Therefore, security related to these techniques should be taken into account while designing the structure of smart cities.
Individual Privacy
The information of an individual citizen of the smart city should be confidential.
People of smart city communicate with each other and use the services in number of ways by using modern technology that is connected using network and system.
These heterogeneous networks and system are on the target of the hackers and attackers. These attackers and hackers intrude in the confidential information of an individual and deprive individuals of their rights [64]. While considering an indi-vidual’s right of privacy, one thing that must be taken into account is social net-working. And this depends on the information provided by the individual and the method in which it can be utilized by the hacker or attacker. The providers of social networking provide adequate data to identify an individual’s profile [75].
Banking, Finance, and Business
The basic elements of smart cities are smart banking, economics, and business.
However, whereas the smart cities offer increase in economy, banking, and business sector, thesefields are also prone to attacks as one can attack for gaining financial gain. An attacker or a hacker can also negatively interfere with the economy of a society or the entire city.
Radio Frequency Identification (RFID) Tags
RFID tags RFID tagsare used in different components of smart city. RFID tags are used in the environment [77], industry [78], and mobility [79]. It has conveyed noteworthy benefit to many fields as well. This technology is also prone to security threats and attacks [80]. Authors in [81] studied that one can steal sensitive information through RFID tags and can create problem with respect to information privacy and confidentiality. Information leakage may also cause the problem of data integrity. Here are a few other related issues:
• Abuse of Tags [81]: RFID tags are small in size that makes them cost efficient.
These tags can be embedded into different functions; hence, the cost of implementing security into system is very less due to its size. An unauthorized user can use these RFID tags. RFID tags and readers communicate with each other by using Electronic Product Code (EPC) and this EPC is again viable to attacks by the attacker. Tag detachment is also a problem in using RFID tags [82].
• Tag Killing: An attacker may also delete or kill the tags by using physical destruction and make them useless [82]; then, the reader of the tag would not be able to recognize the RFID tag. This type of attacks is carried out by the DoS type of attacks. One thing that has to be noted is that tag killing may also be used for improving the privacy issue of a system [81].
• Tag Cloning: Cloning a tag means creating a copy of tag. Unauthorized copy of the tag can be created and the data in the tag may be misused. The copied data is relocated onto the tag of the attacker.
• Threats to Readers: Disruption of the reader is also a big challenge in using RFID tags. An attacker can control the reader and he can be damaged by using electromagnetic waves to disrupt the data of the RFID tag [81].
• Threats to Privacy: One can track an RFID tag without the knowledge of the user [81]. Furthermore, the EPC of tags is unique that makes the tracking of tags easier. Traceability and credentials of tags lead to leakage of personal infor-mation of an individual. Therefore, tracking the tags is also a major issue [38].
Along with tag tracking, location privacy should also be considered.
• Signal Interference: RFID system can adopt two frequency ranges: low fre-quency (125 kHz, 225 kHz, 13.65 MHz) and high frefre-quency (433 MHz, 915 MHz, 2.45 GHz, 5.8 GHz) [37]. Hence, the two frequencies from adjacent band may interfere each other. This situation may lead to data integrity in the communication between RFID tag and RFID reader.
• Jamming: Jamming causes the disturbed communication. It can affect the integrity of the system communication. This attack is performed by strong aerial at substantial distance and inactive means like shielding [82].
• Threats to Communication: RFID tag and RFID readers communicate with each other through wireless network. And these wireless signals can be easily attacked by the attacker to modify, search, and block the signal [81]. Therefore, the communication should be properly secured by using encryption and
authentication mechanism. In wireless communication, one can perform either active or passive attack [83, 84]. Even wired communication also has some security concern.
Smart Grids
Smart grids are an essential factor in the development of smart cities and in the management of energy in smart cities. Smart grids are essentially sensors and communicating networks like instruments that are used to communicate [59]. In such situation, information is prone to threats. According to research by [85–87], following are the major threats that need to be considered when developing smart cities:
• Threat to Network Availability: DoS is a kind of network availability attack.
This type of attacks introduces some kind of delay in the network services.
• Threat to Data Integrity: Data integrity is basically concerned with the mechanism to stop modification of data through replay, delay on injection, etc.
Major goal of data integrity attack is information of customer or information regarding network operation.
• Threats to Information Privacy: Privacy is fundamental right of an individual.
Hence, communication in smart grid should take care of privacy of a person.
• Threats to Devices: One can change battery of smart meters or even he/she can damage or modify the smart meter.
• Proposed Solution for Smart Grids: The proposed must include the integrity of meter data and maintenance of meter securely [86, 87]. TCP/IP is nice for Internet. For authentication, various standards of encryption are there that can be used. PKI is also better for security in smart cities.
Biometrics
Biometric is a technique that identifies an individual’s unique behavior and features.
The characteristics of two types: physical and behavioral. Sensors are used in this technology for authenticating an individual [88]. Bill Maheu [89] stated that approximately every year 3.7 dollar can be saved by implementing biometric ser-vices in smart cities. Following are the key areas that can be secured by using biometric techniques [89]: health, education, institutions, utilities, fuels, and general security.
Smartphones
Smartphones are also the key component of IoT infrastructure in a smart city. These provide access to number of services that also assist in maintenance of smart cities.
The major security threats to smartphones are as follows [74]:
• Malicious smart applications,
• Botnets and Spyware,
• Threats from Bluetooth,
• Location and GPS,
• Threats through Wi-Fi, and
• Threats through social networks.