineer in R&D projects in SMEs and as assistant researcher in the National Research Center of Italy (CNR). He was an ESR of MSCA H2020 NeCS project. His main area of research is Usage Control for cloud and IoT security. He has over 10 publications and his work has received both academic and industrial awards.