Rethinking access control and authentication for the Home Internet of Things (IoT)
Rethinking access control and authentication for the Home Internet of Things (IoT)
Computing is transitioning from single-user devices to the Internet of Things (IoT), in which multiple users with complex social relationships interact with a single device. Currently deployed techniques fail to provide usable access-control specification or authentication in such settings. In this paper, we begin reenvisioning access control and authentication for the home IoT. We propose that access control focus on IoT capabilities (i. e., certain actions that devices can perform), rather than on a per-device granularity. In a 425-participant online user study, we find stark differences in participants' desired access-control policies for different capabilities within a single device, as well as based on who is trying to use that capability. From these desired policies, we identify likely candidates for default policies. We also pinpoint necessary primitives for specifying more complex, yet desired, access-control policies. These primitives range from the time of day to the current location of users. Finally, we discuss the degree to which different authentication methods potentially support desired policies.
255-272
He, W.
f2223ad6-d8bd-4a98-8d6b-6ca8feef0a04
Golla, M.
be63859d-f645-4cc5-aa7b-a6c894978d34
Padhi, R.
19404a98-012d-4620-b4e8-3ab5b0f832d7
Ofek, J.
2b628e51-8e43-4f2f-afa3-7f69e98e8284
Dürmuth, M.
620af59f-a9c0-49b0-9363-fc0dbb20c939
Fernandes, E.
de4efbb0-76e7-42a7-bcba-51d712b6ac7d
Ur, B.
34b9030c-c01e-4c39-9e77-55b109414a77
2018
He, W.
f2223ad6-d8bd-4a98-8d6b-6ca8feef0a04
Golla, M.
be63859d-f645-4cc5-aa7b-a6c894978d34
Padhi, R.
19404a98-012d-4620-b4e8-3ab5b0f832d7
Ofek, J.
2b628e51-8e43-4f2f-afa3-7f69e98e8284
Dürmuth, M.
620af59f-a9c0-49b0-9363-fc0dbb20c939
Fernandes, E.
de4efbb0-76e7-42a7-bcba-51d712b6ac7d
Ur, B.
34b9030c-c01e-4c39-9e77-55b109414a77
He, W., Golla, M., Padhi, R., Ofek, J., Dürmuth, M., Fernandes, E. and Ur, B.
(2018)
Rethinking access control and authentication for the Home Internet of Things (IoT).
In Proceedings of the 27th USENIX Security Symposium.
.
Record type:
Conference or Workshop Item
(Paper)
Abstract
Computing is transitioning from single-user devices to the Internet of Things (IoT), in which multiple users with complex social relationships interact with a single device. Currently deployed techniques fail to provide usable access-control specification or authentication in such settings. In this paper, we begin reenvisioning access control and authentication for the home IoT. We propose that access control focus on IoT capabilities (i. e., certain actions that devices can perform), rather than on a per-device granularity. In a 425-participant online user study, we find stark differences in participants' desired access-control policies for different capabilities within a single device, as well as based on who is trying to use that capability. From these desired policies, we identify likely candidates for default policies. We also pinpoint necessary primitives for specifying more complex, yet desired, access-control policies. These primitives range from the time of day to the current location of users. Finally, we discuss the degree to which different authentication methods potentially support desired policies.
This record has no associated files available for download.
More information
Published date: 2018
Identifiers
Local EPrints ID: 494668
URI: http://eprints.soton.ac.uk/id/eprint/494668
PURE UUID: ef70dd85-decd-4f39-8a70-ef6b0d46c2ad
Catalogue record
Date deposited: 11 Oct 2024 17:09
Last modified: 12 Oct 2024 03:03
Export record
Contributors
Author:
W. He
Author:
M. Golla
Author:
R. Padhi
Author:
J. Ofek
Author:
M. Dürmuth
Author:
E. Fernandes
Author:
B. Ur
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics