Publikationer från Malmö universitet
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
On Privacy and Security Challenges in Smart Connected Homes
Malmö högskola, Fakulteten för teknik och samhälle (TS).ORCID-id: 0000-0003-0546-072X
Malmö högskola, Fakulteten för teknik och samhälle (TS).ORCID-id: 0000-0002-8512-2976
Malmö högskola, Fakulteten för teknik och samhälle (TS).ORCID-id: 0000-0003-0998-6585
2016 (Engelska)Ingår i: Proceedings: 2016 European Intelligence and Security Informatics Conference, IEEE, 2016Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Smart homes have become increasingly popular for IoT products and services with a lot of promises for improving the quality of life of individuals. Nevertheless, the heterogeneous, dynamic, and Internet-connected nature of this environment adds new concerns as private data becomes accessible, often without the householders’ awareness. This accessibility alongside with the rising risks of data security and privacy breaches, makes smart home security a critical topic that deserves scrutiny. In this paper, we present an overview of the privacy and security challenges directed towards the smart home domain. We also identify constraints, evaluate solutions, and discuss a number of challenges and research issues where further investigation is required.

Ort, förlag, år, upplaga, sidor
IEEE, 2016.
Nyckelord [en]
smart home, security, privacy, IoT
Nationell ämneskategori
Datorsystem
Identifikatorer
URN: urn:nbn:se:mau:diva-12630DOI: 10.1109/EISIC.2016.044ISI: 000411272300033Scopus ID: 2-s2.0-85017282760Lokalt ID: 21507OAI: oai:DiVA.org:mau-12630DiVA, id: diva2:1409677
Konferens
European Intelligence and Security Informatics Conference (EISIC), Uppsala, Sweden (August 17-19)
Tillgänglig från: 2020-02-29 Skapad: 2020-02-29 Senast uppdaterad: 2024-02-05Bibliografiskt granskad
Ingår i avhandling
1. Smart connected homes: concepts, risks, and challenges
Öppna denna publikation i ny flik eller fönster >>Smart connected homes: concepts, risks, and challenges
2018 (Engelska)Licentiatavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

The growth and presence of heterogeneous connected devices inside the home have the potential to provide increased efficiency and quality of life to the residents. Simultaneously, these devices tend to be Internet-connected and continuously monitor, collect, and transmit data about the residents and their daily lifestyle activities. Such data can be of a sensitive nature, such as camera feeds, voice commands, physiological data, and more. This data allows for the implementation of services, personalization support, and benefits offered by smart home technologies. Alas, there has been a rift of security and privacy attacks on connected home devices that compromise the security, safety, and privacy of the occupants. In this thesis, we provide a comprehensive description of the smart connected home ecosystem in terms of its assets, architecture, functionality, and capabilities. Especially, we focus on the data being collected by smart home devices. Such description and organization are necessary as a precursor to perform a rigorous security and privacy analysis of the smart home. Additionally, we seek to identify threat agents, risks, challenges, and propose some mitigation approaches suitable for home environments. Identifying these is core to characterize what is at stake, and to gain insights into what is required to build more robust, resilient, secure, and privacy-preserving smart home systems. Overall, we propose new concepts, models, and methods serving as a foundation for conducting deeper research work in particular linked to smart connected homes. In particular, we propose a taxonomy of devices; classification of data collected by smart connected homes; threat agent model for the smart connected home; and identify challenges, risks, and propose some mitigation approaches.

Ort, förlag, år, upplaga, sidor
Malmö university. Faculty of Technology and Society, 2018
Serie
Studies in Computer Science ; 7
Nyckelord
Smart Connected Homes, Internet of Things, Smart Home Devices, Data Lifecycle, Security Risks, Privacy Management, Vulnerability Assessment, Security Mitigations, Threat Agents, Smart Home Services, System Architecture
Nationell ämneskategori
Teknik och teknologier
Identifikatorer
urn:nbn:se:mau:diva-7793 (URN)10.24834/2043/25061 (DOI)25061 (Lokalt ID)9789171049292 (ISBN)9789171049308 (ISBN)25061 (Arkivnummer)25061 (OAI)
Presentation
2018-09-03, Storm, Gäddan, 15:15 (Engelska)
Opponent
Anmärkning

Note: The papers are not included in the fulltext online.

