The wider literature has tended to focus on a number of broad smart cities related key themes namely: the privacy and security of mobile devices and services; smart cities infrastructure and technical architecture; power systems utilised within smart cities; smart healthcare; security and privacy frameworks; algorithms and protocols; operational threats for smart cities; application of blockchain solutions within smart cities; and social media and smart cities.
3.2 Smart City Infrastructure
A number of articles focused on smart city infrastructure and ways to overcome security and privacy issues within smart cities (Abosaq
2019; Ainane et al.
2018; Alandjani
2018; Antoine Picon
2019; Awad et al.
2019; Baryshev et al.
2016; Bernardes et al.
2018; Chatterjee et al.
2017; de Amorim et al.
2019). The IoT plays a pivotal role within the infrastructure of smart cities as it provides the network architecture responsible for gathering and processing data from distributed sensors and smart devices. Studies generally categorise attacks on IoT devices into
external and
internal - attacks (Alromaihi et al.
2018; Mo et al.
2010).
The vulnerability of IoT based applications is directly related to the network paradigm where physical objects such as sensor based devices collect data on key interactions within the network and communicate via wireless or wired connections. The data which is uploaded, processed and stored can exhibit key vulnerabilities in the form of man-in-the-middle attacks and denial-of-service attacks. As a result, collecting and transferring data via the use of IoT infrastructure could severely impact the security and privacy of smart cities unless precautionary measures are implemented (Awad et al.
2019). Studies have argued that privacy can be easily compromised due to the high levels of interaction between people, devices and sensors, thus highlighting the need for this data to be fully protected (Antoine Picon
2019; Elmaghraby and Losavio
2014). Studies have posited the merits of a more strategic focus on smart city security looking beyond aspects of data privacy toward a smart securitisation policy (Efthymiopoulos
2015). The study by Ferraz and Ferraz (
2014a) argued that information security does not only include privacy, confidentiality, integrity and availability, but also includes interoperable security that represents the idea of a general failure of the urban system.
The data flows and exchanges between network components and the IoT should be subject to effective risk management in assessing and responding to threats within smart cities and the challenges of the technical sophistication gap and standards immaturity (Ainane et al.
2018; Alandjani
2018). Researchers have sought to identify technological solutions to deal with privacy and wider information security challenges. The study by Abosaq (
2019) analysed the privacy issues faced by smart cities including authentication, access control, confidentiality, trust, data security, policy implementation and secure middleware. The author designed and simulated a smart city model connected with mandatory communication devices that produced data for a number of sensors. The study proposed that data privacy can be achieved by a Fast ID Online (FIDO) authentication process (Fido Alliance
2019) for the
device to network or
device to cloud authentication and that data privacy should be considered an integral element of the smart city infrastructure (Abosaq
2019). The privacy aspects inherent within smart city network traffic infrastructure were analysed in De Fuentes et al. (
2017), where the study posited the benefits of an Attribute-Based Credentials (ABCs) solution to help address the issue of disclosure of unnecessary data. The research recommended an Idemix based approach due to its performance efficiencies and compatibility with existing smart city road traffic services. The research by Hiller and Blanke (
2017) posited the suitability of utilising resilience theory which is concerned with the ability of an organism to survive and evolve into better states. The study views privacy as a system and examines it through the resiliency lens, framing the question of how privacy can adapt and survive within a smart city.
Khan et al. (
2014) identified a list of stakeholders and modelled their involvement within the smart city context. The stakeholder mapping included: service consumers, legitimate service providers, untrusted service providers, IT experts, data custodians, standard governing bodies and domain experts. Based on the proposed stakeholder model, the study developed a security and privacy framework for secure and privacy-aware service provisioning in smart cities. The framework aimed to provide end-to-end security and privacy features for trustable data acquisition, transmission, processing and legitimate service provisioning, demonstrating the proposed frameworks ability to mitigate stakeholder security and privacy concerns. Additional relevant frameworks include the one proposed in Vitunskaite et al. (
2019), that performed a comparative smart city case study of Barcelona, Singapore and London on their governance models, security measures, technical standards and third party management. The framework encompassed technical standards, governance input, regulatory framework and compliance assurance to ensure information security is observed within all layers of the smart city infrastructure.
Smart cities are comprised of a significant number of different sensors, interaction devices, network access points, specialised hardware and software. These key assets need to be integrated within the smart city infrastructure and maintained to ensure systems are not degraded and valuable services are operable. The study by Waedt et al. (
2016) focused on the manual and automatic asset identification, annotation and tracking of graded Application Security Controls (ASCs) that can benefit from comprehensive and formalized asset management. This included the availability and integrity of fixed and mobile technology assets and the reliability and integrity of software assets installed on servers and cloud environments. The Waedt et al. (
2016) study asserts that rigorous and pervasive asset management provides value beyond security to mitigate the misuse of assets for sophisticated attacks targeting combinations of version-specific vulnerabilities.
3.5 Frameworks, Models, Algorithms and Protocols to Improve Security and Privacy
As smart cities face a number of challenges connected to security and privacy, some studies proposed various frameworks, models and algorithms to improve these issues (Al-Dhubhani et al.
2018; Antonopoulos et al.
2017; Avgerou et al.
2016; Beltran et al.
2017; Burange and Misalkar
2015; Cagliero et al.
2015). This aspect of the literature has focused on encryption algorithms to build in security to smart city systems. The Antonopoulos et al. (
2017) study tests high-level security feature algorithms by using Wireless Sensor Network (WSN) development. Stromire and Potoczny-Jones (
2018) proposed to integrate an end-to-end cryptography system into smart city solutions at a foundation level. During any data breach, nothing about the data would be revealed by applying this system. Similarly, Lai et al. (
2017) used an encryption approach in proposing a scheme titled Fully Privacy-Preserving and Revocable Identity-Based Broadcast Encryption (FPPRIB). The proposed scheme aimed to preserve the data privacy and the identity privacy of the receiver as well as the revoked user. The data can be securely protected and only the authorised user can access the data. The revocation process does not reveal any information about the data contents or the receiver identity and the public learn nothing about the receiver identity and the revoked user identity. These properties lead to applications in the smart city where identity privacy is desirable. The study by Patsakis et al. (
2015) developed a cryptographic protocol which manages the huge amount of personal information that could be generated through e-participation in a scalable, interoperable manner, which guarantees the privacy of citizens within smart cities.
Network access control plays an important role in any communication system. It is important to develop adequate security of IoT system access to prevent any intruder from taking control of IoT devices or disclosing confidential information stored at object or node level. Beltran et al. (
2017) introduced SMARTIE, an integrating platform for user-centric secure IoT applications. It preserves user privacy while guaranteeing scalability and efficiency. The proposed platform efficiently provides decentralised access control for IoT devices based on user privacy preferences. The aim of SMARTIE is to facilitate the integration of user-centric privacy and governance within IoT applications in a scalable and efficient mode. The authors highlighted that the proposed application will allow users to control their devices that join the application in terms of sensing and publishing data and enable fine-grained access control rules for their devices whilst deciding who can and cannot be in possession of their device data. The solutions proposed by Burange and Misalkar (
2015) and Peters et al. (
2019) mitigate privacy risks by providing the final decision maker with the opportunity to finalise network access for the client thereby protecting the privacy of user data. The Peters et al. (
2019) study proposed a privacy awareness framework - PrivacyZones, which requires the service provider to share meaningful features of the data collected by their application. The proposed framework was successfully tested using two case study services (Hail-A-Taxi and Get-A-Discount).
Use of AI can improve security and privacy in smart cities. González García et al. (
2017) proposed and tested the analysis of pictures through computer vision to detect people in the analysed images. By using different tests, it was found that the system detects pictures with heads and shoulders more accurately in comparison with other images. Additionally, the study found that it is possible to integrate computer vision within IoT networks and that pictures can be used as sensors thereby, helping to improve the security of homes within smart cities. Huerta and Salazar (
2019) proposed a framework by using AI and cognitive functions, which is capable of learning to understand, analyse and audit every product in an automated intelligent manner.
