Abstract:

A smart city is an idea of how cities may better serve its residents by utilising new types of
technology. A city is a significant human settlement that provides for the people who live there.

about technology. In this essay, we concentrate on the primary smart city domains—smart utilities,
smart transportation, smart dwellings, and smart healthcare

To reach the intelligence that we want in our smart domains, several IoT applications have been
created, ranging from small industrial IoT systems like nuclear and energy management systems to
personal gadgets like health trackers and smart watches. However, many of the IoT solutions for
smart cities now in use can be improved if the effectiveness of their security measures is taken into
account. Imperfect system security architectures

Introduction:
Smart cities are a new revolution that use a variety of cutting-edge technology, Including AI and Data
science, to improve the convenience of city life. A clear vision of a smart city has not yet been
established, but we can envision all the possibilities that it could have. Every smart city ultimately
represents the collective decision and vision of all parties concerned.

The basic requirements of a person include food, water, place, rest, travelling, safety and
security which make up the basic design of smart cities. 

Smart transportation systems are in charge of quickly distributing resources and people across cities.
Smart homes are designed to provide comfortability for those living in cities. Smart healthcare
systems will be there to provide health security. Smart utility systems are necessary for the efficient
provision of operations. The few key smart city domains can be smart utilities, smart transportation,
smart residences, the widespread adoption of Internet of Things (IoT) devices will strengthen all
smart city areas.

Smart Cities And Security Requirements:

Given that the characteristics of smart cities are closely related to the security requirements and
challenges and that the majority of the protection techniques introduced were developed based on
the specific scenarios of various smart applications, it is imperative that these features be taken into
consideration.

to provide a comprehensive context and comprehend the key points by introducing the
characteristics, architecture, and common uses of smart cities.

Smart Healthcare
An overview of significant breakthroughs in smart healthcare and some potential links between
them are , One telehealth system that provides remote health monitoring and consultation services
for its users . In TMIS, IoT sensors are utilised to deliver real-time or recurring updates on patient
physiological data, including smart wearable body sensors, smart healthcare sensors, and other IoT
sensors. Medical practitioners can examine medical issues by collecting and analysing or monitoring
data such as ECG data, physical activity, and air quality on remote servers.
Smart Utilities:
An overview of significant smart utility developments and some potential links between them can
include three types of common smart utilities .

systems: smart grids, smart water management systems, and smart gas management systems. Our
gas systems are equipped with smart sensors as part of smart gas management systems, which are
primarily intended for system monitoring (load monitoring) and detection (gas or fire detection).
Cities can better monitor and operate their water systems thanks to smart water systems. Its
fundamental challenge is the lack of a uniform data interpretation and a consistent methodology to
construct a comprehensive water management infrastructure that includes every component of a
city's water network, leading to partial solutions that only handle particular issues in a given
situation.

Smart Transportation:
The goal of intelligence transport systems (ITS) is to enhance the road safety, effectiveness, and user
experience for all road users, including pedestrians, railway passengers, and other vehicles.

riders, motorcyclists, and everyone else who uses the society's transit system. Many smart
transportation applications have developed as a result, allowing us to transform our safety-critical
transportation system into one that is data-driven, interoperable, and equipped with real-time
intelligence.

The Internet-of-Vehicles , distributed trust, and intelligent traffic management systems are a few of
the major advancements in the direction of smart transportation, in addition to unmanned aerial
vehicles (UAVs) and smart charging for electric vehicles (EVs). An alternative trust is the distributed
Internet-of-Vehicle  trust.

Smart Homes:
An automated home, commonly referred to as a smart home, is one that is outfitted with the
physical manifestation of an integrated and

Our quality of life has been improved by an automated, context-aware support system . Our
interactive home system's context awareness is what gives it intelligence. It acquires its perception
from sensor readings from Internet of Things (IoT) devices, which quantify the physical phenomena
arising from human activities and convey the environment surrounding the occupant . A smart home
is one that is data-driven, context-aware, individualised, and interoperable, to put it briefly.Their
integration with the internet of things is one of the most important improvements in smart home
systems.
Smart Government:
In a smart city, smart government is essential. Smart government aims to provide better services to
citizens and

communities by connecting information technology-based data, institutions, processes, and physical

infrastructures. Furthermore, smart governance makes it possible for citizens to participate in public
deliberations and urban planning, which can boost efficiency while also boosting information
openness. For instance, e-government enables people to use governmental services online, such as
submitting conference centre applications, paying bills, and reporting issues.

SECURITY AND PRIVACY ISSUES IN SMART CITIES

Although the advancements in smart cities have significantly aided in the advancement of society as
a whole, almost all smart applications are susceptible to hacking through contemporary attacks, such
as inside curious attacks, inside knowledge attacks, outside forgery attacks, identity attacks, Sybil
attacks, eavesdropping attacks, spam attacks, and likability attacks .

