How would you take down a city? How would you prepare for and defend against such an attack? The information security community does a great job of identifying security vulnerabilities in individual technologies and penetration testing teams help secure companies. At the next level of scale, however, things tend to fall apart.
The information security of cities, the backbone of modern civilization, often receives little to no holistic attention, unless you count the constant probing of nation state aggressors. The information technology infrastructure of cities is different from other entities. Cities feature complex interdependencies between agencies and infrastructure that are a combination of federal, state and local government organizations and private industry, all working closely together to keep the city as a whole functioning properly.
Preparedness varies widely. Some cities have their act together, but others are a snarl of individual chiefdoms built upon homegrown technological houses of cards. If you can untangle the policy and politics, and overcome the bureaucratic infighting to create workable leadership, authorities, and funding, you are still faced with an astronomically complex system and an attack surface the size of, well, a city. Our work identifies these necessary precursor steps and provides a broadly applicable set of tools to start taming and securing such an attack surface.
The Smart city is a fast advancing zone in urban planning and aged cities of today. This concept is based on the application of connected various systems in managing a city effectively. Some of the major aspects that the smart city emphasizes are energy and water supply, transport and access control, public health and safety management. The ambition of building and modernizing cities with connected infrastructures is to provide better public services, seamless high-speed communication and a better-quality living environment. The development of the smart city significantly relies on the Internet of Things (IoT) technologies.
The IoT can be applied in a great variety of environments ranging from energy saving systems, traffic monitoring, connected vehicles, building management and access control to smart-home devices. The expansion of IoT devices, is expected to grow beyond 50 billion devices in the next decade, providing the technological backbone for smart cities development. To a large extent, the adoption of IoT technology in the smart city development focuses on two aspects: energy and communication efficiency.
These two attributes can also be achieved through effective, well-planned and integrated access control management. In this perspective, a smart city can allocate its resources economically as well as limit excessive access of vehicle and people. Hence, this paper emphasizes the centralized access control management of the smart city (service centered, cloud based or similar). IoT based access control systems are composed of connected structures with incorporated sensors.
They can modernize and improve traditional access control efficiency via decision-making algorithms. As a result, time and monetary resources can be optimized for both the city authority and citizens. Nevertheless, the underlying technology of IoT presents security concerns, the collaboration of IoT vendors and access control technologies may provoke a series of incompatibility issues and thus open the way for weaknesses and vulnerabilities.
This document introduces the concept of the “Internet of Access Control”, a futuristic concept of connected access control systems distributed over an urban ecosystem, part of its critical infrastructure. Even though highly worrying and controversial concept to look at with current technological standards in addition to cybersecurity and privacy occurrences, if perfected, it could progress some of the current world’s most alarming complications like traffic jams, crime, terrorism etc.
This research consists of three parts. The first section contextualizes the background of access control systems in urban planning. Since discussions around internet based access control are not well developed online, traditional and IoT-based access control systems will be analyzed comparatively. The second section provides a comprehensive review on the advantages of adopting IoT-based access control systems in various scenarios of the smart city. The third section illustrates cybersecurity issues of deploying IoT-based access control systems in the smart city context.
Challenges of traditional access control
Access control systems, whether traditional or IoT-based, always serve the purpose of selectively restricting access to a physical location and/or electronic resources. The enhanced adoption of smart devices further emphasizes the access control need in varying circumstances. More importantly, in a mix of cyber and physical world today, new access control systems having embedded connectivity can enormously contribute to centralizing access control management on a city level, each system can function independently while sharing data seamlessly for a centralized operation coordinating different access control components of the entire smart city.
Connected access control, applications in smart cities
The concept of centralized operations permits IT and security personnel to administer and monitor access control from centralized locations (virtual, cloud-based). The IoT architecture makes it possible to grant or revoke access remotely in a timely manner via standardized authentication policies and centralized management tools.
- Access control for city-wide access control and emergency management
Smart gates in sensitive access points of the city, notably, airports, are already being adopted globally, with smart integrations happening in between different countries. It is one example of how centralized operation centers can contribute to public security and access control. The supplementary examples of similar access control systems can also be extended to baggage storage and train station lockers. Smart locks can register the identity of users and inform relevant parties in case of suspicious items or behavior.
- Access control for roads access and traffic control
Effective traffic management is a top challenge in numerous urban areas. Using centralized access control systems ensures real-time control and thus significantly improves road safety and traffic congestions. The access priorities and rights of pedestrian and vehicles can be regulated according to live traffic situations. In this aspect, access points using badges, smartphones, and other RFID technologies can be set up according to user profiles and thus notifies them continuously about their access rights. Moreover, during days of severe air pollution or major road maintenance, smart access control systems can moderate or throttle vehicle entry to relieve traffic jams of the city more efficiently. Vehicles causing more pollutants could be forbidden to circulate.
- Access control for smart home, vehicle or other personal belongings
A compelling neighborhood or a housing group access control system stops unauthorized intrusions and trespassing as well as provides valuable forensic data in case of unpleasant incidents. Smart homes can react collectively to certain events during the day and trigger a succession of commands calling for external intervention. Connecting outdoor security systems, cameras or heat sensors to the local police stations can also save the time for investigation, minimizing unnecessary field operations and sourcing witnesses. If all houses are equipped with such access control systems to inform local authorities, it will greatly reduce the time cost and manpower on a city level. Such technologies can be extended to attribute identifying rights to smart devices, in particular valuable ones like vehicles. The most compelling authentication method in this case is biometrics access control system which can be stored on centralized databases allowing the user to access his own properties (multiple houses, offices, warehouses and vehicles) with the same set of biometric attributes (similar techniques already used by airports for identity verifications).
- Access control for government institutions and business premises
Terrorism in its different forms has been a troubling issue across the planet. Cities having diverse ethnic groups are exposed to political risks, which are provoking spontaneous offenses against local government institutions. Using access control systems together with security staff (or robots) to restrict the entrance of persona non-grata in government offices and buildings is a preemptive measure to protect government assets and personnel. The electronic records can also categorize visitors so as to better cater to their needs. One important characteristic of using access control systems is that they can cross-reference the number of visitors in relation to sensitive events to detect abnormal crowd gatherings or motion. Having such technologies to monitor/analyze the crowds enables better security options.
- Access control for tourists
Touristic sites and customs deal with a high volume of domestic and international visitors. Automated access control systems, notably smart gates, add value to touristic spots by creating a safe, comfortable and relaxing environment. The smart gates connected to the centralized access control operation centers can be used to identify, register, authorize entry and exit. Tourists can be advised to install applications on their smartphone as to be informed with live traffic and tourism data accordingly to optimize their sojourn time. The city authority can install connected devices to monitor live capacity of touristic facilities such as hotels, car rentals, theaters, theme parks, beaches and hiking trails. The information is then shared via the application to help tourists reserve their tickets and plan their hang-outs more comfortably without having to stand in queue for hours. Such types of applications can also help resolve another problem that tourists constantly face in foreign countries which is getting lost from friends or close ones.
- Access control for national security and public order
A centralized access control operations center will contain considerable valuable data for law enforcement units to conduct missions such as surveillance, site audit and raids. In such situations, traditional field practice would require a further deal of planning to study the operation site with limited data sources. The sites’ civilians can also be informed or barred from certain access points simultaneously as the operation goes on. This measure facilitates the field agents to capture criminals and save hostages/humans effectively.
- Access control for standard sites: public parks, schools, companies, hospitals etc.
In the same perspective, access control systems can be installed or retrofitted to different buildings and places serving public or private functions. The profiles of the users and visitors are constantly updated with the latest access control policies on the databases as well as law enforcement units’ records. Access rights will therefore be lively monitored and processed. Individuals representing a threat can be denied access in various scenarios. For example, parks can automatically enforce/limit access of visitors with animals and inappropriate items (skateboards, kites, drones, etc.) according to new regulations of the city or nation; schools can also synchronize the data of their students with police record and parental guidance to prevent unauthorized items (drugs, pornography, weapons, etc.) to enter the premises; hospitals can react faster in referencing the incoming patients’ medical record and offer immediate and personalized medical care.
Cyber Security Issues
One main concerns of traditional access control systems is their exposure to physical security weaknesses, notably, infrastructure vandalism, operation site break-ins and other unauthorized entries. These same risks, though still exist, are reasonably mitigated in the case of IoT based access control systems. Remotely monitoring and control of unmanned facilities can provide more responsive maintenance and replacement support.
However, new technology comes with new challenges in addition to the traditional ones. The complexity of IoT technology in access control systems, to a large extent, involves plenty of cybersecurity threats.
- Protection of communication
Access control systems are built with extensive networks of connected devices. Managing such a huge number of devices is no simple task. It is worth pointing out that these networks are also likely to come from different vendors and manufacturers. The technical issues, in particular the interoperability of these connected networks and devices, demand considerable manpower and resources to operate and maintain. More importantly, the vast data generated every second by these devices grows endlessly. In the connected world, data is the new gold mine and it inevitably attracts malicious attention. On the other hand, data theft is a highly lucrative business.
The accessed data of individuals, vehicles, flying objects and other valuable devices can enable physical tracking of users and pose a real threat to their lives. On the other hand, the interoperability between different groups of devices may cause difficulties in the data transmission processes and in securing such transactions.
- Protection against tampering and spoofing
Both the software and hardware aspects of the access control connected systems are exposed to the risk of being tampered and spoofed. As discussed, the connectedness of the access control system is a double-edged sword. It can revolutionize the traditional access control management and enhance significantly its efficiency in a great variety of scenarios as demonstrated in section four. Delivering fake or deliberately-altered signals to millions of connected devices in city-wide is no longer a movie scenario, but a feasible scheme.
Hijacking an entire access control operation center may seem unlikely to take place, nor does it attract cyber-attackers without abundant resources, though it is not impossible and a city is definitely a considerable target. Replacing or eavesdropping the access control systems with altered devices in the network, though, can also be a ‘profitable’ suggestion for attackers, though other options pose less risk on the attackers, such as reselling intercepted data, selling access to compromised devices taking over the control of a subdivision of the entire access control system… Nevertheless, a combination of different city-wide access control and monitoring systems would help agencies identify such types of attempts from earlier stages.
- Enforcement of multiple biometric verification systems in sensitive locations
The security issues mentioned in the previous sections are highly related to data exchange on the network level, which can be intercepted, altered and manipulated via imitating the authentic data set. Moreover, traditional and non-traditional access control systems rely on mechanical locks and keys, passwords and access cards to process access request. The duplicable characteristic of these items is similar, even identical, to data duplication.
These identification methods can be lost and forgotten, causing additional recovery costs and risk of exploits. Hence, the attacker can take advantage of this vulnerability as they do in manipulating duplicable technical data on the network level to attack the access control systems. Biometrically-enabled access control systems can effectively counter this vulnerability. Biometric devices permit machines to intelligently recognize the unique biological attributes of humans such as face, iris, handwriting, voice and fingerprint.
The complexity of duplicating such data is then higher than reproducing an intercepted set of data to fool the system, nevertheless still possible. Besides, both the stored biometric data and the authentication methods (basically the individual himself) are highly mobile and duplicable without the security concerns of using third-party items such as keys, passwords, access cards, etc. In addition, biometrics are non-intrusive, accurate and cost-effective. Even though the attacker manages to steal his target’s biometric data, it is unlikely to be duplicated on another person’s body, or it may incur extraordinary costs
Threats and Challenges in Cyber
The cybersecurity threat grows everyday and major corporations face hundreds of millions of attacks on their networks on a daily basis. It is impossible to thwart every attack. Greg Akers, Senior Vice President of Advanced Security Initiatives and Chief Technology Officer within the Security and Trust Organization (STO), of Cisco, indicated that “the only way to protect that data is to do it by way of protecting the infrastructure.”
Another challenge resides in the how the government and private sector work together. For years, cyber experts have worked on forming public-private partnerships to enhance security for digital threats. Those partnerships have produced key initiatives to help prevent attacks and share information. The alignment of government and business, however, is not direct.
Opportunity for Resilience
There is an opportunity to improve security if companies look at cyber threats from a prevention and detection mindset, according to Chris Huntington. Resilient policy allows organizations where to start, how to map out a strategy for threats, and include all relevant departments to be active participants. Companies can also improve their efforts by quickly patch security flaws and becoming more anticipatory than reactive.
It all starts with a solid foundation
Education is a big component of cyber hygiene. This includes education about how innovative companies are incorporating security into their business models. There is also an opportunity for companies to work with legislators to change laws to accommodate smart city planning and technologies.
Cybersecurity is a critical and growing challenge for government, businesses, and universities. Focusing on the infrastructure layer of the network will be key in improving security and leaders must think about what data is the most valuable and how to secure.
Today, there are more people living in cities than in the countryside. Vehicles and energy consumption in cities are skyrocketing. The domestic and international mobility of citizens is significantly improved and tourists are travelling extensively from one city to another. Under such circumstances, many metropolitan cities are dealing with challenges such as overpopulation, waste management, massive energy consumption and pollution as a result of dramatic increase of migrants and travelers.
Traditional access control systems, therefore, can no longer effectively deal with such multidimensional challenges, traffic jams and long queue waiting times should not be accepted as the norm. Cities have to innovate themselves with better and smarter access control systems to track and manage their populations, vehicles, buildings and touristic sites.
The IoT architecture plays a significant role in shaping this wave by establishing smarter access control systems in cities to address the new challenges. Smart and connected devices can be applied in a great variety of scenarios in the city. Connecting them to a connected access control operation center significantly contributes to effective management of the city. Nevertheless, it is crucial to be aware of the cybersecurity dangers as there are multiple points of entry in such a large network of devices. In conclusion, the trend of adopting smarter access control systems and connecting them to a centralized network is going on in many big cities in the world. More research in perfecting the security of smart access control devices is expected in the near future.