【 摘 要 】

A city is a large human settlement that serves the people who live there, and a smart city is a concept of how cities might better serve their residents through new forms of technology. In this article, we focus on four major smart city domains according to Maslow's hierarchy of needs: smart utility, smart transportation, smart homes, and smart healthcare. Numerous Internet of Things (IoT) applications have been developed to achieve the intelligence that we desire in our smart domains, ranging from personal gadgets, such as health trackers and smart watches to large-scale industrial IoT systems, such as nuclear and energy management systems. However, many of the existing smart city IoT solutions can be made better by considering the suitability of their security strategies. Inappropriate system security designs generally occur in two scenarios: first, system designers recognize the importance of security but are unsure of where, when, or how to implement it and second, system designers try to fit traditional security designs to meet the smart city security context. Thus, the objective of this article is to provide application designers with the missing security link they may need in order to improve their security designs. By evaluating the specific context of each smart city domain and the context-specific security requirements, we aim to provide directions on when, where, and how they should implement security strategies and the possible security challenges they need to consider. In addition, we present a new perspective on security issues in smart cities from a data-centric viewpoint by referring to the reference architecture, the activity-network-things (ANTs)-centric architecture. This architecture is built upon the concept of security in a zero-trust environment, to achieve end-to-end data security. By doing so, we reduce the security risks posed by new system interactions or unanticipated user behaviors while avoiding the hassle of regularly upgrading security models.

【 授权许可】

Free