Applicazioni di tecnologie IoT e wearable alla domotica: un caso di studio

Oggigiorno milioni di persone fanno uso di Internet per gli utilizzi più disparati: dalla ricerca di informazioni sul Web al gioco online; dall'invio e ricezione di email all'uso di applicazioni social e tante altre attività. Mentre milioni di dispositivi ci offrono queste possibilità, un grande passo in avanti sta avvenendo in relazione all'uso di Internet come una piattaforma globale che permetta a oggetti di tutti i giorni di coordinarsi e comunicare tra di loro. È in quest'ottica che nasce Internet of Things, l'Internet delle cose, dove un piccolo oggetto come un braccialetto può avere un grande impatto nel campo medico per il monitoraggio da remoto di parametri vitali o per la localizzazione di pazienti e personale e l'effettuazione di diagnosi da remoto; dove un semplice sensore ad infrarosso può allertarci a distanza di una presenza non autorizzata all'interno della nostra abitazione; dove un'autovettura è in grado di leggere i dati dai sensori distribuiti sulla strada. Questa tesi vuole ripercorrere gli aspetti fondamentali di Internet of Things, dai sistemi embedded fino alla loro applicazione nella vita odierna, illustrando infine un progetto che mostra come alcune tecnologie IoT e wearable possano integrarsi nella domotica, come per esempio l'utilizzo di uno smartwatch, come Apple Watch, per il controllo dell'abitazione.

IoT e progettazione di sistemi di Home Automation: un caso di studio reale basato su framework e standard open

La nascita della Internet of Things, come conseguenza dell'aumento della capacità di calcolo e adozione di connettività in nuovi dispositivi, ha permesso l'apporto di nuove tecnologie negli oggetti di uso quotidiano e ha cambiano il modo in cui le persone utilizzano e interagiscono con questi oggetti. La Home Automation, da sempre orientata al controllo locale e remoto di apparecchiature domestiche, non ha mai raggiunto una grande diffusione per colpa del costo elevato, una controproducente chiusura rispetto ad altri sistemi e una certa difficoltà nella sua programmazione da parte dei possibili utenti. Le possibilità offerte dalla IoT e i limiti della Home Automation hanno suggerito lo sviluppo di un sistema in grado si superare queste limitazioni sfruttando le tecnologie più adatte a integrare Smart Object e sistemi, gli uni con gli altri, in maniera semplice e rapida. Il progetto e lo sviluppo di una soluzione reale di Home Automation basata su un impianto domotico commerciale ha permesso di dimostrare come strumenti opensource e tecnologie orientate alla IoT consentano, se opportunamente integrate, di migliorare sia la fruibilità dei sistemi domotici, attraverso la maggiore apertura verso altri sistemi, sia l'interazione con l'utente che sarà in grado di creare in modo semplice e diretto scenari di utilizzo sempre nuovi.

Gestione Efficiente di Eventi Complessi su Piattaforma IoT ThingWorx

Nella prima parte di questa tesi viene introdotto il concetto di Internet of Things. Vengono discussi gli elementi costituitivi fondamentali di tale tecnologia, le differenti architetture proposte nel corso degli anni e le sfide che devono ancora essere affrontate per vedere realizzato l’IoT. Questa prima parte si conclude inoltre con due esempi di applicazione dell’IoT. Questi due esempi, Smart City e Smart Healthcare, hanno l’obbiettivo di evidenziare quali sono i vantaggi ed i servizi che possono essere offerti all’utente finale una volta applicato l’IoT. Nel secondo capitolo invece, vengono presentate le funzionalità della piattaforma IoT ThingWorx, la quale mette a disposizione un ambiente di sviluppo per applicazioni IoT con l’obbiettivo di ridurre i tempi e quindi anche i costi di sviluppo delle stesse. Questa piattaforma cerca di ridurre al minimo la necessità di scrivere codice, utilizzando un sistema di sviluppo di tipo “Drag and Drop”. ThingWorx mette anche a disposizione degli SDK per facilitare la programmazione dei device, gestendo soprattutto la parte di comunicazione nodo – piattaforma. Questo argomento viene trattato ampiamente nella parte finale di questo capitolo dopo aver visto quali sono i concetti fondamentali di modellazione e rappresentazione dei dati sui quali si basa la piattaforma. Nel terzo e ultimo capitolo di questa tesi viene presentato innanzitutto il tutorial Android di ThingWorx. Svolgere e successivamente estendere il tutorial ha evidenziato alcune limitazioni del modello iniziale e questo ci ha portato a progettare e sviluppare il componente Aggregated & Complex Event Manager per la gestione di eventi complessi e che permette di sgravare parzialmente la piattaforma da tale compito. La tesi si conclude evidenziando, tramite dei test, alcune differenze fra la situazione iniziale nella quale il componente non viene utilizzato e la situazione finale, nella quale invece viene usato.

