Communication Techniques

In the context of connected cities, it is difficult to prevent pervasive surveillance over all physical connections. Indeed, it is important to protect access to public and shared resources through security mechanisms to prevent malicious entities from deducing users’ patterns of browsing, profiling, service use or extracting identifiers that are transmitted through communications channels. There exist two main strategies to secure communications, namely client-service and end-to-end communications.

Client-service secure communications

To secure communications against pervasive surveillance, several service providers propose to deploy encrypted communication channels. It is important to emphasize that encrypted channels need to be implemented and configured correctly, to ensure a sufficient security level. Several technologies and protocols can be implemented, namely the well-known Transport Layer Security 1.2 protocol (TLS 1.2) and the Secure Shell (SSH) protocols. These technologies provide a confidential and conceivably authenticated channel between users and service providers, but do not implement security measures between different users of the same service.

End-to-end secure communications

End-to-end encrypted services refer to encrypted communications between end-users, meaning that the encryption layer is added at one end-user and is only removed at the other end-user. Hence, transmitted data cannot be read by any third party including the service provider, e.g. VPN based communications. Service providers usually need to assist users to authenticate them, in order to create an end-to-end encrypted channel. However, it is preferable that the keys used to subsequently ensure the confidentiality and integrity of data never be available to the service providers, but derived on the end-user devices.