Conference PaperPDF Available

Augmented Reality Based Smart City Services Using Secure IoT Infrastructure

Authors:
Boris Pokric at DunavNET
Boris Pokric
  • DunavNET
Srdjan Krco at DunavNET
Srdjan Krco
  • DunavNET
Maja Pokric
Maja Pokric
Maja Pokric
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Download full-text PDF
Read full-text
Download citation

Abstract

This paper presents an application of Augmented Reality (AR) within a smart city service to be deployed in the domain of public transport in the city of Novi Sad in Serbia. The described solution is focused on providing a simple and efficient method to citizens for accessing important information such as bus arrival times, bus routes and tourist landmarks using smart phones and AR technology. The AR information is triggered by image and geo-location markers and the data is provided via secure IoT infrastructure. The IoT infrastructure is based on bus-mounted IoT devices which utilize secure CoAP software protocol to transmit the data to the associated cloud servers. Description of the complete end-to-end solution is presented, providing the overall system set-up, user experience aspects and the security of the overall system, focusing on the lightweight encryption used within the low-powered IoT devices.
Content uploaded by Srdjan Krco
Author content
All content in this area was uploaded by Srdjan Krco on Nov 18, 2015
Content may be subject to copyright.
Augmented Reality based Smart City Services using Secure IoT Infrastructure
Boris Pokrić, Srđan Krčo, Maja Pokrić
DunavNET doo Novi Sad
Novi Sad, Serbia
e-mail: boris.pokric@dunavnet.eu, srdjan.krco@dunavnet.eu, maja.pokric@dunavnet.eu
Abstract— This paper presents an application of Augmented
Reality (AR) within a smart city service to be deployed in the
domain of public transport in the city of Novi Sad in Serbia.
The described solution is focused on providing a simple and
efficient method to citizens for accessing important
information such as bus arrival times, bus routes and tourist
landmarks using smartphones and AR technology. The AR
information is triggered by image and geo-location markers
and the data is provided via secure IoT infrastructure. The IoT
infrastructure is based on bus-mounted IoT devices which
utilize secure CoAP software protocol to transmit the data to
the associated cloud servers. Description of the complete end-
to-end solution is presented, providing the overall system set-
up, user experience aspects and the security of the overall
system, focusing on the lightweight encryption used within the
low-powered IoT devices.
Keywords- Augmented Reality, AR, Smart City, Smart
Transport, secure CoAP, secure IoT
I. INTRODUCTION
Today, more than 50% of people live in cities and UN
estimates that by year 2050 cities will be home to 70% of the
world's population. In order to accommodate such a large
number of people, cities would have to develop in a
sustainable fashion. Merely scaling up the existing resources
and services is neither physically possible nor economically
feasible. Instead, the services have to be automated, energy
efficient within existing infrastructure and information
acquired at different places in a city reused as much as
possible. Also, the expectations of citizens are high and they
increasingly expect more from the cities: to have better
quality of life, to have access to detailed information about
the city “health status” and to be able to influence various
aspects of city management, development and planning.
Being such a complex system, with people, businesses,
communities and city services interacting with each other,
the cities are increasingly relying on ICT for introduction of
new smart city services as well as upgrading existing ones.
Smart City ICT based services aim to provide wide spectrum
of solutions in different areas within the city such as
transport, public utility, public administration and health.
The solution presented in this paper focuses on providing
Augmented Reality (AR) powered smart transportation
services to the travelers aiming to increase the quality of the
public transport and at the same time offering benefits to
other stakeholders such as public transportation companies,
traffic authorities and city administrations.
II. AUGMENTED REALITY
AR technology is based on augmenting (supplementing)
the view of the real world with additional computer-
generated content such as images, videos, sound, GPS data
etc. The process of augmentation is triggered when AR
markers are detected, then appropriate AR content is
presented to the user based on the detected marker. The
markers can be in the form of pre-defined images which are
detected and tracked in a real-time using image processing
algorithms within the live video stream [1], [2], [3], [4].
Furthermore, the marker can be a certain GPS location and
orientation of the camera used for video stream capture. A
typical example is the wikitude app [5] which is used to
display additional information about restaurants, tourist
landmarks etc. in the user’s vicinity.
The AR technology was initially used for military,
industrial, and medical applications, but was soon applied in
the commercial and entertainment domains. According to
Gartner [6], AR is one of the top 10 strategic IT technologies
of our time. The technologies which AR encompasses are:
camera, location sensors, display and image processing
engine. Currently, the prominent devices supporting the AR
applications are the smartphones which have all the required
components integrated as well as the CPU, GPU and RAM
capable of executing demanding image processing
algorithms. Furthermore, application distribution channels
such as Google Play and iTunes enable fast and efficient
deployment of applications globally. Juniper Research [7]
forecasts $1.5 billion revenue by 2015 with more than 2.5
billion AR applications to be downloaded to smartphones per
annum by 2017. Furthermore, it is estimated that the AR
applications will generate $300 million in revenues globally
in 2013 and $1.5 billion by 2015. Recently, alternative
technological advances are being made in order to create
dedicated AR hardware such as Google Glasses which will
even further promote the AR applications and technology.
III. AUGMENTED REALITY IN SMART CITIES
Application of AR technology within the smart city
services and scenarios is not yet widely available. FP7
a
b
i
e
c
i
b
(
l
b
t
b
r
m
o
a
i
c
b
A
u
a
M
s
d
t
a
a
p
e
t
s
r
a
a
w
o
s
i
n
a
a
a
t
m
s
t
t
SmartSantan
d
a
pplication [8
b
each ca
m
er
a
i
nformation
a
e
cosystem fo
r
c
ity. The app
l
i
n the city o
f
b
eaches, par
k
(
POI), touris
l
ibraries, cult
u
b
ikes, parkin
g
t
he system o
ff
b
us stops an
d
r
eal-time info
r
[9] aims to
ethodologie
s
o
f Future Int
e
a
spects of th
e
i
nnovation
m
c
itizens will
b
b
ased o
n
Aug
m
Other app
l
A
R in the U
K
u
sed to locate
a
nd a smart
M
adison Squ
a
s
ervices avail
a
Applicati
o
d
iscussed in
s
t
he complete
a
rchitecture
a
a
dvantage of
p
rovisioning
o
e
nd users tha
t
t
ime of day
s
ecurity aspe
r
elevant solu
a
spects such
a
ddressed an
d
w
ider deploy
m
IV.
P
The syste
m
o
f the public
t
s
tarting from
i
ntention is t
o
n
etworks and
a
lternative tr
a
a
im is to prov
a
dditional be
n
t
ransportation
m
anagement
a
s
hown in Fig
u
t
he AR powe
t
he bus locati
o
d
er project h
a
] which enab
l
a
s, weather r
e
a
nd bike-rent
a
r
citizens and
v
l
ication inclu
d
f
Santander s
e
k
s and garden
s
m offices,
s
u
re events ag
g
places, etc.
ff
ers informati
d
the bus lin
e
r
mation. The
O
validate Op
e
s
applicable t
o
e
rnet Services
e
project is to
m
ethodologies
b
enefit from t
h
m
ented Realit
y
l
ications incl
u
K
called Stre
e
the services
a
living view
p
a
re in New Y
o
a
ble [12].
o
n of AR tec
h
s
ubsequent s
e
en
d
-to-end
s
a
nd security
such a syste
o
f the dyna
m
t
can be tail
o
and other r
e
cts and pote
u
tions devise
d
as data priva
c
d
thus mini
m
m
ent and com
m
P
UBLIC TRANS
P
m
proposed a
t
ransportatio
n
the public
c
o
extend it t
o
thus promote
a
nsport mode
s
ide time and
c
n
efits to ot
h
companies,
au
t
horities. T
h
u
re 1, indicat
i
red public tr
a
o
ns in real-ti
m
a
s published
l
es real time
a
e
ports and fo
r
a
l service, g
e
v
isitors when
d
es informatio
n
e
parated into
d
s
, monument
s
s
hops, art g
enda, shops,
p
In terms of t
h
on related to
e
s passing th
r
O
pen Cities E
U
e
n & User
o
the Public
S
for Smart Ci
t
determine ho
w
within the
c
h
e Future Int
e
y
in mobile d
e
u
de museum t
o
e
tMuseu
m
[1
0
a
nd their use
i
p
oint [11] a
n
o
rk City expl
a
h
nology withi
n
e
ctions provid
i
s
olution indi
c
aspects of
m is that en
a
m
ic smart city
o
red to the lo
c
e
levant para
m
ntial threats
d
which wil
l
c
y and data
s
m
izing the po
t
m
ercializatio
n
P
ORT SERVIC
E
ims to imp
r
o
v
n
network in t
h
c
ity bus tran
s
o
other transp
o
and encoura
g
s
other than c
a
c
ost savings t
o
h
er stakehold
e
city adminis
t
h
e proposed
s
ing the main
a
nsport servic
e
m
e, fleet man
a
SmartSantan
d
a
ccess to traf
fi
r
ecast, public
e
nerating a
u
walking arou
n
n
about 2700
p
d
ifferent cate
g
s
, Points of I
n
alleries, mu
s
p
ublic buses,
h
e public tra
n
the locations
r
ough them
w
U
co-funded
p
Driven Inno
v
S
ector in a sc
e
t
ies. One of t
h
w
to integrat
e
c
ities and ho
w
e
rnet services
e
vices.
o
urs powered
b
0
], interactive
i
n smart gove
r
n
d AR mark
e
a
ining the sm
a
n
public trans
p
i
ng an overvi
c
ating the to
p
the system.
a
bles very ef
f
information
t
c
ation, user p
m
eters. Furthe
r
are identifie
d
l
enable im
p
s
ecurity to b
e
t
ential proble
m
n
.
E
DESCRIPTIO
N
v
e the manag
h
e city of No
v
s
port networ
k
o
rtation mea
n
g
e the greater
u
a
rs. Further t
o
o
travelers as
w
e
rs such as
p
t
ratio
n
s and
t
s
ystem overv
i
components
w
e
. In order to
a
gement devi
c
d
erRA
fi
c and
buses
u
nique
n
d the
p
laces
g
ories:
n
terest
s
eums,
taxis,
n
sport,
of the
w
ithout
p
roject
v
ation
e
nario
h
e key
e
open
w
the
pilots
b
y the
maps
r
nance
e
rs in
a
rt city
p
ort is
ew of
p
-level
The
f
icient
t
o the
rofile,
r
more,
d
and
p
ortant
e
fully
m
s in
N
ement
v
i Sad
k
. The
n
s and
u
se of
o
this,
w
ell as
p
ublic
traffic
i
ew is
w
ithin
track
c
es are
mo
u
GP
clo
u
ph
o
an
d
b
u
s
b
e
s
sp
e
Fi
g
Q
R
Fu
r
lan
d
loc
a
unted on t
h
S/GPRS mo
d
u
d infrastruct
u
Figure 1.
A
Main system
1. Users (
t
interact
i
platfor
m
channel
,
2. Bus st
o
form of
3. Mobile
channel
fleet m
a
4. All the
devices
,
commu
n
via sec
u
5. The ba
c
functio
n
commu
n
generat
i
web ap
p
6. Web p
o
for the
and ot
h
purpose
stops m
a
Users (travel
e
o
nes, a dedic
a
d
location bas
e
s
arrival time
s
s
t route to a s
p
e
cified criteri
a
g
ure 2 shows t
h
R
code showi
n
r
thermore, the
d
marks aroun
d
a
tion if agree
d
h
e busses. T
h
d
ems and co
m
u
re continuou
s
A
R powered publ
i
components i
n
t
ravelers) of t
h
i
ng with the s
y
m
) using thei
r
,
a dedicated
m
o
p(s) equippe
d
an image (lo
g
Network Op
for data tran
s
a
nagement de
v
buses equip
p
,
tracking th
n
icating with
u
re channel
ck
-end cloud
n
ality of
n
ication, rou
t
i
on and handl
i
p
lications
o
rtals providi
n
Novi Sad pu
b
h
er stakehold
e
s, creation o
f
a
nagement (i.
e
e
rs) will
b
e a
b
a
ted applicatio
n
e
d) available
a
s
and also req
u
p
ecified desti
n
a
such as sh
o
h
e AR view
o
n
g the bus
a
travelers wil
l
d
the bus sto
p
d
by the travel
e
h
ese devices
m
municate w
i
s
ly.
i
c transport syste
m
n
clude:
h
e public bus
y
stem (i.e. th
e
r
smart pho
n
m
obile applic
a
d
with an A
R
g
o) or a QR co
erator provid
i
s
fer from the
s
v
ices to the ba
c
p
e
d
with a fl
e
e location i
n
the bac
k
-en
d
platform pr
o
the syst
e
t
ing calculati
o
i
ng, web serv
e
n
g secure acc
e
b
lic transport
e
rs for the r
e
f
the AR con
t
e
. location).
b
le through u
s
n
and the A
R
a
t the bus sto
p
u
est the infor
m
n
atio
n
, taking
i
o
rtest, quicke
s
o
f a
b
us stop e
q
a
rrival times
t
l
be able to b
r
p
(by utilizing
e
r).
are based
i
th the bac
k
-
e
m
overview.
transport ser
v
e
back-end cl
o
n
es via a sec
u
a
tion
R
marker in
t
de
i
ng a GPRS/
s
martphones
a
ck
-end server
e
et manage
m
n
real-time
a
d
cloud platf
o
o
viding the c
o
e
m includ
i
o
n, AR cont
er
and associa
t
e
ss to the syst
company, J
G
e
port generat
i
t
ent, and the
b
s
e of their s
m
R
marke
r
s (im
a
p
s to find out
t
m
ation about
t
i
nto account
u
s
t and cheap
e
q
uipped with
t
t
o the bus st
o
r
owse the tou
r
the current
G
on
e
nd
v
ice
o
ud
u
re
t
he
3G
a
nd
m
ent
a
nd
o
rm
o
re
i
ng
ent
t
ed
em
G
SP
i
on
b
us
m
art
a
ge
t
he
t
he
u
ser
e
s
t
.
the
o
p.
r
ist
G
PS
Figure 2. User experience when using the AR smartphone application.