Servizi di Discovery in IoT: una Soluzione MQTT-based per Gateway Kura

Grazie alla costante evoluzione tecnologica, negli ultimi anni sempre più oggetti di vita quotidiana stanno accedendo ad Internet. Il proliferare dei dispositivi “smart” ha dato il via ad una nuova rivoluzione tecnologica: quella di Internet of Things (IoT), che sta portando nelle mani degli utenti un elevatissimo numero di informazioni in grado di offrire notevoli benefici alla vita di ogni giorno. Per poter accedere ai dati messi a disposizione risulterà necessario realizzare un servizio in grado di consentire la scoperta, l’accesso e l’interazione con i nodi della rete che si occuperanno della gestione delle informazioni. In letteratura sono già disponibili alcuni di questi meccanismi, ma essi presentano dei difetti che verrebbero ancor più accentuati dalle ridotte capacità computazionali dei terminali IoT. In questo progetto di tesi verrà presentato un servizio di discovery per gateway IoT Kura-based, pensato, grazie all’utilizzo del protocollo di messaggistica MQTT, per operare con terminali dalle performance limitate ed in situazioni di scarsa connettività. Il servizio realizzato prevede che degli smartphone Android richiedano a tutti i gateway in una determinata località i parametri per entrare nel loro network. La richiesta verrà inviata mediante un messaggio MQTT pubblicato in un topic location-specific su un broker remoto. I gateway che riceveranno il messaggio, se interessati alle caratteristiche del client, gli risponderanno comunicando i dati di accesso al network in modo che il dispositivo possa auto-configurarsi per accedervi. Ad accesso avvenuto client e gateway comunicheranno in modo diretto attraverso un broker locale. In fase di testing si valuteranno le performance del servizio analizzando i tempi di risposta e l’utilizzo di risorse lato gateway, e l’assorbimento di potenza lato client.

A Link Quality and Geographical-aware Routing Protocol for Video Transmission in Mobile IoT

Wireless mobile sensor networks are enlarging the Internet of Things (IoT) portfolio with a huge number of multimedia services for smart cities. Safety and environmental monitoring multimedia applications will be part of the Smart IoT systems, which aim to reduce emergency response time, while also predicting hazardous events. In these mobile and dynamic (possible disaster) scenarios, opportunistic routing allows routing decisions in a completely distributed manner, by using a hop- by-hop route decision based on protocol-specific characteristics, and a predefined end-to-end path is not a reliable solution. This enables the transmission of video flows of a monitored area/object with Quality of Experience (QoE) support to users, headquarters or IoT platforms. However, existing approaches rely on a single metric to make the candidate selection rule, including link quality or geographic information, which causes a high packet loss rate, and reduces the video perception from the human standpoint. This article proposes a cross-layer Link quality and Geographical-aware Opportunistic routing protocol (LinGO), which is designed for video dissemination in mobile multimedia IoT environments. LinGO improves routing decisions using multiple metrics, including link quality, geographic loca- tion, and energy. The simulation results show the benefits of LinGO compared with well-known routing solutions for video transmission with QoE support in mobile scenarios.