Gheisariy et al. (
2019) discovered that a number of existing solutions have three major drawbacks. First, applying one static privacy-preserving method for the entire system; second, sending the whole data at once and third, a lack of context-awareness. These aspects can lead to an unacceptable high level of privacy-preserving overhead. In order to deal with these issues, the authors proposed a software-defined networking paradigm that can be directly applied to smart city applications. The Guo et al. (
2017) study used an attribute-based trust negotiation scheme for communication between devices within a smart city. The research modelled the trust negotiation process using homographic encryption to guarantee its security. The proposed protocol ensured that a device satisfies its counterparty’s access policy whilst disclosing minimal privacy.
The cloud-oriented architecture solution proposed in Krichen and Alroobaea (
2019) posited a new model-based framework for testing security properties of IoT based systems within smart cities by describing the strategy adopted by the malicious party which intends to violate the security of the considered IoT system. The Han et al. (
2019) study developed a lightweight and privacy-preserving public cloud-auditing scheme for smart cities that does not require bilinear pairings. The proposed pairing-free scheme allowed a third-party auditor to generate authentication meta-data on behalf of users and provided data privacy against third-party auditors and cloud service providers. The Han et al. study found that the proposed scheme is more secure and efficient in comparison with the existing public cloud auditing schemes.
Aspects of the literature have focused on security and privacy systems for the business environment. The Avgerou et al. (
2016) study proposed the deployment of a Privacy-ABCs based authentication system into a generic eBusiness model that provides collective intelligence based eServices within Smart Cities. The model entailed the collective intelligence-interactions between citizens and facilities of smart cities and a privacy-enhancing technology titled attribute-based credentials. By using this approach buying history and consumer behaviour of citizens remains private while interacting with the eCommerce based ecosystem. The research outlined in Cagliero et al. (
2015) presented a non-emergency data analyser study the perception of citizens on urban security in the context of the business environment.
The role of software within smart cities is essential, but it brings some privacy and security issues such as exchange of application data, problems related to tracking, effects of hacking, authentication of datasets, increase in personal data thefts, access to information in data centres, effect of other applications and economic pressure (Sen et al.
2013). The study by Sucasas et al. (
2018) proposed an OAuth 2.0 based protocol for smart city mobile applications that addressed the user privacy issue by integrating a pseudonym-based signature scheme and a signature delegation scheme into the OAuth 2.0 protocol flow. The proposed solution allows users to self-generate user-specific and app-specific pseudonyms on-demand and ensures privacy-enhanced user authentication at the Service Provider side.
Some studies criticised the existing work and proposed new solutions (Gope et al.
2018; Xie and Hwang
2019; Zang et al.
2017). For example, Xie and Hwang (
2019) showed that the scheme proposed by Xiao et al. (
2017) lacks two-factor security, and suffers from an impersonation attack. To mitigate these problems, an improved roaming authentication protocol with two-factor security was proposed, secured by using an applied pi calculus-based formal validation tool ProVerif demonstrating enhanced efficiency in comparison with some related schemes.
Zang et al. (
2017) asserted that the security protocol proposed in Sookhak et al. (
2015) has inherent security flaws, thus failing to achieve its original goal. Specifically, this protocol is vulnerable to two types of attacks, namely - replace attack and replay attack. The study showed how a malicious server can deceive data owners to believe that data is being maintained effectively by launching such attacks. Additionally, it described an improved Remote Database Access (RDA) protocol by utilizing algebraic signatures to fix security flaws. The solution employed the rank-based Merkle Hash Tree to achieve verifiable dynamic data operations. Moreover, the study provided detailed security proof of the proposed RDA protocol. Gope et al. (
2018) criticised existing Radio-Frequency IDentification (RFID) technology for its compromise on privacy and forgery detection problems and heavy computation burden due to the very limited computation capability of RFID tags. The study attempted to address these issues by proposing an RFID-based authentication architecture for distributed IoT applications suitable for smart environments.
3.6 Operational Vulnerabilities for Smart Cities
Data within smart city applications should be able to withstand modification, disruption, inspection, unauthorised access, disclosure and annihilation. Basic requirements for security and privacy include confidentiality, integrity, availability, nonrepudiation, access control and privacy (Dewi Rosadi et al.