Tillgänglig från: 2020-02-28 Skapad: 2020-02-28 Senast uppdaterad: 2024-03-18Bibliografiskt granskad
2. On Privacy and Security in Smart Connected Homes
Öppna denna publikation i ny flik eller fönster >>On Privacy and Security in Smart Connected Homes
2021 (Engelska)Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

The growth and presence of heterogeneous sensor-equipped Internet-connected devices inside the home can increase efficiency and quality of life for the residents. Simultaneously, these devices continuously collect, process, and transmit data about the residents and their daily lifestyle activities to unknown parties outside the home. Such data can be sensitive and personal, leading to increasingly intimate insights into private lives. This data allows for the implementation of services, personalization support, and benefits offered by smart home technologies. Alas, there has been a surge of cyberattacks on connected home devices that essentially compromise privacy and security of the residents.

Providing privacy and security is a critical issue in smart connected homes. Many residents are concerned about unauthorized access into their homes and about the privacy of their data. However, it is typically challenging to implement privacy and security in a smart connected home because of its heterogeneity of devices, the dynamic nature of the home network, and the fact that it is always connected to the Internet, amongst other things. As the numbers and types of smart home devices are increasing rapidly, so are the risks with these devices. Concurrently, it is also becoming increasingly challenging to gain a deeper understand- ing of the smart home. Such understanding is necessary to build a more privacy-preserving and secure smart connected home. Likewise, it is needed as a precursor to perform a comprehensive privacy and security analysis of the smart home.

In this dissertation, we render a comprehensive description and account of the smart connected home that can be used for conducting risk analysis. In doing so, we organize the underlying smart home devices ac- cording to their functionality, identify their data-collecting capabilities, and survey the data types being collected by them. Such is done using the technical specification of commercial devices, including their privacy policies. This description is then leveraged for identifying threats and for analyzing risks present in smart connected homes. Such is done by analyzing both scholarly literature and examples from the industry, and leveraging formal modeling. Additionally, we identify malicious threat agents and mitigations that are relevant to smart connected homes. This is performed without limiting the research and results to a particular configuration and type of smart home.

This research led to three main findings. First, the majority of the surveyed commercial devices are collecting instances of sensitive and personal data but are prone to critical vulnerabilities. Second, there is a shortage of scientific models that capture the complexity and heterogeneity of real-world smart home deployments, especially those intended for privacy risk analysis. Finally, despite the increasing regulations and attention to privacy and security, there is a lack of proactive and integrative approaches intended to safeguard privacy and security of the residents. We contributed to addressing these three findings by developing a framework and models that enable early identification of threats, better planning for risk management scenarios, and mitigation of potential impacts caused by attacks before they reach the homes and compromise the lives of the residents.

Overall, the scientific contributions presented in this dissertation help deepen the understanding and reasoning about privacy and security concerns affecting smart connected homes, and contributes to advancing the research in the area of risk analysis as applied to such systems.

Ort, förlag, år, upplaga, sidor
Malmö: Malmö universitet, 2021. s. 66
Serie
Studies in Computer Science
Nyckelord
smart connected homes, Internet of Things, smart homes devices, smart home data, threat identification, risk analysis, privacy, security, vulnerability assessment, mitigations, threat agents
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer
urn:nbn:se:mau:diva-39619 (URN)10.24834/isbn.9789178771646 (DOI)978-91-7877-163-9 (ISBN)978-91-7877-164-6 (ISBN)
Disputation
2021-01-11, D138 Orkanen och Zoom, Malmö University, Malmö, 13:15 (Engelska)
Opponent
Handledare
Anmärkning

Note: The papers are not included in the fulltext online

Tillgänglig från: 2021-01-21 Skapad: 2021-01-21 Senast uppdaterad: 2024-03-04Bibliografiskt granskad

Open Access i DiVA

fulltext(541 kB)7981 nedladdningar
Filinformation
Filnamn FULLTEXT01.pdfFilstorlek 541 kBChecksumma SHA-512
a574bb6ad130d92608ca87d0c2f11ef2a6dd52a2138e3c90de377b370fc9d653627229d937bf3032fb16b5ef8451495c568576d43b3f22915aa02c5002015278
Typ fulltextMimetyp application/pdf

Övriga länkar

Förlagets fulltextScopushttp://www.eisic.eu/program.aspx

Person

Bugeja, JosephJacobsson, AndreasDavidsson, Paul

Sök vidare i DiVA

Av författaren/redaktören
Bugeja, JosephJacobsson, AndreasDavidsson, Paul
Av organisationen
Fakulteten för teknik och samhälle (TS)
Datorsystem

Sök vidare utanför DiVA

GoogleGoogle Scholar
Totalt: 7993 nedladdningar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

doi
urn-nbn

Altmetricpoäng

doi
urn-nbn
Totalt: 248 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf