Charles Walter
Matthew L. Hale
ABSTRACT
Bluetooth reliant devices are increasingly proliferating into various industry and consumer sectors as part of a burgeoning wearable market that adds convenience and awareness to everyday life. Relying primarily on a constantly changing hop pattern to reduce data sniffing during transmission, wearable devices routinely disconnect and reconnect with their base station (typically a cell phone), causing a connection repair each time. These connection repairs allow an adversary to determine what local wearable devices are communicating to what base stations. In addition, data transmitted to a base station as part of a wearable app may be forwarded onward to an awaiting web API even if the base station is in an insecure environment (e.g. a public Wi-Fi). In this paper, we introduce an approach to increase the security and privacy associated with using wearable devices by imposing transmission changes given situational awareness of the base station. These changes are asserted via policy rules based on the sensor information from the wearable devices collected and aggregated by the base system. The rules are housed in an application on the base station that adapts the base station to a state in which it prevents data from being transmitted by the wearable devices without disconnecting the devices. The policies can be updated manually or through an over the air update as determined by the user.
- http://www.idc.com/getdoc.jsp?containerId=prUS25519615Google Scholar
- Hunt, A. 2015. Experts: Wearable tech tests our privacy limits. The Cincinnati Enquirer, (Feb. 5, 2015).Google Scholar
- Felt, A. P., Ha, E., Egelman, S., Haney, A., Chin, E., and Wagner, D. 2012. Android Permissions: User Attention, Comprehension, and Behavior. In Symp. on Usable Privacy and Security. Google ScholarDigital Library
- Egelman, S., Kannavara, R., and Chow, R. 2015. Is This Thing On? Crowdsourcing Privacy Indicators for Ubiquitous Sensing Platforms. In CHI. Google ScholarDigital Library
- Lin, J., Amini, S., Hong, J., Sadeh, N., Lindqvist, J., and Zhang, J. 2012. Expectation and Purpose: Understanding Users' Mental Models of Mobile App Privacy through Crowdsourcing. In Ubicomp. Google ScholarDigital Library
- Harbach, M., Zezschwitz, E. v., Fichtner, A., Luca, A. D., and Smith, M. 2014. It's a hard lock life: A field study of smartphone (un)locking behavior and risk perception. In Symp. on Usable Privacy and Security, pp. 213--230.Google Scholar
- Ashford, W. 2015. IoT benefits and privacy not mutually exclusive, says industry expert. ComputerWeekly.com. (April 30, 2015).Google Scholar
- Liu, X., Zhou, Z., Diao, W., Li, Z., and Zhang, K. 2015. When Good Becomes Evil: Keystroke Inference with Smartwatch. In 22nd ACM SIGSAC Conf. on Computer and Communications Security, pp. 1273--1285. Google ScholarDigital Library
- Wang, H., Lai, T. T.-T., and Choudhury, R. R. 2015. MoLe: Motion Leaks through Smartwatch Sensors. In 21st Annual Int'l Conference on Mobile Computing and Networking, pp. 155--166. Google ScholarDigital Library
- Lin, J., Liu, B., Sadeh, N., and Hong, J. 2014. Modeling Users' Mobile App Privacy Preferences: Restoring Usability in a Sea of Permission Settings. In Symp. On Usable Privacy & Sec.Google Scholar
- An Architectural Blueprint for Autonomic Computing, IBM, 2006Google Scholar
- Akpakpan, N. 2013. Bluetooth Medical Devices: Moving from Passive to Connected Health, HIT Consultant.Google Scholar
- https://www.nymi.comGoogle Scholar
- Bluetooth Special Interest Group, Core Version 4.2, 2014.Google Scholar
- https://lacklustre.net/projects/crackle/Google Scholar
- Ryan, M. 2013. Bluetooth: with low energy comes low security. In 7th USENIX conference on Offensive Technologies. Google ScholarDigital Library
- Pan, X., Ling, Z., Pingley, A., Yu, W., Zhang, N., and Fu, X. 2012. How privacy leaks from Bluetooth mouse? In ACM Conference on Computer and Communications Security, pp. 1013--1015. Google ScholarDigital Library
- Diallo, A., Al-Khateeb, W., Olanrewaju, R., and Sado, F. 2014. A Secure Authentication Scheme for Bluetooth Connection. In Int'l Conf. Computer and Communication Eng., pp.60--63 Google ScholarDigital Library
- Oka, D., Furue, T., Langenhop, L., and Nishimura, T. 2014. Survey of Vehicle IoT Bluetooth Devices, In 7th Int'l Conf. on Service-Oriented Computing and Applications, pp. 260--264. Google ScholarDigital Library
- Available at - https://play.google.com/store/apps/details?id=com.tecit.datareader.android.getblue.fullGoogle Scholar
- Li, Q., Cao, G., and Porta, T. 2014. Efficient and Privacy-Aware Data Aggregation in Mobile Sensing. IEEE Transactions on Dependable and Secure Computing, 11(2), 115--129. Google ScholarDigital Library
- Hong, J. 2015. Research Issues for Privacy in a Ubiquitously Connected World, NITRD Research Strategy on Privacy.Google Scholar
- MbientLab, "MetaWear API Documentation," Accessed March 1, 2015. Available: http://docs.mbientlab.com/.Google Scholar
- Hale, M., Lofty, K., Gamble, R., Walter, C., and Lin, J. 2014. Developing a platform to evaluate the security of wearable devices. In Int'l Conf. on Mobile Systems.Google Scholar
Index Terms
- Imposing security awareness on wearables
Recommendations
Privacy Implications of Wearable Health Devices
SIN '14: Proceedings of the 7th International Conference on Security of Information and NetworksWith the recent rise in popularity of wearable personal health monitoring devices, a number of concerns regarding user privacy are raised, specifically with regard to how the providers of these devices make use of the data obtained from these devices, ...
Increasing fall risk awareness using wearables
Display Omitted A survey of wearables used in fall risk assessment and prevention.Separating fall risk into prospective and context-aware.A Fall Risk Awareness Protocol is proposed is built upon ta Fall Risk Probability Engine.Combining data from ...
Wearables data integration
Research highlights an attempt to quantify relative accuracy of the consumer-grade wearable devices.Models were trained to adjust for data collected from Fitbit Device to the equivalent value in terms of the Jawbones measurement.The models are dependent ...
Comments