Further to the direct benefits to the travelers as described
above, the system will be able to extrapolate a number of
high-level services that will be used by different stakeholders
or dedicated system components:
Current traffic conditions along specified routes
based on the information received from the fleet
management devices located on the public vehicles.
This parameter can be calculated from the
difference between current travel time of public
transport vehicles and expected, kalong certain
routes.
Current demand of travelers for certain routes (and
for certain means of transport once the system is
extended to multimodal transportation). This is
calculated from the information received from the
smart-phone application where travelers specify
transportation route
Expected arrival times of public transport vehicles
at certain location calculated from the current
location of vehicles and current traffic conditions
Current location and activity of travelers
Top-level architecture of the proposed system is shown
in Figure 3 indicating the main components within the
traveler smartphone, cloud infrastructure and fleet
management devices. The architectural model conforms to
the generic Internet of Things (IoT) reference model such as
the one developed within the FP7 IoT-A initiative. This
model aims to create the architectural foundations of the
future IoT, allowing seamless integration of heterogeneous
IoT technologies (e.g. fleet management devices, mobile
phones) into a coherent architecture [13].
The smartphone AR application is implemented initially
on Android platform, but it will also be available for the iOS
in the future. The AR marker detection engine is based on
Qualcomm’s Vuforia SDK [14] which is used to process live
video stream acquired from the smartphone’s camera. The
SDK is integrated within the mobile application and used for
the detection of the AR marker, currently in the form of QR
code placed at the bus stop (see Figure 2). The AR SDK
provides information on frame-to-frame basis on which AR
marker is identified in the field of view and its location so
that appropriate AR content can be rendered. Furthermore,
since marker position is detected within every captured
frame, smooth tracking and resulting AR content overlay is
performed. Alternatively, the location-based marker can be
defined so that once the traveler is at the certain location
(and within specified radius), AR information is displayed.
Once the marker (image or location-based) is detected, an
appropriate UI is used to present all the information to the
user such as bus arrival times enabling the route selection
based on different criteria, tourist landmark browsing and
other functionality. Communication with the cloud
infrastructure, utilizing appropriate web services, is
performed using the communication engine. The security
aspects of the smartphone application such as user
authentication, encryption and decryption are implemented
through the security component.
Figure 3. Proposed system top-level architecture.
Cloud infrastructure contains all the core security
components (i.e. secure storage and security engine) and
these are described in more detail in the section below.
Communication engine is in charge of communication with
smartphone clients, fleet management devices and other
users of the system via secure channels. Access to the AR
content (i.e. bus arrival times, tourist landmark data) is
provided by the AR content engine. This component also
enables the public transport company and city authorities to
create dynamic AR content that can be presented to the
users. Component dedicated to bus arrival time and route
calculation is utilizing the data from the fleet management
devices and travelers routing plans respectively. Bus arrival
times are calculated using the real-time bus locations,
distance to the bus stop, current estimate of the traffic
conditions as well as previous knowledge about arrival times
at certain time of the day. In order to allow other users of the
system (i.e. city authorities, police) to access the cloud
infrastructure, web server and appropriate web applications
(web portals) are implemented and deployed.
The core component of the fleet management device is
the GPS/GPRS modem which is used to provide GPS
location and communication link to the GSM network
operator. The embedded microcontroller and flash memory
provide the limited processing capabilities which are used in
executing the program code. The security engine component
provides lightweight encryption and decryption algorithms in
order to ensure secure data transmission to the cloud
infrastructure via communication engine. All the data
processing, local storage, parsing and packing tasks are
performed within the data handling component.
V. SECURE IOT INFRASTRUCTURE
The proposed system generates and handles sensitive
data and therefore it is important to consider security
mechanisms that must be implemented within the IoT
platform. The sensitive data include travel plans specified by
the travelers, their location, bus location data generated by
the fleet management devices, and all the information and
data extrapolated from this data. Access to all this
information should be restricted to authorized users with
appropriate access mechanisms. Furthermore, transfer of the
data via communication channels must be done in a secure
way in order not to compromise privacy aspects of the
travelers as well as the security of the public transport
company infrastructure.
Since IoT solutions and architectures greatly differ in
implementation and the security requirements, there is a
number of studies addressing this issue such as [15], [16] and
[17]. As described, many existing security mechanisms for
the IT systems can be applied at different levels and for
different purposes within the IoT architectural stack, namely
protocol and network security, privacy, identity
management, trust and governance. Furthermore, different
layers of the IoT infrastructure require different types of
security mechanisms, for example web applications and data
storage within the cloud require one type of security whereas
the IoT devices might need different types of algorithms and
rules.
For the proposed system, a set of the security
mechanisms is being implemented to cover the three main
areas, namely:
Secure storage within the cloud infrastructure
Data privacy and access control mechanisms for
the users and IoT devices
End-to-end communication from mobile and
web applications to the IoT devices across the
back-end cloud platform
Secure storage is very important aspect to consider when
dealing with sensitive data within distributed systems
including the IoT systems [18]. The generic architecture for
the secure storage consists of three main components: a data
processor (DP), that processes data before it is sent to the
cloud; a data verifier (DV), that checks whether the data in
the cloud has been tampered with; and a token generator
(TG), that generates tokens that enable the cloud storage
provider to retrieve segments of customer data; and a
credential generator that implements an access control policy
by issuing credentials to the various parties in the system
(these credentials will enable the parties to decrypt encrypted
data according to the policy). This generic architecture will
be instantiated within the proposed system focusing on the
efficiency of the cryptographic primitives due to the resource
restricted nature of the fleet management devices that will
implement parts of the cryptographic algorithm.
Data privacy and access control are interconnected and
very important issues to be considered in the proposed
system, and in the IoT in general [19]. The data generated by
the fleet management devices are owned by the public
transportation company and the access to this data should be
highly restricted only to authorized users. Furthermore,
citizens will be generating private data indicating the GPS
location as well as their travel plans. This data stored within
the cloud infrastructure should also be treated sensitive and
access to this data should not be made publicly available.
