Malmö University Publications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
PRASH: A Framework for Privacy Risk Analysis of Smart Homes.
Malmö University, Internet of Things and People (IOTAP). Malmö University, Faculty of Technology and Society (TS), Department of Computer Science and Media Technology (DVMT).ORCID iD: 0000-0003-0546-072X
Malmö University, Internet of Things and People (IOTAP). Malmö University, Faculty of Technology and Society (TS), Department of Computer Science and Media Technology (DVMT).ORCID iD: 0000-0002-8512-2976
Malmö University, Faculty of Technology and Society (TS), Department of Computer Science and Media Technology (DVMT). Malmö University, Internet of Things and People (IOTAP).ORCID iD: 0000-0003-0998-6585
2021 (English)In: Sensors, E-ISSN 1424-8220, Vol. 21, no 19, article id 6399Article in journal (Refereed) Published
Abstract [en]

Smart homes promise to improve the quality of life of residents. However, they collect vasts amounts of personal and sensitive data, making privacy protection critically important. We propose a framework, called PRASH, for modeling and analyzing the privacy risks of smart homes. It is composed of three modules: a system model, a threat model, and a set of privacy metrics, which together are used for calculating the privacy risk exposure of a smart home system. By representing a smart home through a formal specification, PRASH allows for early identification of threats, better planning for risk management scenarios, and mitigation of potential impacts caused by attacks before they compromise the lives of residents. To demonstrate the capabilities of PRASH, an executable version of the smart home system configuration was generated using the proposed formal specification, which was then analyzed to find potential attack paths while also mitigating the impacts of those attacks. Thereby, we add important contributions to the body of knowledge on the mitigations of threat agents violating the privacy of users in their homes. Overall, the use of PRASH will help residents to preserve their right to privacy in the face of the emerging challenges affecting smart homes.

Place, publisher, year, edition, pages
MDPI, 2021. Vol. 21, no 19, article id 6399
Keywords [en]
IoT, attack taxonomy, privacy, privacy metrics, risk analysis, smart home, system model, threat model
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:mau:diva-46396DOI: 10.3390/s21196399ISI: 000759972000012PubMedID: 34640718Scopus ID: 2-s2.0-85115805495OAI: oai:DiVA.org:mau-46396DiVA, id: diva2:1603907
Available from: 2021-10-18 Created: 2021-10-18 Last updated: 2024-02-05Bibliographically approved

Open Access in DiVA

fulltext(938 kB)406 downloads
File information
File name FULLTEXT01.pdfFile size 938 kBChecksum SHA-512
41fb406e03bdcc658c5e9c9628dbb38ee0b6dbb346e13f9143c39f1b1bc5135b88870a68bfd965ce1b2edc831d287453ab2731ff234fbe90b020d604ac46236d
Type fulltextMimetype application/pdf

Other links

Publisher's full textPubMedScopus

Authority records

Bugeja, JosephJacobsson, AndreasDavidsson, Paul

Search in DiVA

By author/editor
Bugeja, JosephJacobsson, AndreasDavidsson, Paul
By organisation
Internet of Things and People (IOTAP)Department of Computer Science and Media Technology (DVMT)
In the same journal
Sensors
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 406 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
pubmed
urn-nbn

Altmetric score

doi
pubmed
urn-nbn
Total: 396 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf