Since more than 50% of the world’s population lives in urban areas, the need for Smart Cities has become crucial. The Smart Cities term refers to a transformation where services rely on Information and Communication Technology (ICT), which are primarily used to increase performance and citizen wellbeing. Steven Poole in one of his articles in The Guardian gives a good description of what Smart Cities are:
“A woman drives to the outskirts of the city and steps directly on to a train; her electric car then drives itself off to park and recharge. A man has a heart attack in the street; the emergency services send a drone equipped with a defibrillator to arrive crucial minutes before an ambulance can. A family of flying maintenance robots lives atop an apartment block – able to autonomously repair cracks or leaks and clear leaves from the gutters.”
Smart Cities will make advanced use of communication and sensor competences integrated into the urban infrastructures to adjust transport, electrical systems, and other logistical operations supporting daily life. However, in order to ensure better development of Smart Cities, there should be control systems implemented to achieve reliability. With reliability and control, comes the security issue, which is one of the biggest challenges in Smart City development.
It is a critical challenge due to the increasing chances of cyber-attacks and incidents against sensitive sectors in a Smart City. A Smart City is secure when cyber security doesn’t only address deliberate attacks (coming from staff, industrial espionage or terrorists), but compromises the information infrastructure due to user errors and natural disasters. Vulnerabilities give attackers space to penetrate networks and gain access to control software which can cause loss of data and destabilise systems. As a proper protection, a specific plan should be designed to face the security problems that can come from the mentioned vulnerabilities.
An example of how a Smart City feature that brings us many benefits can introduce risks is the Global Positioning System (GPS). It is the use of GPS in our smart phones that makes our life easier with the location services. The GPS monitoring can give us specific and precise information about our location, which can be used in many areas, but it reveals personal information that also impacts on our privacy. Locational data is one of the key security concerns, since it can be used for criminal and negative purposes such as making your home a target for burglary when you are away, entering many locations that may be related to criminal usage etc.
Therefore, to have a valuable protection for Smart Cities, a certain number of issues must be taken care when dealing with security:
- Establishing privacy regulation that ensure users data are secure
- Using private networking connectivity to minimise threats from intruders
- Controlling the interconnection irrelevant systems that make an complex system
- Using “pseudo-nomination” systems to separate user’s provided data with his/her real identity data
- Enforce stronger connectivity between protocol components by denying attackers to impersonate them
- Establish Incident Response, Business Continuity and Disaster Recovery Plans
- Enforce key management systems scalable in highest levels to provide authentication and authorisations for keeping systems secure
- Expand security services usage throughout the Smart City industry
Another remedy for the Smart Cities security issues is the usage the Wifi Protected Access (WPA) security protocol, which has become a standard for securing networks in this industry. Digital certificates and pre-shared encryption keys enable the WPA algorithm Temporal Key Integrity Protocol (TKIP) to securely encrypt data and provide authentication to said networks. TKIP was merely designed to help the transition between old hardware and new encryption models which drastically improve the network security. Furthermore, this protocol postulates advanced techniques in key distribution, which prevents eavesdropping through better session security.
In general, the benefits do and will far compensate the risks when the risks are treated properly. The Smart Cities offer us plenty, but we shouldn’t allow them take that which makes us who we are. To be secure, an integrated vision of a city and its infrastructures is needed in all its components.
Parker Solutions Group is a provider of professional training, consulting and support services across multiple risk disciplines. Among other training courses, it offers a wide range of security training courses including ISO 27001, ISO 24762, ISO 27034, ISO 38500, CLPI, CISSP, CLPT, CISA, CISM, SSCP, CHFI, CCFP, CEH, CAP, HCISSP, and Data Protection Act Awareness aimed at those who are looking to build a greater knowledge on developing highly secured Smart Cities.
For further information regarding the Smart Cities security issues and Parker Solutions training & consulting services, please do not hesitate to contact Fitim Rama at firstname.lastname@example.org
Or visit our website: http://www.parkersolutionsgroup.co.uk/training/information-security.php