ABSTRACT
Smart parking systems are a crucial component of the “smart city” concept,
especially in the age of the Internet of Things (IoT). They aim to take the
stress out of finding a vacant parking spot in city centers, due to the increasing
number of cars, especially during peak hours. To realize the concept of
smart parking, IoT-enabling technologies must be utilized, as the traditional
way of developing smart parking solutions entails a lack of scalability, compatibility
with IoT-constrained devices, security, and privacy awareness. In this
paper, we propose a secure and privacy-preserving framework for smart
parking systems. The framework relies on the publish/subscribe communication
model for exchanging a huge volume of data with a large number of
clients. On one hand, it provides functional services, including parking vacancy
detection, real-time information for drivers about parking availability,
driver guidance, and parking reservation. On the other hand, it provides security
approaches on both the network and application layers. In addition, it
supports mutual authentication mechanisms between entities to ensure device/
data authenticity, and provide security protection for users. That makes
our proposed framework resilient to various types of security attacks, such as
replay, phishing, and man-in-the-middle attacks. Finally, we analyze the performance
of our framework, which is suitable for IoT devices, in terms of
computation and network overhead.