Significant issues have been discovered in several application settings in recent years. For instance,
the smart metering infrastructure in smart grids may keep an eye on residents' private life, including
their daily routines and employment hours. Similar access to sensitive data is possible for device
manufacturers and service providers in the context of smart homes and healthcare.

1- Privacy Issues of Virtual Reality in Smart Cities:

Virtual reality (VR) technology has been adopted by numerous organisations and entities in
technologically advanced smart cities, including city planning divisions, healthcare service providers,
and the engineering industry sector. Even so, the

Threats to privacy leaks include the storage of sensor data, unencrypted communications between
VR devices, and sensitive information exchanged with other parties.

Unfortunately, creators and users of these new applications have not taken into account privacy in a
suitable and thorough manner because they have been rushed to market.

2- Threats imposed by AI in Smart Cities:

In numerous smart applications, such as the automatic control of trade systems, home appliances,
and pacemakers, AI systems play essential roles. However, there are security issues associated with
AI's expanding use. For instance, service providers and device manufacturers can utilise data mining
technologies to collect sensitive information and analyse personal data in excess of what is
necessary to achieve the core goals of the connected services  Attackers who are knowledgeable
about AI are likewise becoming more sophisticated . Hackers may be able to adopt specific strategies
to diminish the training effects and to decrease the dependability of the algorithms by
understanding how ML-based protection mechanisms were trained or created.
Security Requirements:
Considering the characteristics of IoT devices and the environment of smart cities, and the security
and privacy threats mentioned we need to focus on security requirements to secure smart cities.

1- AUTHENTICATION AND CONFIDENTIALITY:

To confirm identities and guarantee that only authorised clients can access services across a
system, authentication is a fundamental requirement for various layers of a smart system .
Particularly, IoT devices installed in smart cities can verify the network, other nodes, and
management station communications. Attackers are considered to be able to access devices
or listen in on communications in IoT-based applications.
Consequently, encryption-based technologies are used to safeguard the confidentiality of
information transmission between nodes.

2- AVAILABILITY AND INTEGRITY

In general, availability refers to the notion that tools and services need to be accessible
when required. In line with our topic, intelligent systems or apps should be able to
to continue operating efficiently even when threatened.
 To counteract more intelligent attacks, defence mechanisms must be strong and adaptive in
their learning capabilities.
Additionally, it is crucial to guarantee the integrity of IoT devices as well as the data shared
between them. Despite being a sophisticated programme overall, if the data are not
protected during transfer, they can be easily altered.
Although some techniques, including firewalls and protocols, can control data traffic in IoT
communications, they cannot ensure the integrity at endpoints due to the majority of IoT
devices' limited computational capability.

3- Privacy protection
Even when a system is safe and not compromised by criminals, the privacy of citizens can
occasionally be violated.
The potent data mining techniques are one possible mechanism for this to happen. Some
service providers and third parties can readily find the personal information of consumers
using data mining methods, as shown by the example given by . In light of this, privacy-
preserving data mining (PPDM) techniques must be used.
It is also important to keep in mind that, even though they have some beneficial impacts,
adopting solely technical solutions is insufficient. Government, education, and policies are
some more defences that should be used.

4- Data sensitivity:
Even the input data to an application might have various levels of sensitivity since different
data types have varied levels of sensitivity. An in-home health monitoring system may
receive live video of the patient, data from a mobility tracker, and pulse readings all at once.
The patient's live video data requires the most rigorous security measure it can offer from a
privacy-preserving perspective. From the standpoint of a healthcare product, pulse data
should be kept strictly confidential to satisfy consumers' demands for the confidentiality of
their health information. The question of how different data kinds should be safeguarded
follows the definition of the sensitivity of input data.
Security and Privacy Protection Strategies:
1- Cryptography:
Because they prevent unauthorised parties from accessing sensitive data during
transmission, cryptographic algorithms are the foundation of security and privacy protection
for the services of smart applications. The computational complexity and energy
consumption of traditional algorithm and encryption standards make them insufficient for
devices with limited resources . As a result, a prerequisite for using cryptographic technology
in practise is now lightweight encryption. A lightweight authentication system was created
for an IoT scenario that can defend end-to-end user communications from DDoS attacks.

2- BioMetric:
Biometrics are frequently used in IoT-based systems for authentication. In particular,
this technology can be used to instantly identify a person based on distinctive
behavioural and biological traits. Fingerprints, faces, voices, handwritten signatures, and
other biometric data are used to retrieve the information. Brainwave-based
authentication is one technique that merits attention in this context since it can
guarantee efficiency while also achieving a high level of authentication accuracy.