Managing Things and Services with Semantics: A Survey

This paper presents a survey on the usage, opportunities and pitfalls of semantic technologies in the Internet of Things. The survey was conducted in the context of a semantic enterprise integration platform. In total we surveyed sixty-one individuals from industry and academia on their views and current usage of IoT technologies in general, and semantic technologies in particular. Our semantic enterprise integration platform aims for interoperability at a service level, as well as at a protocol level. Therefore, also questions regarding the use of application layer protocols, network layer protocols and management protocols were integrated into the survey. The survey suggests that there is still a lot of heterogeneity in IoT technologies, but first indications of the use of standardized protocols exist. Semantic technologies are being recognized as of potential use, mainly in the management of things and services. Nonetheless, the participants still see many obstacles which hinder the widespread use of semantic technologies: Firstly, a lack of training as traditional embedded programmers are not well aware of semantic technologies. Secondly, a lack of standardization in ontologies, which would enable interoperability and thirdly, a lack of good tooling support.

An Experimental Platform for large-scale research facing FI-IoT scenarios

Providing experimental facilities for the Internet of Things (IoT) world is of paramount importance to materialise the Future Internet (FI) vision. The level of maturity achieved at the networking level in Sensor and Actuator networks (SAN) justifies the increasing demand on the research community to shift IoT testbed facilities from the network to the service and information management areas. In this paper we present an Experimental Platform fulfilling these needs by: integrating heterogeneous SAN infrastructures in a homogeneous way; providing mechanisms to handle information, and facilitating the development of experimental services. It has already been used to deploy applications in three different field trials: smart metering, smart places and environmental monitoring and it will be one of the components over which the SmartSantander project, that targets a large-scale IoT experimental facility, will rely on

El Internet de las Cosas y los nuevos riesgos para la privacidad

Este trabajo consiste en la elaboración de un proyecto de investigación, orientado al estudio del Internet de las Cosas y los riesgos que presenta para la privacidad. En los últimos años se han puesto en marcha numerosos proyectos y se han realizado grandes avances tecnológicos con el fin de hacer del Internet de las Cosas una realidad, sin embargo aspectos críticos como la seguridad y la privacidad todavía no están completamente solucionados. El objetivo de este Trabajo Fin de Master es realizar un análisis en profundidad del Internet del Futuro, ampliando los conocimientos adquiridos durante el Máster, estudiando paso a paso los fundamentos sobre los que se asienta y reflexionando acerca de los retos a los que se enfrenta y el efecto que puede tener su implantación para la privacidad. El trabajo se compone de 14 capítulos estructurados en 4 partes. Una primera parte de introducción en la que se explican los conceptos del Internet de las Cosas y la computación ubicua, como preámbulo a las siguientes secciones. Posteriormente, en la segunda parte, se analizan los aspectos tecnológicos y relativos a la estandarización de esta nueva red. En la tercera parte se presentan los principales proyectos de investigación que existen actualmente y las diferentes áreas de aplicación que tiene el Internet del Futuro. Y por último, en la cuarta parte, se realiza un análisis del concepto de privacidad y se estudian, mediante diferentes escenarios de aplicación, los riesgos que puede suponer para la privacidad la implantación del Internet de las Cosas. This paper consists of the preparation of a research project aimed to study the Internet of Things and the risks it poses to privacy. In recent years many projects have been launched and new technologies have been developed to make the Internet of Things a reality; however, critical issues such as security and privacy are not yet completely solved. The purpose of this project is to make a rigorous analysis of the Future Internet, increasing the knowledge acquired during the Masters, studying step by step the basis on which the Internet of Things is founded, and reflecting on the challenges it faces and the effects it can have on privacy. The project consists of 14 chapters structured in four parts. The first part consists of an introduction which explains the concepts of the Internet of Things and ubiquitous computing as a preamble to the next parts. Then, in the second part, technological and standardization issues of this new network are studied. The third part presents the main research projects and Internet of Things application areas. And finally, the fourth part includes an analysis of the privacy concept and also an evaluation of the risks the Internet of Things poses to privacy. These are examined through various application scenarios.

Model-Driven Methodology for Rapid Deployment of Smart Spaces based on Resource-Oriented Architectures

Advances in electronics nowadays facilitate the design of smart spaces based on physical mash-ups of sensor and actuator devices. At the same time, software paradigms such as Internet of Things (IoT) and Web of Things (WoT) are motivating the creation of technology to support the development and deployment of web-enabled embedded sensor and actuator devices with two major objectives: (i) to integrate sensing and actuating functionalities into everyday objects, and (ii) to easily allow a diversity of devices to plug into the Internet. Currently, developers who are applying this Internet-oriented approach need to have solid understanding about specific platforms and web technologies. In order to alleviate this development process, this research proposes a Resource-Oriented and Ontology-Driven Development (ROOD) methodology based on the Model Driven Architecture (MDA). This methodology aims at enabling the development of smart spaces through a set of modeling tools and semantic technologies that support the definition of the smart space and the automatic generation of code at hardware level. ROOD feasibility is demonstrated by building an adaptive health monitoring service for a Smart Gym.

A Development Methodology to Facilitate the Integration of Smart Spaces into the Web of Things

How to create or integrate large Smart Spaces (considered as mash-ups of sensors and actuators) into the paradigm of ?Web of Things? has been the motivation of many recent works. A cutting-edge approach deals with developing and deploying web-enabled embedded devices with two major objectives: 1) to integrate sensor and actuator technologies into everyday objects, and 2) to allow a diversity of devices to plug to Internet. Currently, developers who want to use this Internet-oriented approach need have solid understanding about sensorial platforms and semantic technologies. In this paper we propose a Resource-Oriented and Ontology-Driven Development (ROOD) methodology, based on Model Driven Architecture (MDA), to facilitate to any developer the development and deployment of Smart Spaces. Early evaluations of the ROOD methodology have been successfully accomplished through a partial deployment of a Smart Hotel.

Unified representation of monitoring information across federated cloud infrastructures

Nowadays one of the issues hindering the potential of federating cloud-based infrastructures to reach much larger scales is their standard management and monitoring. In particular, this is true in cases where these federated infrastructures provide emerging Future Internet and Smart Cities-oriented services, such as the Internet of Things (IoT), that benefit from cloud services. The contribution of this paper is the introduction of a unified monitoring architecture for federated cloud infrastructures accompanied by the adoption of a uniform representation of measurement data. The presented solution is capable of providing multi-domain compatibility, scalability, as well as the ability to analyze large amounts of monitoring data, collected from datacenters and offered through open and standardized APIs. The solution described herein has been deployed and is currently running on a community of 5 infrastructures within the framework of the European Project XIFI, to be extended to 12 more infrastructures.

Contribution towards intelligent service management in wearable and ubiquitous devices