2018). Smart city residents can face security and privacy issues due to smart city app vulnerabilities, however, without perceived security protection and privacy, the public might hesitate to use smart city mobile applications. Privacy is a core issue within smart cities and one that can be directly linked to the minimal understanding of privacy from local government and business in the way they collect and process personal data. Often they do not provide the community with the opportunity and mechanism for consent (Dewi Rosadi et al.
2018).
Some studies focus on smart city initiatives for specific countries, such as Indonesia (Dewi Rosadi et al.
2018), China (Yang and Xu
2018), and Austria (Dhungana et al.
2015). The research outlined in Dewi Rosadi et al. (
2018) explored and analysed the privacy concerns within smart cities in Indonesia, highlighting the complexities of increased amounts of stored and communicated personal information that can be gathered and stored then distributed across multiple devices, services and locations. Yang and Xu (
2018) examined applicable laws and regulations in the Chinese context. The authors argued that there is no functional privacy law in China that would apply to most data collected by smart city infrastructure; nor is there any law that would protect any personal data collected under this framework. Some countries (e.g. UK) have recently developed various laws that help legally protect the privacy rights of their citizens (GDPR
2019). For example, the EU General Data Protection Regulation (GDPR) provides essential guidance to achieve a fair balance between the interests of IoT providers and users. Wachter (
2018) argues that GDPR standards need further specification and implementation into the design of IoT technologies.
Other legal issues such as jurisdiction, governance of data and handling consent in smart cities were highlighted by Grieman (
2019). Dhungana et al. (
2015) discussed cases from the Vienna smart city project outlining a number of data analytics scenarios to describe the measures adopted for secure handling of data. The study identified the following privacy and security challenges: privacy guarantees, flexibility privacy policies, anonymity, and data provenance. The project used anonymization, data aggregation, data perturbation and randomization, and cryptographic framework for data mining. It was found that the chosen solution had an impact on the public awareness and acceptability of the smart city project.
While Aldairi and Tawalbeh (
2017) and Ferraz and Ferraz (
2014b) focused on infrastructure security issues such as eavesdropping, theft, denial of service, information tracking, user/citizens data losses and other threats (e.g. hardware failure, software crash, environment and nature behaviour), Baig et al. (
2017) presented a holistic view of the security landscape of a smart city by identifying security threats. The study argued that different components of smart cities have a number of security threats. For example, smart grids have protocol vulnerabilities, privacy, eavesdropping, and attacks on internet-connected devices. Building Automation systems have security threats such as highly trusted devices, long device lifecycle lack of source authentication, and insecure protocols. For unmanned aerial vehicles, security threats include communication interaction, communication injection, and communication jamming. For smart vehicles issues could be related to a physical threat, communication interception, data security, and DoS. For IoT sensors, security threats could include maintaining the confidentiality of data, secure communication, data management, data storage, sensor failure and remote exploitation. Finally, for cloud platform security - threats could include data leakage, malicious insider threats, insecure API, DoS, malware injection attacks, system and application vulnerabilities.
Studies have analysed many of the security threats within smart cities offering a number of potential solutions. Kitchin and Dodge (
2019) suggested a wider set of systemic interventions such as security-by-design, remedial security patching and replacement, the formation of core security and computer emergency response teams, a change in procurement procedures, and continuing professional development. Srivastava et al. (
2017) presented some smart solutions to safety and security which are enhanced by the use of Artificial Intelligence (AI). The solutions which are already in place in some developed smart cities are gunshot detection sensors, video surveillance and analytics, drones, and cybersecurity. However, Vattapparamban et al. (
2016) argue that the use of these technologies (e.g. drones) can result in a number of technical and societal concerns regarding cybersecurity, privacy, and public safety.