Furthermore, it should be prevented that any unauthorized
fleet management devices are connected to the system.
Therefore, it is necessary to establish access control policies
for both end users (citizens) and the IoT devices (i.e. fleet
management devices) connecting to the back-end cloud
platform. For the authorization and access control of citizens
and other users (e.g. administrators, transport company and
other stakeholders) it would be possible to use standard role-
based techniques already deployed within the standard
network infrastructure such as RADIUS, LDAP, IPSec,
Kerberos, SSH [20]. Using these techniques, the identity of
the user is established and then the access privileges are
determined based on the user’s role defined within the
overall eco-system. This technique relies on HTTP cookies
stored in a user’s browser after their identity has been
verified. However, for the IoT devices, role based access
control systems are not suitable as the identity of individual
device may not be known or may not be important.
Therefore, in this case, access control is typically based on
other criteria, such as location, proximity, and other
operational parameters [21]. Subsequently, the mechanism
that will be deployed within the proposed system is based on
attribute-based encryption (ABE) scheme for fine-grained
access control without a lengthy user authorization process
as described in [22]. In an ABE system, the keys and
ciphertexts are labeled with sets of descriptive attributes and
a particular key can decrypt a particular ciphertext only if
there is a match between the attributes of the ciphertext and
the key. In this way the sensitive (and encrypted) data can be
selectively shared at a fine-grained level allowing the multi-
level access to different users (in this case fleet management
devices) granting them associated access rights for only the
data (or parts of the system) they are allowed to use. This
technique will be adopted for the fleet management devices
and integrated within the overall security framework of the
platform.
End-to-end communication security ensures
confidentiality within the IoT system in order to provide
messages that are sent from the source to the destination to
be hidden from the intermediate entities (i.e. preventing
potential eavesdropping). Confidentiality within the IoT
system is implemented through suitable encryption and
decryption algorithms at different levels within the system’s
architectural stack. For the upper layers of the stack covering
the web and mobile applications, standard security
mechanisms are deployed, namely IPsec or SSL/TLS where
HTTP protocol is used. However, a particular challenge
when considering the security aspects within the lower layers
of the architectural IoT stack, where IoT devices are located,
is that they are often resource restricted devices with limited
battery life, memory, low communication bandwidth, low
CPU processing power etc. For these reasons, the main
communication protocol used for the communication
between IoT devices and back-end infrastructure is
connection-less UDP, instead of stream-oriented TCP. The
synchronous HTTP is designed for TCP and is not feasible
for use in the UDP-based IoT. Therefore, the Constrained
Application Protocol (CoAP), a subset of HTTP is being
standardized as a web protocol for the IoT [23]. To protect
the transmission of sensitive information, secure CoAP
mandates the use of datagram transport layer security
(DTLS) as the underlying security protocol for authenticated
and confidential communication. DTLS, however, was
originally designed for comparably powerful devices that are
interconnected via reliable, high-bandwidth links which is
often not the case. In order to address this issue, various
activities such as [24] leveraging the 6LoWPAN standard are
on-going in order to create light-weight security methods to
protect the CoAP-based communication. The proposed
system aims to implement searchable encryption method in
which the encrypted data is remotely stored in a distributed
system and the owner of such data is able to perform query
operations while maintaining the information confidentiality
and not allowing the access to the data to the external entities
[25], [26]. The core of the security system is the
cryptographic primitive which can be successfully scaled up
and down to provide variable level of protection at the
expense of using more or less resources (i.e. processing
power, memory, generated overhead). Such a primitive can
then be applied at the various levels within the proposed
system architectural stack, namely within the cloud
infrastructure and IoT devices. The ISO/IEC 29192
standards aim to provide lightweight cryptography for
constrained devices, including block and stream ciphers and
asymmetric mechanisms [27]. This method will be further
optimized in order to reduce the key size and make the
algorithm more efficient in terms of computational
requirements and still provide the satisfactory level of the
security. In particular the planned approach is to use the
curves with keylength between 32 and 64 bits as opposed to
typical 128 bits leading to the Short Elliptic Curves based
cryptosystem as shown in [28].
Furthermore, the method will be based on the
cryptographic primitive “signcryption” which
simultaneously fulfils the integrated function of public
encryption and digital signature with a computing and
communication cost significantly smaller than required by
the “signature-then-encryption” method [29].
VI. CONCLUSION
The work presented in this paper is focused on
implementation of novel smart city service within the public
transportation powered by the Augmented Reality (AR)
technology. The service will be deployed within the city of
Novi Sad in Serbia together with the local public
transportation company. Overall system is presented with the
focus on the security aspects to be addressed within the
system. Once the system is deployed, the plans are to
enhance it with the possibility to include purchase of the bus
tickets as well as to enable integrated ticketing system
covering the multi-modal transportation. This will include
payments for the rental bicycles, car parks, trams etc.
Furthermore, the application will enable routing calculation
using these additional modes of transport (i.e. bikes, cars and
trams).
ACKNOWLEDGMENT
Parts of the activities will be performed within the EU-
funded project Secure and sMArter ciTIes data management,
SMARTIE, Contract Number: CNECT-ICT-609061,
Area of Activity: Framework Programme 7, ICT Objective
1.4 IoT (Smart Cities), Period: 1st September 2013 - 31st
August 2016.
REFERENCES
[1] P. Azad, T. Asfour, and R. Dillmann, “Combining Harris
interest points and the sift descriptor for fast scale-invariant
object recognition,” EEE/RSJ International Conference on
Intelligent Robots and Systems (IROS), 2009.
[2] H. Bay, A. Ess, T. Tuytelaars, and L.V. Gool, “Speeded-up
robust features (surf),” Computer Vision and Image
Understanding, vol. 3, 2008, pp. 346–359.
[3] Y. Boykov, and D. Huttenlocher, “Adaptive bayesian
recognition in tracking rigid objects,” In Proc. IEEE Conf.
Computer Vision and Pattern Recognition (CVPR), 2000.
[4] H. Kato, and M. Billinghurst, “Marker tracking and HMD
calibration for a video-based augmented reality conferencing
system,” Proceedings of International Workshop on
Augmented Reality, 1999, pp. 85–94, San Francisco, CA.
IEEE. ISBN 0-7695-0359-4.
[5] Wikitude App, http://www.wikitude.com/app/
[6] Gartner, “Hype cycle special report,”
http://www.gartner.com/technology/research/hype-cycles/, August
19, 2013.
[7] Juniper Research, “Mobile augmented reality, smartphones,
tablets and smart glasses 2013-2018,” 7th Nov 2013.
