chown Io T Secure Handling of Smart Home
- Slides: 16
chown. Io. T Secure Handling of Smart Home Io. T Devices Ownership Change Samuel Marchal, Md Sakib Nizam Khan, N. Asokan Aalto University samuel. marchal@aalto. fi
Io. T Smart Home Internet connected everyday objects in home • Remotely accessible / controllable • Sensing + collection of sensitive information - Spying - Inference of presence / habits - User profiling • Local / Cloud storage 2
Ownership change • Ownership of Smart Home (SH) device can change during lifetime - Lend - Resell / stealing - Change of tenant (rental places) • May introduce unauthorized access to privacy sensitive data - Historical / personal data not wiped (threat to previous owner) Authentication credentials for cloud / network access saved (threat to previous owner) Old authentication credentials still valid (threat to new owner) Etc. 3
Threats and attackers capabilities New Owner • Local + remote control / access to device • Physical memory + Cloud storage access - Threat: Data + authentication credentials extraction (network + cloud) Previous Owner • Remote control / access to device (through cloud) • Cloud storage access - Threat: Newly exported data extraction 4
chown. Io. T overview 1 Detect Change of Ownership 4 2 Owner Change / Profile Retrieval & Management Protect Previous Owner New Owner Previous Owner Secure Use by New Owner 3 5
1. Automatic ownership change detection • Smart Home (SH) devices: - Static: dishwasher, integrated blinds, heating system, etc. - Semi-static: DVR, smart plugs, etc. - Remain in a same context • Idea: Ownership Context • How to measure context ? - Context: Information about the surrounding environment - Sensor modalities BUT different devices different sensors - All SH devices have at least connectivity (e. g. Wi. Fi) Wi-Fi access point < SSID, MAC, Auth > Context Owner Change Context Change BUT Context Change Owner Change 6
1. 1 Verification of ownership change • SH devices setup and controlled using a control device (e. g. smartphone) - Assumption: in vicinity if same owner change the context of SH device • Verification: - Challenge-response between control device and SH device (Bluetooth) Add new context to owner profile • SH device setup overhead - Security association with control device (e. g. DH key exchange) trusted device 7
2. Data Protection - Encryption • 8
3. Owner Profile Management • Existing profile recovery - Owner authentication (e. g. password) - Addition of new trusted device (failed challenge) Owner 1 • New profile creation Owner n … - Owner authentication setup + trusted device association Profile management Control Device 9
4. Existing profile retrieval • User prompt with existing profile names • Profile choice + authentication (password) • Decryption key derivation (PBKDF 2) - From authentication / stored for encryption • Success = authentication + profile restored Profile retrieval Control Device 10
chown. Io. T decision flow summary Detect Ownership Change No Verify using Trusted Device yes Detected? Configure new Profile Successful? New Profile No Encrypt Profile Data Profile Retrieval/Creation Choice? Existing Profile Authenticate for Selected Profile Create New Known Context for Current Profile Decrypt Profile Data yes Successful? No 11
Prototype implementation • Smart home device features: - Raspberry Pi 3 - Language: C++ • Trusted Device/New Control Device features: - Android application • Communication: - Bluetooth / Wi-Fi - Custom protocol based on UDP 12
Summary • Privacy enhancement protocol for ownership change of SH devices - Automatic: ownership change detection based on Wi. Fi AP - Secure: owner authentication / device association / data encryption - Usable: profile management + limited annoyance • Prototype implementation - Android management application - C++ code for smart home device - UDP based communication protocol 13
Future Work • Improvements: - Abnormal power off • Ownership change not detected • Data remains unencrypted • Potential solution: Always encrypt but costly / unrealistic - Password based key derivation • Brute force attack • More robust key generation • Ownership change detection - Reduce false positives - Other sensor modalities • Profile management - Cloud-based management (no storage on device) 14
chown. Io. T Secure Handling of Smart Home Io. T Devices Ownership Change Samuel Marchal, Md Sakib Nizam Khan, N. Asokan Aalto University samuel. marchal@aalto. fi
chown. Io. T initial configuration Smart Home Device Control Device setup shared secret Diffie-Hellman Key Exchange Password based Authentication + Profile Name Password Hash Bluetooth Device Name, MAC, Shared Secret AP SSID, MAC & Password response setup authentication mechanism response • Outcome - Trusted device authentication Owner authentication Trusted device identification Known context store authentication info store trusted device identity store context 16
Hadoop chown
One smart man he felt smart
Street knowledge vs book knowledge
It's not how smart you are it's how you are smart
One smart man he felt smart
Street smart vs book smart quotes
It's not how smart you are it's how you are smart
Street smart vs book smart quotes
Future smart answers module 2
Easyfiks smart home
Conclusion of home automation system
Philio smart home
Conclusion of smart grid
Smart home device
What did you say
Plurals of flower
John heartfield