While most of the studies in this area focus on privacy and security risks, Velasquez et al. (
2018) argued that it is important to consider natural risks when planning smart cities. The study proposed a new architecture which includes the fundamental services that need to be preserved and prioritised within a smart city. The research undertaken by Techatassanasoontorn and Suo (
2010) utilising archival and interview data found five risk categories in the municipal broadband project. The interviews were conducted with public policy experts, telecom consultants, and government officers. The following risks were identified: (1) social-political; (2) approval; (3) financial; (4) technical; (5) partnership. The study identified that some of the categories of threats such as socio-political risks have an impact on each other and argue that risk management and risk mitigation strategies are required to take a more holistic view of all threats and their interconnections instead of focusing on each type of risk separately.
3.7 Use and Adoption of Smart Services by Citizens (Success of Smart Services
A number of studies highlighted the importance of perceived security and privacy in smart cities services by citizens (Belanche-Gracia et al.
2015; Chatterjee et al.
2018; Cilliers and Flowerday
2014; Cilliers and Flowerday
2015; Van Heek et al.
2016; van Zoonen
2016). It was found that perceived security and privacy significantly affect the use and adoption of smart services by citizens. For example, Belanche-Gracia et al. (
2015) investigated attitudes towards continuance relating to smartcards, user identification, access to local facilities, and payment of small fees for basic services. By using data collected from 398 individuals living in Spain and using Partial Least Square (PLS) analysis, it was found that security has a significant effect on continuance intention of smart card use. Surprisingly, it was found that privacy does not influence intention. It can be explained that the personal information appearing in the card is very limited. As a result, cardholders did not seem to be perturbed by the privacy issues related to smartcard use. By taking into account the fact that security has a positive effect on the use of smart card services, it is advised that public managers and smart card developers need to guarantee smartcard security in order to make the service useful and worthy of the use for citizens.
Some studies claim that the success of the crowdfunding project depends on the perceived trustworthiness of the crowdsourcing system (Cilliers and Flowerday
2015; Cilliers and Flowerday
2014). Cilliers and Flowerday (
2015) examined the relationships between the privacy, information security and perceived trustworthiness of crowdsourcing system in a smart city. By using a survey of 361 participants from South Africa the study found a positive relationship between information security and the perceived trustworthiness of a crowdsourcing system. Thus, the privacy concerns of citizens using a crowdsourcing process can be addressed by increasing the perceived trustworthiness and the information security of the system. Another study by Cilliers and Flowerday (
2014) investigated factors which mitigate information security concerns of citizens participating in a public safety-participatory crowdsourcing smart city project. Via the analysis of data from completed questionnaires, the study found that security aspects of the system such as confidentiality, integrity and availability, were raising the concerns of citizens that took part in the crowdsourcing project. These findings highlight the importance of implementing legislation and adequate technology to protect the confidentiality of citizens. Additionally, it is important to educate citizens about the relevant information security controls to help protect information integrity.
Studies differ on the extent of privacy concerns depending on the type of technologies, data usage and location. According to van Zoonen (
2016) there are four areas of concern amongst people in smart cities that range from low levels (impersonal data, service purpose), to extremely high (personal data, surveillance purpose). The study explored how specific technologies (smart bin, smart parking), and data usage (predictive policing, social media monitoring) may produce various privacy concerns. Van Heek et al. (
2016) focused on the location where the technology is used. By using survey data from 119 users the study found that surveillance technologies are accepted in the location where crime threat is present such as public spaces (e.g. train stations or parks); whereas, attitudes were different in relation to more private spaces as the perceived threat is deemed to be relatively low and the use of cameras or microphones is distinctly rejected.
While some of the studies just looked citizens use and adoption of smart services, Chatterjee et al. (
2018) focused also on IT staff. The study argued that for successful implementation of smart cities it is important to consider the level of expertise of the internal IT staff to develop and support the smart services and citizens’ participation to use these smart services with full confidence and be less worried about security and privacy issues. By using 230 respondents living in India and PLS for data analysis it was found that experience and knowledge of IT authority significantly affect system security and privacy policy which internally affects operational efficiency and user experience which finally has an impact on adoption of IT services in smart cities. Thus, it is important to have proper training and readiness for both categories. Citizens should have proper awareness and understanding of the system while IT authority should have good training and communicate effectively with citizens.