Hoy en día asistimos a un creciente interés por parte de la sociedad hacia el cuidado de la salud. Esta afirmación viene apoyada por dos realidades. Por una parte, el aumento de las prácticas saludables (actividad deportiva, cuidado de la alimentación, etc.). De igual manera, el auge de los dispositivos inteligentes (relojes, móviles o pulseras) capaces de medir distintos parámetros físicos como el pulso cardíaco, el ritmo respiratorio, la distancia recorrida, las calorías consumidas, etc. Combinando ambos factores (interés por el estado de salud y disponibilidad comercial de dispositivos inteligentes) están surgiendo multitud de aplicaciones capaces no solo de controlar el estado actual de salud, también de recomendar al usuario cambios de hábitos que lleven hacia una mejora en su condición física. En este contexto, los llamados dispositivos llevables (weareables) unidos al paradigma de Internet de las cosas (IoT, del inglés Internet of Things) permiten la aparición de nuevos nichos de mercado para aplicaciones que no solo se centran en la mejora de la condición física, ya que van más allá proponiendo soluciones para el cuidado de pacientes enfermos, la vigilancia de niños o ancianos, la defensa y la seguridad, la monitorización de agentes de riesgo (como bomberos o policías) y un largo etcétera de aplicaciones por llegar. El paradigma de IoT se puede desarrollar basándose en las existentes redes de sensores inalámbricos (WSN, del inglés Wireless Sensor Network). La conexión de los ya mencionados dispositivos llevables a estas redes puede facilitar la transición de nuevos usuarios hacia aplicaciones IoT. Pero uno de los problemas intrínsecos a estas redes es su heterogeneidad. En efecto, existen multitud de sistemas operativos, protocolos de comunicación, plataformas de desarrollo, soluciones propietarias, etc. El principal objetivo de esta tesis es realizar aportaciones significativas para solucionar no solo el problema de la heterogeneidad, sino también de dotar de mecanismos de seguridad suficientes para salvaguardad la integridad de los datos intercambiados en este tipo de aplicaciones. Algo de suma importancia ya que los datos médicos y biométricos de los usuarios están protegidos por leyes nacionales y comunitarias. Para lograr dichos objetivos, se comenzó con la realización de un completo estudio del estado del arte en tecnologías relacionadas con el marco de investigación (plataformas y estándares para WSNs e IoT, plataformas de implementación distribuidas, dispositivos llevables y sistemas operativos y lenguajes de programación). Este estudio sirvió para tomar decisiones de diseño fundamentadas en las tres contribuciones principales de esta tesis: un bus de servicios para dispositivos llevables (WDSB, Wearable Device Service Bus) basado en tecnologías ya existentes tales como ESB, WWBAN, WSN e IoT); un protocolo de comunicaciones inter-dominio para dispositivos llevables (WIDP, Wearable Inter-Domain communication Protocol) que integra en una misma solución protocolos capaces de ser implementados en dispositivos de bajas capacidades (como lo son los dispositivos llevables y los que forman parte de WSNs); y finalmente, la tercera contribución relevante es una propuesta de seguridad para WSN basada en la aplicación de dominios de confianza. Aunque las contribuciones aquí recogidas son de aplicación genérica, para su validación se utilizó un escenario concreto de aplicación: una solución para control de parámetros físicos en entornos deportivos, desarrollada dentro del proyecto europeo de investigación “LifeWear”. En este escenario se desplegaron todos los elementos necesarios para validar las contribuciones principales de esta tesis y, además, se realizó una aplicación para dispositivos móviles por parte de uno de los socios del proyecto (lo que contribuyó con una validación externa de la solución). En este escenario se usaron dispositivos llevables tales como un reloj inteligente, un teléfono móvil con sistema operativo Android y un medidor del ritmo cardíaco inalámbrico capaz de obtener distintos parámetros fisiológicos del deportista. Sobre este escenario se realizaron diversas pruebas de validación mediante las cuales se obtuvieron resultados satisfactorios. ABSTRACT Nowadays, society is shifting towards a growing interest and concern on health care. This phenomenon can be acknowledged by two facts: first, the increasing number of people practising some kind of healthy activity (sports, balanced diet, etc.). Secondly, the growing number of commercial wearable smart devices (smartwatches or bands) able to measure physiological parameters such as heart rate, breathing rate, distance or consumed calories. A large number of applications combining both facts are appearing. These applications are not only able to monitor the health status of the user, but also to provide recommendations about routines in order to improve the mentioned health status. In this context, wearable devices merged with the Internet of Things (IoT) paradigm enable the proliferation of new market segments for these health wearablebased applications. Furthermore, these applications can provide solutions for the elderly or baby care, in-hospital or in-home patient monitoring, security and defence fields or an unforeseen number of future applications. The introduced IoT paradigm can be developed with the usage of existing Wireless Sensor Networks (WSNs) by connecting the novel wearable devices to them. In this way, the migration of new users and actors to the IoT environment will be eased. However, a major issue appears in this environment: heterogeneity. In fact, there is a large number of operating systems, hardware platforms, communication and application protocols or programming languages, each of them with unique features. The main objective of this thesis is defining and implementing a solution for the intelligent service management in wearable and ubiquitous devices so as to solve the heterogeneity issues that are presented when dealing with interoperability and interconnectivity of devices and software of different nature. Additionally, a security schema based on trust domains is proposed as a solution to the privacy problems arising when private data (e.g., biomedical parameters or user identification) is broadcasted in a wireless network. The proposal has been made after a comprehensive state-of-the-art analysis, and includes the design of a Wearable Device Service Bus (WDSB) including the technologies collected in the requirement analysis (ESB, WWBAN, WSN and IoT). Applications are able to access the WSN services regardless of the platform and operating system where they are running. Besides, this proposal also includes the design of a Wearable Inter-Domain communication Protocols set (WIDP) which integrates lightweight protocols suitable to be used in low-capacities devices (REST, JSON, AMQP, CoAP, etc...). Furthermore, a security solution for service management based on a trustworthy domains model to deploy security services in WSNs has been designed. Although the proposal is a generic framework for applications based on services provided by wearable devices, an application scenario for testing purposes has been included. In this validation scenario it has been presented an autonomous physical condition performance system, based on a WSN, bringing the possibility to include several elements in an IoT scenario: a smartwatch, a physiological monitoring device and a smartphone. In summary, the general objective of this thesis is solving the heterogeneity and security challenges arising when developing applications for WSNs and wearable devices. As it has been presented in the thesis, the solution proposed has been successfully validated in a real scenario and the obtained results were satisfactory.