3- Machine Learning and Data Mininig:

In order to increase the effectiveness of intrusion detection systems, one of the most
widely used security infrastructures for defending networks from threats, machine
learning (ML) technologies have been implemented. The crucial element of the "smart
world," the wireless sensor network (WSN), has drawn more and more attention. A
thorough survey  evaluated several ML techniques and identified three benefits of using
machine learning technologies to secure WSNs. A machine-based strategy was put forth
by Luo et al. to safeguard data sensing and fusion in WSNs. Furthermore, a recent study
created a novel feature extraction and selection model with a high detection rate to
identify assaults in Wi-Fi networks.

4- Ontology:
Many ontology-based initiatives to address security and privacy issues, such as cyber
attack detection and security risk management, have evolved as a result of the
aforementioned intrinsic qualities . However, ontology application to the IoT domain is a
new field, and there have only been a few recent initiatives in this area. In the field of
smart homes, Tao et al. created a novel ontology-based security management paradigm
that enhances system security while facilitating smart devices' improved
interoperability.
In order to facilitate automatically recording consistencies in the course of interactions,
Mohsin et al.  suggested an ontology-driven security analysis methodology that was also
applicable to smart homes. The fact that most ontology-based studies on IoT security
concentrate on a single application scenario or demand without having a unified model
is a clear restriction of these studies' applicability. Unfortunately, this approach ignores
the entire security issues in favour of concentrating just on the network layer of the IoT
architecture
 5- BlockChain:
We use this subsection to introduce the blockchain technique even though it is a
specialised technology rather than a discipline due to the significantly increased interest
it has attracted in recent years. Many blockchain-based IoT applications are popular
because of the decentralised nature of blockchain, which allows for dispersed operation
of apps. Clearly, blockchain technology is still in its infancy in the IoT era, despite the fact
that it has recently gained popularity and given rise to more useful and convenient
applications. To address grave privacy and security concerns, we must improve how we
use this technology.

Future Directions and Challenges:

Technologies for protecting privacy and security in smart cities have been covered. Recently,
numerous innovative countermeasures have been put out in numerous domains. Unfortunately, it is
acceptable to draw the conclusion that more effective protection measures must be developed to
keep up with the quick development of smart cities, given the current risks and security
requirements we outlined previously. Based on our assessment, the following topics represent
promising research prospects.

1- IOT-BASED NETWORK SECURITY IN SMART CITIES:

The Internet of Things (IoT) can be viewed as a network of networks where heterogeneous
networks are interconnected and integrated, including the Internet, smartphone networks,
social networks, and industrial networks. To address the most recent issues in this type of
complicated environment, fresh, efficient solutions are required. Understanding the
characteristics of malware propagation in IoT-based infrastructures, modelling the
information-spread patterns in wireless sensor networks, and developing effective
preventative techniques, for instance, are of major importance.

2- Personalized Protection Methods:

Consumers should have the freedom to remove or transfer their data at any moment from
one service provider to another in user-centric smart cities [90]. Additionally, since attitudes
and needs might differ from person to person, consideration must be given to people's
preferences for security and privacy. Additionally, people find it challenging to match their
privacy settings to their actual preferences due to the expanding quantity of changeable
privacy options [100]. Consequently, there is potential in the creation of user-friendly
protection aides that can enhance the security and comfort of numerous smart apps.
 3- Managing Data for Smart Cities:
"Data minimization" involves two tasks. One is to reduce the quantity of data that IoT apps
gather, use, and keep; this requires not only technical assurances but also support from
relevant governance and politics.
The other is how to reduce the amount of information discovered.
Specifically, service providers are prohibited from mining any sensitive data from customers
without their consent and can only learn information that is relevant to the scope of their
primary purposes.

4- Easy Security Solutions:

Despite the recent development of numerous innovative mechanisms, it is impracticable to
use some of these processes directly. The restricted processing capacity Only simple and
weakly preserving algorithms can be used because of the sensors' and gadgets' energy
sources. Therefore, additional research is needed to develop light-weight countermeasures
to minimise overhead while yet ensuring protection in order to satisfy the strong mobility,
flexibility, dynamic, and low-cost requirements.

Summary:
There are numerous security and privacy risks as a result of the increased use of smart applications.
The creation of more sophisticated protection frameworks and models is crucial and in great
demand in both the academic and industrial worlds.

We examined the most recent efforts and developments in  the viewpoints of several disciplines as a
result of these considerations. In order to build the groundwork for subsequent research, we also
talked about current topics and unresolved problems that have surfaced in recent years. In recent
years, numerous defence mechanisms and tactics have been created.

To meet the many security requirements of these quickly evolving smart applications, there is still
much work to be done. It is reasonable to expect that in the coming years, reducing the obstacles
that are currently being faced will be the main priority of smart cities