[8] Smart Santader FP7 project, “SmartSantanderRA - Santander
augmented reality application,”
http://www.smartsantander.eu/index.php/blog/item/174-
smartsantanderra-santander-augmented-reality-application
[9] Open Cities FP7 project, http://opencities.net/
[10] StreetMuseum,
http://www.museumoflondon.org.uk/Resources/app/you-are-
here-app/home.html
[11] Experenti Smart Cities FP7 project,
http://www.experenti.com/en/portfolio/smart-city/
[12] Something in the AIR in Madison Square: Smarter Cities and
Augmented Reality,
http://asmarterplanet.com/blog/2010/05/something-in-the-air-
in-madison-square-smarter-cities-and-augmented-reality.html
[13] IoT-A FP7 project, http://www.iot-a.eu/
[14] Qualcomm Vuforia AR engine, www.vuforia.com
[15] A.J. Shipley, “Security in the internet of things, lessons from
the past for the connected future,” Security Solutions, Wind
River, White Paper, 2013.
[16] R. H. Weber, “Internet of things – new security and privacy
challenges,” Elsevier Science, Computer law & security
review, vol. 26, 2010. pp. 23–30.
[17] R. Roman, P. Najera and J. Lopez, “Securing the internet of
things,” IEEE Computer, vol. 44, no. 9, pp. 51-58, Sep. 2011.
[18] S. Kamara and K. Lauter, “Cryptographic cloud storage,”
Microsoft Research, Report, 2010.
[19] European Commission, “IoT privacy, data protection,
information security,” 2013.
[20] J. Janak, H. Nam, and H. Schulzrinne, “On access control in
the internet of things,” Columbia University, February 15,
2012.
[21] G. Zhanga, J. Liub and D. Ying, “The study of access control
for service-oriented computing in internet of things,” I.J.
Wireless and Microwave Technologies, vol. 3, 2012, pp. 62-
68.
[22] M. Li, W. Lou, and K. Ren, “Data Security and Privacy in
Wireless Body Area Networks,” IEEE Wireless Commun.,
vol. 17, no. 1, Feb. 2010, pp. 51–58.
[23] Z. Shelby, K. Hartke and C. Bormann, “Constrained
application protocol (CoAP),” https://ietf.org/doc/draft-ietf-
core-coap, June 28, 2013, CoRE Working Group, IETF
[24] S. Raza, H. Shafagh, K. Hewage, R. Hummen and T. Voigt,
“Lightweight secure CoAP for the internet of things,” Sensors
Journal, IEEE, vol. 13, Issue 10, Oct. 2013, pp. 3711–3720.
[25] M. S. Islam, M. Kuzu, M. Kantarcioglu, “Inference attacks
against searchable encryption protocols,” Proc. of the 18th
ACM conference on Computer and communications security,
pp 845-448, 2011.
[26] M. Abdalla, M. Bellare, D. Catalano, E. Kiltz, T. Kohno, T.
Lange, et al., “Searchable encryption revisited: consistency
properties, relation to anonymous IBE and extensions,”
Journal of Cryptology, vol. 21, no. 3, pp. 350-391, 2008.
[27] ISO/IEC 29192-2:2012, “Information technology - security
techniques, lightweight cryptography, Part 2: block ciphers,”
http://www.iso.org/iso/home/store/catalogue_tc/catalogue_det
ail.htm?csnumber=56552
[28] A. Sojka, K. Piotrowski and P. Langendoerfer, “Short ECC: a
lightweight security approach for wireless sensor networks,”
Proc. Security and Cryptography (SECRYPT), July 2010.
[29] Z. Xuanwu, J. Zhigang, F. Yan, Z. Huaiwei and Q. Lianmin,
“Short signcryption scheme for the internet of things,”
Slovenian Society Informatika, 2011.
... Confidentiality, another critical aspect of data security, is often challenged in AR environments due to users' sharing of augmented content. The literature emphasizes the need for robust encryption protocols to secure data transmission between AR devices and servers, preventing eavesdropping and unauthorized access (Pokrić, Krco, & Pokrić, 2014;Varghese et al., 2015). Additionally, the implementation of secure data storage mechanisms on AR devices is crucial to protect confidential information from theft or unauthorized retrieval. ...
SECURITY CONSIDERATIONS AND GUIDELINES FOR AUGMENTED REALITY IMPLEMENTATION IN CORPORATE ENVIRONMENTS
Article
Full-text available
  • Nov 2023
This research paper explores the intricate tapestry of security considerations in integrating augmented reality (AR) within corporate landscapes. The journey begins with an in-depth literature review, providing insights into authentication, data privacy, network security, and device vulnerabilities specific to AR systems. A conceptual framework, synthesizing the augmented reality security framework with legal, ethical, and human-centric dimensions, serves as a foundational guide. The guidelines proposed outline a strategic roadmap, emphasizing policy formulation, employee training, security audits, integration with existing infrastructures, legal compliance, and device security. The conclusion underscores the dynamic nature of AR technology, advocating for ongoing vigilance and collaboration to secure the evolving frontier of augmented reality in corporate environments. Keywords: Augmented Reality Security, Corporate Environments, Authentication, Data Privacy, Network Security, Conceptual Framework, Security Guidelines.
View
... • Internet of Things IoT: the findings of the bibliometric analysis suggest a growing focus on smart tourism research in the context of smart cities and AR. As IoT technologies continue to develop, future research should consider the integration of AR with IoT to provide real-time information on public transportation [97], events, and other services, making it easier for tourists to navigate and explore their surroundings and, consequently, expanding the role of AR in smart tourism. ...
From Earlier Exploration to Advanced Applications: Bibliometric and Systematic Review of Augmented Reality in the Tourism Industry (2002–2022)
Article
Full-text available
  • Jun 2023
Augmented reality has emerged as a transformative technology, with the potential to revolutionize the tourism industry. Nonetheless, there is a scarcity of studies tracing the progression of AR and its application in tourism, from early exploration to recent advancements. This study aims to provide a comprehensive overview of the evolution, contexts, and design elements of AR in tourism over the period (2002–2022), offering insights for further progress in this domain. Employing a dual-method approach, a bibliometric analysis was conducted on 861 articles collected from the Scopus and Web of Science databases, to investigate the evolution of AR research over time and across countries, and to identify the main contexts of the utilization of AR in tourism. In the second part of our study, a systematic content analysis was conducted, focusing on a subset of 57 selected studies that specifically employed AR systems in various tourism situations. Through this analysis, the most commonly utilized AR design components, such as tracking systems, AR devices, tourism settings, and virtual content were summarized. Furthermore, we explored how these components were integrated to enhance the overall tourism experience. The findings reveal a growing trend in research production, led by Europe and Asia. Key contexts of AR applications in tourism encompass cultural heritage, mobile AR, and smart tourism, with emerging topics such as artificial intelligence (AI), big data, and COVID-19. Frequently used AR design components comprise mobile devices, marker-less tracking systems, outdoor environments, and visual overlays. Future research could involve optimizing AR experiences for users with disabilities, supporting multicultural experiences, integrating AI with big data, fostering sustainability, and remote virtual tourism. This study contributes to the ongoing discourse on the role of AR in shaping the future of tourism in the post COVID-19 era, by providing valuable insights for researchers, practitioners, and policymakers in the tourism industry.
