Societies in the smart cities of the future will have an even deeper dependence on ITC security to ensure fundamental rights and the regular operation of institutions and infrastructures. Progress in this direction is unstoppable; new technology is adopted at incredible speed, as soon as (and sometimes earlier than) its functionality is recognized as providing social or economic or benefits, and more often than not without a proper treatment of information security aspects.

Two important challenges arise because of this state of affairs. The first challenge is to ensure that, once decisions are made to share potentially sensitive information, that there is effective control of how this sharing is carried out. The second challenge is that the technology that is used to enforce this control must be robust in order to withstand the scrutiny of a growingly complex environment, with an exponentially growing number of devices of all sorts, and where many of which may (temporarily or permanently) be under the control of potentially dishonest agents.

The development of high-assurance implementations of privacy enhancing technologies such as differential privacy, which enables controlling information flow in a quantified manner, and cryptography, which permits defining and controlling complex information flow pathways, is therefore an important line of research in the context of Smart Cities.