ARCHITECTURES AND SERVICES FOR SECURE EVERYDAY DIGITIZATION
Internet of Things (IoT) devices and IoT systems have now found their place in everyday situations, but they also expose users to new security threats that would have been unthinkable before IoT became established.
The project’s aim is thus to develop automatic mechanisms that are transparent to the user and establish both secure identification of devices (protection of authenticity) and encrypted communication between devices (confidentiality and integrity of data). Appropriate security concepts should already be implemented at the level of the overall system architecture (composition and interaction of the various components) in order to implement “security-by-default” as a utilization concept. To this end, an architecture should be designed that provides security functions close to the customer. To increase the suitability for everyday use, humans should only be involved in exceptional cases, such as when new devices are introduced into a known network or new interactions between devices.
The architecture should also make it possible to operate devices securely when in use: We want to develop solutions that enable certain data flows (especially to third parties) to be detected and, if necessary, prevented. Devices that can no longer be operated securely, e.g., due to a lack of security patches, should also be able to be encapsulated in virtual environments by the foreseen security architecture.