View
... With the widespread adoption of smartphones, the use of mobile technologies to engage with citizens has gained interest among researchers, policymakers, and activists (Ertiö, 2015). This aligns with citizens' current expectations about having access to more detailed information on their city and influencing aspects of city planning, management, and development (Pokric et al., 2014). Embracing digital technologies in participatory planning is thus seen as a means by which citizens can more readily understand planning and raise awareness of the opportunities for involvement. ...
Augmented reality as a participation tool for youth in urban planning processes: Case study in Oslo, Norway
Article
Full-text available
  • Feb 2023
Augmented reality (AR) allows objects to be digitally simulated in the real world through smartphones, tablets, and headsets. While there are interesting AR technology case studies in participatory urban planning, this type of research has yet to be conducted within a real-life municipal planning scenario. Following the UN Habitat recommendation that further studies in AR as a participatory tool seek to integrate planning with real citizens, we studied the use of AR for the Oslo Trees plan in Norway. The case study consists of field work with AR between 2020 and 2021 over five weeks, with five different groups of youth participants from eight different districts of Oslo, who were tasked with planning a portion of Oslo’s 100,000 new trees. We document how these youths used AR in films, images, drawings, interviews, screen recordings, and recorded presentations. We find that AR is a highly intuitive tool for these youth user groups in design and planning and how the AR schemes impacted the final design of the plan. The use of AR aided users’ ability to generate their own planning proposals on site at scale; nearly all participants increased their understanding of participation, urban planning, architecture, and design in the workshops. In addition, the youths experienced an increased sense of confidence in displaying their design intentions and appreciated being given control of the planning process. However, we also found that location tracking and positioning in AR is imprecise and often “buggy” in the current state of the technology, causing irritation among users. Furthermore, despite the high degree of control afforded to users through AR, experts were still needed to verify which tree proposals were viable, offering important insights into how AR could be designed in the future. We conclude with a discussion on opportunities and barriers for the implementation of AR in participatory urban planning, pointing to the need for a more coordinated and holistic approach to both AR technology development and planning policy if the technology is to be developed further for participatory urban planning.
View
... The dynamic public transport offer is calculated using a multi-agent system that continuously processes all available online data and proposes dynamic routes and schedules of different means of public transport (Horažďovský et al., 2019). Augmented reality apps for public transport exploiting the benefits of connectivity of IoT infrastructure can access data, location, and images storage in different cloud interfaces ensuring safe procedures (Pokrić et al., 2014). ...
Sustainability and Urban Innovation by Smart City Implementation
Chapter
Full-text available
  • Jan 2023
Sustainability is a global need, both for companies and people. It is not only a matter of convenience to achieve more excellent business benefits, but it is also accompanied by the concept of a smart city, which is of fundamental importance since it also goes in parallel with Industry 4.0. This chapter describes the technologies associated with the implementation of smart cities, benefits, limitations, and contribution to sustainability. Different examples of smart cities are described, highlighting the requirements for implementation and the associated risks. The amount and type of specific technologies available in implementing a smart city are striking. Sustainable cities and smart cities undoubtedly share many characteristics, so the interconnection of concepts facilitates implementation, knowing all the technological requirements necessary for development.
View
... In smart cities, IoT sensors provide location-based information presented in the user interfaces, as virtual objects through their mobile phones. This information can vary from transportation announcements [44] to general context defined by dynamically-placed markers [45]. Realtime environmental data are demonstrated by AR mobile applications providing engaging ways of IoT sensor data visualization [46]. ...
An IoT-Enabled Platform for the Assessment of Physical and Mental Activities Utilizing Augmented Reality Exergaming
Article
Full-text available
  • Apr 2022
  • SENSORS-BASEL
Augmented reality (AR) and Internet of Things (IoT) are among the core technological elements of modern information systems and applications in which advanced features for user interactivity and monitoring are required. These technologies are continuously improving and are available nowadays in all popular programming environments and platforms, allowing for their wide adoption in many different business and research applications. In the fields of healthcare and assisted living, AR is extensively applied in the development of exergames, facilitating the implementation of innovative gamification techniques, while IoT can effectively support the users’ health monitoring aspects. In this work, we present a prototype platform for exergames that combines AR and IoT on commodity mobile devices for the development of serious games in the healthcare domain. The main objective of the solution was to promote the utilization of gamification techniques to boost the users’ physical activities and to assist the regular assessment of their health and cognitive statuses through challenges and quests in the virtual and real world. With the integration of sensors and wearable devices by design, the platform has the capability of real-time monitoring the users’ biosignals and activities during the game, collecting data for each session, which can be analyzed afterwards by healthcare professionals. The solution was validated in real world scenarios and the results were analyzed in order to further improve the performance and usability of the prototype.
View
... Another special case of AR remote control targets mobile robots [37] and drones [20,79]. Other AR/IoT applications cover physically larger areas, such as traffic [54] or factories [3], or target composite devices, e.g., an audio mixer [46]. ...
RagRug: A Toolkit for Situated Analytics
Article
  • Mar 2022
We present RagRug, an open-source toolkit for situated analytics. The abilities of RagRug go beyond previous immersive analytics toolkits by focusing on specific requirements emerging when using augmented reality (AR) rather than virtual reality. RagRug combines state of the art visual encoding capabilities with a comprehensive physical-virtual model, which lets application developers systematically describe the physical objects in the real world and their role in AR. We connect AR visualization with data streams from the Internet of Things using distributed dataflow. To this aim, we use reactive programming patterns so that visualizations become context-aware, i.e., they adapt to events coming in from the environment. The resulting authoring system is low-code; it emphasises describing the physical and the virtual world and the dataflow between the elements contained therein. We describe the technical design and implementation of RagRug, and report on five example applications illustrating the toolkit's abilities.