Biometric authentication of users through iris by using key binding and similarity preserving hash functions = Autenticación biométrica de usuarios a través del iris mediante la ocultación de claves y funciones resumen que preservan la similitud

El extraordinario auge de las nuevas tecnologías de la información, el desarrollo de la Internet de las Cosas, el comercio electrónico, las redes sociales, la telefonía móvil y la computación y almacenamiento en la nube, han proporcionado grandes beneficios en todos los ámbitos de la sociedad. Junto a éstos, se presentan nuevos retos para la protección y privacidad de la información y su contenido, como la suplantación de personalidad y la pérdida de la confidencialidad e integridad de los documentos o las comunicaciones electrónicas. Este hecho puede verse agravado por la falta de una frontera clara que delimite el mundo personal del mundo laboral en cuanto al acceso de la información. En todos estos campos de la actividad personal y laboral, la Criptografía ha jugado un papel fundamental aportando las herramientas necesarias para garantizar la confidencialidad, integridad y disponibilidad tanto de la privacidad de los datos personales como de la información. Por otro lado, la Biometría ha propuesto y ofrecido diferentes técnicas con el fin de garantizar la autentificación de individuos a través del uso de determinadas características personales como las huellas dáctilares, el iris, la geometría de la mano, la voz, la forma de caminar, etc. Cada una de estas dos ciencias, Criptografía y Biometría, aportan soluciones a campos específicos de la protección de datos y autentificación de usuarios, que se verían enormemente potenciados si determinadas características de ambas ciencias se unieran con vistas a objetivos comunes. Por ello es imperativo intensificar la investigación en estos ámbitos combinando los algoritmos y primitivas matemáticas de la Criptografía con la Biometría para dar respuesta a la demanda creciente de nuevas soluciones más técnicas, seguras y fáciles de usar que potencien de modo simultáneo la protección de datos y la identificacíón de usuarios. En esta combinación el concepto de biometría cancelable ha supuesto una piedra angular en el proceso de autentificación e identificación de usuarios al proporcionar propiedades de revocación y cancelación a los ragos biométricos. La contribución de esta tesis se basa en el principal aspecto de la Biometría, es decir, la autentificación segura y eficiente de usuarios a través de sus rasgos biométricos, utilizando tres aproximaciones distintas: 1. Diseño de un esquema criptobiométrico borroso que implemente los principios de la biometría cancelable para identificar usuarios lidiando con los problemas acaecidos de la variabilidad intra e inter-usuarios. 2. Diseño de una nueva función hash que preserva la similitud (SPHF por sus siglas en inglés). Actualmente estas funciones se usan en el campo del análisis forense digital con el objetivo de buscar similitudes en el contenido de archivos distintos pero similares de modo que se pueda precisar hasta qué punto estos archivos pudieran ser considerados iguales. La función definida en este trabajo de investigación, además de mejorar los resultados de las principales funciones desarrolladas hasta el momento, intenta extender su uso a la comparación entre patrones de iris. 3. Desarrollando un nuevo mecanismo de comparación de patrones de iris que considera tales patrones como si fueran señales para compararlos posteriormente utilizando la transformada de Walsh-Hadarmard. Los resultados obtenidos son excelentes teniendo en cuenta los requerimientos de seguridad y privacidad mencionados anteriormente. Cada uno de los tres esquemas diseñados han sido implementados para poder realizar experimentos y probar su eficacia operativa en escenarios que simulan situaciones reales: El esquema criptobiométrico borroso y la función SPHF han sido implementados en lenguaje Java mientras que el proceso basado en la transformada de Walsh-Hadamard en Matlab. En los experimentos se ha utilizado una base de datos de imágenes de iris (CASIA) para simular una población de usuarios del sistema. En el caso particular de la función de SPHF, además se han realizado experimentos