The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

SoK: context sensing for access control in the adversarial home IoT

SoK: context sensing for access control in the adversarial home IoT
SoK: context sensing for access control in the adversarial home IoT
In smart homes, access-control policies increasingly depend on contexts, such as who is taking an action, whether there is an emergency, or whether an adult is nearby. The vast literature on context sensing could potentially be leveraged to support contextual access control, yet this literature mostly ignores attacks, adversaries, and privacy. In this paper, we reevaluate the literature on home context sensing through a security and privacy mindset. We first describe a novel threat model in smart homes focusing on the capabilities of non-technical adversaries. Replay, imitation, and shoulder-surfing attacks are much more likely in this model. We summarize contexts relevant to access control in homes, mapping them to existing sensors. We then systematize the sensing literature to construct a decision framework for home context sensing that considers security, privacy, and usability. Applying our framework, we find that current sensors do not fully mitigate likely threats in homes. Some sensors are susceptible to simple threats like physical denial-of-service attacks, making it easy to bypass policies relying on the absence of a characteristic. Many sensors collect more data than needed and are not effective for all groups of users or under all situations.
37-53
He, Weijia
f2223ad6-d8bd-4a98-8d6b-6ca8feef0a04
Zhao, Valerie
3a82dcf1-f7dd-4408-91aa-6d6e9de55c9e
Morkved, Olivia
8c89e333-4cd3-4c6e-8340-c53f63eba022
Siddiqui, Sabeeka
5d3a3740-2b7d-4c95-be12-cb6767110faa
Fernandes, Earlence
de4efbb0-76e7-42a7-bcba-51d712b6ac7d
Hester, Josiah
7e8ffe95-8c52-437b-b0be-6c7e99430eb2
He, Weijia
f2223ad6-d8bd-4a98-8d6b-6ca8feef0a04
Zhao, Valerie
3a82dcf1-f7dd-4408-91aa-6d6e9de55c9e
Morkved, Olivia
8c89e333-4cd3-4c6e-8340-c53f63eba022
Siddiqui, Sabeeka
5d3a3740-2b7d-4c95-be12-cb6767110faa
Fernandes, Earlence
de4efbb0-76e7-42a7-bcba-51d712b6ac7d
Hester, Josiah
7e8ffe95-8c52-437b-b0be-6c7e99430eb2

He, Weijia, Zhao, Valerie, Morkved, Olivia, Siddiqui, Sabeeka, Fernandes, Earlence and Hester, Josiah (2021) SoK: context sensing for access control in the adversarial home IoT. In Proceedings of 2021 IEEE European Symposium on Security and Privacy, Euro S and P 2021. pp. 37-53 . (doi:10.1109/EuroSP51992.2021.00014).

Record type: Conference or Workshop Item (Paper)

Abstract

In smart homes, access-control policies increasingly depend on contexts, such as who is taking an action, whether there is an emergency, or whether an adult is nearby. The vast literature on context sensing could potentially be leveraged to support contextual access control, yet this literature mostly ignores attacks, adversaries, and privacy. In this paper, we reevaluate the literature on home context sensing through a security and privacy mindset. We first describe a novel threat model in smart homes focusing on the capabilities of non-technical adversaries. Replay, imitation, and shoulder-surfing attacks are much more likely in this model. We summarize contexts relevant to access control in homes, mapping them to existing sensors. We then systematize the sensing literature to construct a decision framework for home context sensing that considers security, privacy, and usability. Applying our framework, we find that current sensors do not fully mitigate likely threats in homes. Some sensors are susceptible to simple threats like physical denial-of-service attacks, making it easy to bypass policies relying on the absence of a characteristic. Many sensors collect more data than needed and are not effective for all groups of users or under all situations.

This record has no associated files available for download.

More information

Published date: 4 November 2021
Learn more about Cyber Security research

Identifiers

Local EPrints ID: 494773
URI: http://eprints.soton.ac.uk/id/eprint/494773
DOI: doi:10.1109/EuroSP51992.2021.00014
PURE UUID: 627c88a2-7194-42ef-bdef-8823590fa471
ORCID for Weijia He: ORCID iD orcid.org/0009-0002-1189-7063

Catalogue record

Date deposited: 15 Oct 2024 16:45
Last modified: 16 Oct 2024 02:15

Export record

Altmetrics

Contributors

Author: Weijia He ORCID iD
Author: Valerie Zhao
Author: Olivia Morkved
Author: Sabeeka Siddiqui
Author: Earlence Fernandes
Author: Josiah Hester

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×