View
... AR can offer many advantages in the repair and maintenance field, assisting workers in providing visual and auditory information (Aleksy et al., 2014;Siderska and Jadaan, 2018). When the workers are doing repair or maintenance procedures, they usually get instructions from (Konstantinidis et al., 2020;Schneider et al., 2017;Henderson & Feiner, 2011;Frigo et al., 2016;Paelke, 2014) (Moloney, 2006;Lamberti et al., 2014) Remote expert guidance (Hořejší, 2015;Verde et al., 2020; El Ammari & Hammad, 2019; Mourtzis et al., 2017) Improved service & self-service (Aleksy et al., 2014;Blaga et al., 2021) Manufacuring Quality assurance (Li et al., 2020;Ong et al., 2008;Naik, 2015;Wuest et al., 2016;Frigo et al., 2016;Alarcon et al., 2020) Performance dashboards (Jiang et al., 2019;Vassell et al., 2016) Assembly work instructions (Alarcon et al., 2020;Hořejší, 2015;Loch et al., 2016;Frigo et al., 2016;Leu et al., 2013;Evans et al., 2017;Wang et al., 2016) (Qin et al., 2021;Hauswiesner et al., 2013;Wiwatwattana et al., 2014) Retailspace optimization 74 75 (Van Esch et al., 2019;Subakti & Jiang, 2016;de Koster et al., 2007) Augmented brand experience (Scholz & Duffy, 2018;Zhang et al., 2000;BMW Group, 2017) Augmented advertisement (El-firjani & Maatuk, 2016;BMW Group, 2017;Stoyanova et al., 2013;Stoyanova et al., 2015) Design Collaborative engineering (Ho et al., 2021;Smparounis et al., 2008) Inspection of digital prototypes (Somanath et al., 2017;Nebeling & Madier, 2019;Reddy et al., 2015) Augmented interface (Liu et al., 2017;Ong et al., 2008;Shin et al., 2014) Eror diagnosis Blaga et al., 2021) Operations Heads-up display (Oliveira et al., 2015;Ong et al., 2008) Digital product controls (Khatib et al., 2021;Zollmann et al., 2014) Augmented oprator manuals (Re et al., 2016;Schneider et al., 2017;Paelke, 2014) Agmented interface (Shen Fangyang et al., 2010;Shin et al., 2014;Blaga et al., 2021) Training JOB specific training Hořejší, 2015;Boulanger, 2004) Safety and security training (Li et al., 2018;Boulanger, 2004;Besbes et al., 2012) Expert coaching (Kim et al., 2017) Logistics Warehousing (Stoltz et al., 2017;Fang & An, 2020;Al-Jabi & Sammaneh, 2018) Transportation (Blümel, 2013;Pokric et al., 2014) Last-mile delivery (Kokkas & Vosniakos, 2019;Tatasciore, 2018) handbooks, especially when the procedure is complicated and it is reported to be extremely timeconsuming (Sanna et al., 2015;Dini & Mura, 2015;Yuan et al., 2008). When the maintenance task is complicated, like repairing a jet engine, getting instructions from a handbook is quite time-consuming compared to using an HMD to show the instructions. ...
Augmented reality applications in manufacturing and its future scope in Industry 4.0
Preprint
Full-text available
  • Dec 2021
Augmented reality technology is one of the leading technologies in the context of Industry 4.0. The promising potential application of augmented reality in industrial production systems has received much attention, which led to the concept of industrial augmented reality. On the one hand, this technology provides a suitable platform that facilitates the registration of information and access to them to help make decisions and allows concurrent training for the user while executing the production processes. This leads to increased work speed and accuracy of the user as a process operator and consequently offers economic benefits to the companies. Moreover, recent advances in the internet of things, smart sensors, and advanced algorithms have increased the possibility of widespread and more effective use of augmented reality. Currently, many research pieces are being done to expand the application of augmented reality and increase its effectiveness in industrial production processes. This research demonstrates the influence of augmented reality in Industry 4.0 while critically reviewing the industrial augmented reality history. Afterward, the paper discusses the critical role of industrial augmented reality by analyzing some use cases and their prospects. With a systematic analysis, this paper discusses the main future directions for industrial augmented reality applications in industry 4.0. The article investigates various areas of application for this technology and its impact on improving production conditions. Finally, the challenges that this technology faces and its research opportunities are discussed.
View
Unleashing the digital building bricks A smart service taxonomy for retail
Article
Full-text available
  • Oct 2023
  • Electron Market
The increasing online competition, associated changes in customer behaviors, and effects of the pandemic in recent years have led to increasing retail store closures. This development has given rise to a downward spiral in terms of a decreasing attractiveness of local shopping places and a further reduction of stores. Research has recognized that smart services can unleash the potential to compensate for the competitive disadvantages of physical retailers by combining tailored physical and digital offerings to enhance customer-oriented value creation. However, most approaches are limited to in-store services without addressing the wider shopping experience in retail surroundings. Therefore, this paper provides a classification framework for smart services in retail evaluated against 163 use cases, as well as six service archetypes. This work contributes to understanding relevant service design elements and proposes applying the idea of a holistic customer experience to service design in physical retail environments.
View
View
View
Lithe: Lightweight Secure CoAP for the Internet of Things
Article
Full-text available
  • Oct 2013
The Internet of Things (IoT) enables a wide range of application scenarios with potentially critical actuating and sensing tasks, e.g., in the e-health domain. For communication at the application layer, resource-constrained devices are expected to employ the constrained application protocol (CoAP) that is currently being standardized at the Internet Engineering Task Force. To protect the transmission of sensitive information, secure CoAP mandates the use of datagram transport layer security (DTLS) as the underlying security protocol for authenticated and confidential communication. DTLS, however, was originally designed for comparably powerful devices that are interconnected via reliable, high-bandwidth links. In this paper, we present Lithe-an integration of DTLS and CoAP for the IoT. With Lithe, we additionally propose a novel DTLS header compression scheme that aims to significantly reduce the energy consumption by leveraging the 6LoWPAN standard. Most importantly, our proposed DTLS header compression scheme does not compromise the end-to-end security properties provided by DTLS. Simultaneously, it considerably reduces the number of transmitted bytes while maintaining DTLS standard compliance. We evaluate our approach based on a DTLS implementation for the Contiki operating system. Our evaluation results show significant gains in terms of packet size, energy consumption, processing time, and network-wide response times when compressed DTLS is enabled.
View
Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions
Conference Paper
Full-text available
  • Aug 2005
We identify and fill some gaps with regard to consistency (the extent to which false positives are produced) for public-key encryption with keyword search (PEKS). We define computational and statistical relaxations of the existing notion of perfect consistency, show that the scheme of [7] is computationally consistent, and provide a new scheme that is statistically consistent. We also provide a transform of an anonymous IBE scheme to a secure PEKS scheme that, unlike the previous one, guarantees consistency. Finally we suggest three extensions of the basic notions considered here, namely anonymous HIBE, public-key encryption with temporary keyword search, and identity-based encryption with keyword search.
View
Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions
Article
Full-text available
  • Jul 2008
We identify and fill some gaps with regard to consistency (the extent to which false positives are produced) for public-key encryption with keyword search (PEKS). We define computational and statistical relaxations of the existing notion of perfect consistency, show that the scheme of Boneh etal. (Advances in Cryptology—EUROCRYPT 2004, ed. by C.Cachin, J.Camenisch, pp.506–522, 2004) is computationally consistent, and provide a new scheme that is statistically consistent. We also provide a transform of an anonymous identity-based encryption (IBE) scheme to a secure PEKS scheme that, unlike the previous one, guarantees consistency. Finally, we suggest three extensions of the basic notions considered here, namely anonymous hierarchical identity-based encryption, public-key encryption with temporary keyword search, and identity-based encryption with keyword search.
