I. Introduction
The Internet of Things (IoT) is a frequently-used term to describe the currently ongoing evolution of the Internet into a network of smart objects (“things”) that have the ability to communicate with each other and with centralized resources via the IPv6 (resp. 6LoWPAN) protocol [1]. Today, the two most important and widely noticed exponents of the IoT are RFID technology (which has become a key enabler of modern supply-chain management and industrial logistics) as well as Wireless Sensor Networks (WSNs), which have found widespread adoption in several application domains ranging from home automation over environmental surveillance and traffic control to medical monitoring. A recent white paper by Cisco estimates no less than 50 billion devices being connected to the Internet by the year 2020 [10], which implies that, in the near future, every person in the industrialized world will be surrounded by dozens of sensors, actuators, RFID tags, and many other kinds of smart objects yet to be developed. This evolution from the Internet of people to the Internet of things will have a profound impact on our daily life and change the way how we interact with the physical world surrounding us [1]. However, it is also evident that 50 billion smart devices connected to the Internet introduce unprecedented challenges to the security and privacy of their owners or users. On the one hand, each of these 50 billion devices is a potential target for a security attack over the Internet, similar to today's PCs and laptops. On the other hand, the plethora of IoT devices can also be (mis)used for a large-scale attack in the opposite direction, e.g. to trigger a denial of service.