ABSTRACT
This paper offers a reflection on the design space for a geo-fenced connected device and service (GFS) - a specification enforcing that a connected device can only be used within a virtual perimeter. Many connected devices are nowadays being accessed through applications running on mobile devices instead of tangible controls. Whilst this ubiquitous access is highly convenient, it is also making connected devices more vulnerable. As such, we reintroduce location-constrained interaction, adapted to connected devices present in a modern home, and explore three design cardinals: (i) spatial granularity, (ii) roles and delegation, and (iii) access control. We report on a qualitative study that explored this design space through a prototype geo-fenced connected lighting system. Our findings suggest that users would like to have geo-fencing for a subset of connected devices, prefer to define geo-fences statically but with different granularities for different devices, and desire access control through location verification and credentials.
- iOS: Understanding iBeacon. http://support.apple.com/kb/HT6048.Google Scholar
- Kontakt ibeacon. http://kontakt.io.Google Scholar
- Nest. https://nest.com.Google Scholar
- node.js. http://nodejs.org.Google Scholar
- OpenID Authentication 2.0. http://openid.net/specs/.Google Scholar
- Philips Hue. http://meethue.com.Google Scholar
- The OAuth 2.0 Authorization Framework. http://tools.ietf.org/html/rfc6749.Google Scholar
- Bareth, U. Privacy-aware and Energy-efficient Geofencing through Reverse Cellular Positioning. In Proceedings of IWCMC'12 (2012), 153--158.Google ScholarCross Ref
- Brush, A. J. B., Lee, B., Mahajan, R., Agarwal, S., Saroiu, S., and Dixon, C. Home automation in the wild: challenges and opportunities. In Proceedings of CHI'11 (2011), 2115--2124. Google ScholarDigital Library
- Kawsar, F., and Brush, A. J. B. Home Computing Unplugged: Why, Where and when People Use Different Connected Devices at Home. In Proceedings of UbiComp'13 (2013), 627--636. Google ScholarDigital Library
- Kim, T. H.-J., Bauer, L., Newsome, J., Perrig, A., and Walker, J. Challenges in Access Right Assignment for Secure Home Networks. In Proceedings HotSec'10 (2010). Google ScholarDigital Library
- Kindberg, T., Zhang, K., and Shankar, N. Context Authentication Using Constrained Channels. In Proceedings of WMCSA'02 (2002), 14--21. Google ScholarDigital Library
- Luo, W., and Hengartner, U. VeriPlace: A Privacy-aware Location Proof Architecture. In Proceedings of GIS'10 (2010), 23--32. Google ScholarDigital Library
- Mennicken, S., and Huang, E. M. Hacking the Natural Habitat: An In-the-wild Study of Smart Homes, Their Development, and the People Who Live in Them. In Proceedings of Pervasive'12 (2012), 143--160. Google ScholarDigital Library
- Saroiu, S., and Wolman, A. Enabling New Mobile Applications with Location Proofs. In Proceedings of HotMobile'09 (2009), 31--36. Google ScholarDigital Library
- Sastry, N., Shankar, U., and Wagner, D. Secure Verification of Location Claims. In Proceedings of WiSe'03 (2003), 1--10. Google ScholarDigital Library
- Takayama, L., Pantofaru, C., Robson, D., Soto, B., and Barry, M. Making technology homey: Finding sources of satisfaction and meaning in home automation. In Proceedings of UbiComp'12 (2012), 511--520. Google ScholarDigital Library
- Zhu, Z., and Cao, G. APPLAUS: A Privacy-Preserving Location Proof Updating System for Location-based Services. In Proceedings of INFOCOM'11 (2011), 1889--1897.Google Scholar
Index Terms
- Exploring the design space for geo-fenced connected devices and services at home
Recommendations
Access Control for Home Data Sharing: Attitudes, Needs and Practices
CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsAs digital content becomes more prevalent in the home, non-technical users are increasingly interested in sharing that content with others and accessing it from multiple devices. Not much is known about how these users think about controlling access to ...
PBDM: a flexible delegation model in RBAC
SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologiesRole-based access control (RBAC) is recognized as an efficient access control model for large organizations. Most organizations have some business rules related to access control policy. Delegation of authority is among these rules. RBDM0 and RDM2000 ...
Enabling Multi-user Controls in Smart Home Devices
IoTS&P '17: Proceedings of the 2017 Workshop on Internet of Things Security and PrivacyThe Internet of Things (IoT) devices have expanded into many aspects of everyday life. As these smart home devices grow more popular, security concerns increase. Researchers have modeled the privacy and security threats for smart home devices, but have ...
Comments