View
Combining Harris Interest Points and the SIFT Descriptor for Fast Scale-Invariant Object Recognition
Conference Paper
Full-text available
  • Nov 2009
In the recent past, the recognition and localization of objects based on local point features has become a widely accepted and utilized method. Among the most popular features are currently the SIFT features, the more recent SURF features, and region-based features such as the MSER. For time-critical application of object recognition and localization systems operating on such features, the SIFT features are too slow (500-600 ms for images of size 640×480 on a 3 GHz CPU). The faster SURF achieve a computation time of 150-240 ms, which is still too slow for active tracking of objects or visual servoing applications. In this paper, we present a combination of the Harris corner detector and the SIFT descriptor, which computes features with a high repeatability and very good matching properties within approx. 20 ms. While just computing the SIFT descriptors for computed Harris interest points would lead to an approach that is not scale-invariant, we will show how scale-invariance can be achieved without a time-consuming scale space analysis. Furthermore, we will present results of successful application of the proposed features within our system for recognition and localization of textured objects. An extensive experimental evaluation proves the practical applicability of our approach.
View
Poster
Conference Paper
  • Oct 2011
The advent of cloud computing has ushered in an era of mass data storage in remote servers. Remote data storage offers reduced data management overhead for data owners in a cost effective manner. Sensitive documents, however, need to be stored in encrypted format due to security concerns. But, encrypted storage makes it difficult to search on the stored documents. Therefore, this poses a major barrier towards selective retrieval of encrypted documents from the remote servers. Various protocols have been proposed for keyword search over encrypted data (commonly referred to as searchable encryption) to address this issue. Oblivious RAM type protocols offer secure search over encrypted data, but are too expensive to be used in practical applications. Unfortunately, all of the symmetric key based encryption protocols leak data access patterns due to efficiency reasons. In this poster, we are the first to analyze the effects of access pattern disclosure. To that end, we introduce a novel attack model that exploits access pattern leakage to disclose significant amount of sensitive information using a modicum of prior knowledge. We also present a preliminary set of empirical results on a real dataset to justify our claim.
View
The Study of Access Control for Service-Oriented Computing in Internet of Things
Article
  • Jun 2012
In Internet of Things, computing and processing of information is the core supporting. In this paper, we introduce “Service-Oriented Computing” to solve the computing and processing of information in IoT. However, a key challenge in service-oriented environment is the design of effective access control schemas.We put forward a model of Workflow -oriented Attributed Based Access Control (WABAC), and an access control framework based on WABAC model. WABAC model grants and adapts permissions to subjects according to subject atttribute, resource attribute, environment attribute and current task, meeting access control request of SOC. Using the approach presented can effectively enhance the access control security for SOC applications, and prevent the abuse of subject permissions.
View
Speeded-up robust features (SURF)
Article
  • Jun 2008
This article presents a novel scale- and rotation-invariant detector and descriptor, coined SURF (Speeded-Up Robust Features). SURF approximates or even outperforms previously proposed schemes with respect to repeatability, distinctiveness, and robustness, yet can be computed and compared much faster. This is achieved by relying on integral images for image convolutions; by building on the strengths of the leading existing detectors and descriptors (specifically, using a Hessian matrix-based measure for the detector, and a distribution-based descriptor); and by simplifying these methods to the essential. This leads to a combination of novel detection, description, and matching steps. The paper encompasses a detailed description of the detector and descriptor and then explores the effects of the most important parameters. We conclude the article with SURF's application to two challenging, yet converse goals: camera calibration as a special case of image registration, and object recognition. Our experiments underline SURF's usefulness in a broad range of topics in computer vision.
View
Short signcryption scheme for the internet of things
Article
  • Jan 2011
Signcryption is an effective cryptographic primitive, which simultaneously fulfils both the functions of encryption and signature with much lower cost than traditional schemes; it is an ideal method to provide confidentiality and unforgeability and ensure secure data storage and transmission in the IOT (Internet of things). In the paper, we propose a publicly verifiable short signcryption scheme S-ECSC for the Internet of things based on elliptic curves cryptosystem; and prove the provable security of S-ECSC under the Random Oracle model, including confidentiality in IND-CCA2 model, unforgeability in UF-CMA model and non-repudiation security. As per the efficiency analysis, S-ECSC achieves an average 80% reduction in computation cost compared with typical discrete logarithm, RSA based signcryption schemes, and has the lowest communication cost in Elgamal type signcryptions. With its superiority in efficiency and security, S-ECSC proves to be more suitable for resource-restricted environment in IOT and better satisfies the requirement of secure protocols in IOT, such as key management, secure routing, etc. At last, we take key generating and distributing protocol of distributed key management in IOT as an application example, and analyse the method and importance to apply S-ECSC into secure protocols in IOT.
View
Internet of Things – New security and privacy challenges
Article
  • Jan 2010
  • Comput Law Secur Rep
The Internet of Things, an emerging global Internet-based technical architecture facilitating the exchange of goods and services in global supply chain networks has an impact on the security and privacy of the involved stakeholders. Measures ensuring the architecture's resilience to attacks, data authentication, access control and client privacy need to be established. An adequate legal framework must take the underlying technology into account and would best be established by an international legislator, which is supplemented by the private sector according to specific needs and thereby becomes easily adjustable. The contents of the respective legislation must encompass the right to information, provisions prohibiting or restricting the use of mechanisms of the Internet of Things, rules on IT-security-legislation, provisions supporting the use of mechanisms of the Internet of Things and the establishment of a task force doing research on the legal challenges of the IoT.
View
Poster: inference attacks against searchable encryption protocols.
Conference Paper
  • Oct 2011
The advent of cloud computing has ushered in an era of mass data storage in remote servers. Remote data storage offers reduced data management overhead for data owners in a cost effective manner. Sensitive documents, however, need to be stored in encrypted format due to security concerns. But, encrypted storage makes it difficult to search on the stored documents. Therefore, this poses a major barrier towards selective retrieval of encrypted documents from the remote servers. Various protocols have been proposed for keyword search over encrypted data (commonly referred to as searchable encryption) to address this issue. Oblivious RAM type protocols offer secure search over encrypted data, but are too expensive to be used in practical applications. Unfortunately, all of the symmetric key based encryption protocols leak data access patterns due to efficiency reasons. In this poster, we are the first to analyze the effects of access pattern disclosure. To that end, we introduce a novel attack model that exploits access pattern leakage to disclose significant amount of sensitive information using a modicum of prior knowledge. We also present a preliminary set of empirical results on a real dataset to justify our claim.
View