para comprobar su utilidad en el campo de análisis forense comparando archivos e imágenes con contenido similar y distinto. En este sentido, para cada uno de los esquemas se han calculado los ratios de falso negativo y falso positivo. ABSTRACT The extraordinary increase of new information technologies, the development of Internet of Things, the electronic commerce, the social networks, mobile or smart telephony and cloud computing and storage, have provided great benefits in all areas of society. Besides this fact, there are new challenges for the protection and privacy of information and its content, such as the loss of confidentiality and integrity of electronic documents and communications. This is exarcebated by the lack of a clear boundary between the personal world and the business world as their differences are becoming narrower. In both worlds, i.e the personal and the business one, Cryptography has played a key role by providing the necessary tools to ensure the confidentiality, integrity and availability both of the privacy of the personal data and information. On the other hand, Biometrics has offered and proposed different techniques with the aim to assure the authentication of individuals through their biometric traits, such as fingerprints, iris, hand geometry, voice, gait, etc. Each of these sciences, Cryptography and Biometrics, provides tools to specific problems of the data protection and user authentication, which would be widely strengthen if determined characteristics of both sciences would be combined in order to achieve common objectives. Therefore, it is imperative to intensify the research in this area by combining the basics mathematical algorithms and primitives of Cryptography with Biometrics to meet the growing demand for more secure and usability techniques which would improve the data protection and the user authentication. In this combination, the use of cancelable biometrics makes a cornerstone in the user authentication and identification process since it provides revocable or cancelation properties to the biometric traits. The contributions in this thesis involve the main aspect of Biometrics, i.e. the secure and efficient authentication of users through their biometric templates, considered from three different approaches. The first one is designing a fuzzy crypto-biometric scheme using the cancelable biometric principles to take advantage of the fuzziness of the biometric templates at the same time that it deals with the intra- and inter-user variability among users without compromising the biometric templates extracted from the legitimate users. The second one is designing a new Similarity Preserving Hash Function (SPHF), currently widely used in the Digital Forensics field to find similarities among different files to calculate their similarity level. The function designed in this research work, besides the fact of improving the results of the two main functions of this field currently in place, it tries to expand its use to the iris template comparison. Finally, the last approach of this thesis is developing a new mechanism of handling the iris templates, considering them as signals, to use the Walsh-Hadamard transform (complemented with three other algorithms) to compare them. The results obtained are excellent taking into account the security and privacy requirements mentioned previously. Every one of the three schemes designed have been implemented to test their operational efficacy in situations that simulate real scenarios: The fuzzy crypto-biometric scheme and the SPHF have been implemented in Java language, while the process based on the Walsh-Hadamard transform in Matlab. The experiments have been performed using a database of iris templates (CASIA-IrisV2) to simulate a user population. The case of the new SPHF designed is special since previous to be applied i to the Biometrics field, it has been also tested to determine its applicability in the Digital Forensic field comparing similar and dissimilar files and images. The ratios of efficiency and effectiveness regarding user authentication, i.e. False Non Match and False Match Rate, for the schemes designed have been calculated with different parameters and cases to analyse their behaviour.

Sistema de ayuda a la selección de soluciones de protección de datos personales, para los productos y servicios en “Internet de las Cosas”

Los nuevos productos y servicios de “Internet de las Cosas” nos harán más eficientes, con una mayor capacidad de actuación y una mejor comprensión de nuestro entorno. Se desarrollarán nuevas ayudas técnicas que permitirán prolongar nuestra vida activa, y muchas ventajas que hoy día nos costaría imaginar. Sin embargo coexistiremos con una gran cantidad de dispositivos que recopilarán información sobre nuestra actividad, costumbres, preferencias, etc., que podrían amenazar nuestra privacidad. La desconfianza que estos riesgos podrían generar en las personas, actuaría como una barrera que podría dificultar el pleno desarrollo de esta nueva gama de productos y servicios. Internet de las Cosas, alcanza su significado más representativo con las Ciudades Inteligentes (Smart Cities) que proporcionan las herramientas necesarias para mejorar la gestión de las ciudades modernas de una manera mucho más eficiente. Estas herramientas necesitan recolectar información de los ciudadanos abriendo la posibilidad de someterlos a un seguimiento. Así, las políticas de seguridad y privacidad deben desarrollarse para satisfacer y gestionar la heterogeneidad legislativa en torno a los servicios prestados y cumplir con las leyes del país en el que se proporcionan estos servicios. El objetivo de esta tesis es aportar una posible solución para la garantizar la seguridad y privacidad de los datos personales en Internet de las Cosas, mediante técnicas que resulten de la colaboración entre las áreas empresarial, legislativa y tecnológica para dar confianza a todos los actores involucrados y resolver la posible colisión de intereses entre ellos, y también debe ser capaz de poder gestionar la heterogeneidad legislativa. Considerando que gran parte de estos servicios se canalizan a través de redes de sensores inalámbricos, y que estas redes tienen importantes limitaciones de recursos, se propone un sistema de gestión que además sea capaz de dar una cobertura de seguridad y privacidad justo a medida de las necesidades. ABSTRACT New products and services offered by the “Internet of Things” will make people more efficient and more able to understand the environment and take better decisions. New assistive technologies will allow people to extend their working years and many other advantages that currently are hard to foreseen. Nonetheless, we will coexist with a large number of devices collecting information about activities, habits, preferences, etc. This situation could threaten personal privacy. Distrust could be a barrier to the full development of these new products and services. Internet of Things reaches its most representative meaning by the Smart Cities providing the necessary solutions to improve the management of modern cities by means of more efficient tools. These tools require gathering citizens’ information about their activity, preferences, habits, etc. opening up the possibility of tracking them. Thus, privacy and security policies must be developed in order to satisfy and manage the legislative heterogeneity surrounding the services provided and comply with the laws of the country where they are provided. The objective of this thesis is to provide a feasible solution to ensure the security and privacy of personal data on the Internet of Things through resulting techniques from the collaboration between business, legislative and technological areas so as to give confidence to all stakeholders and resolve the possible conflict of interest between them, as well as to manage the legislative heterogeneity. Whereas most of these services are based on wireless sensor networks, and these networks have significant resource constraints, the proposed management system is also able to cover the security and privacy requirements considering those constrains.