Who’s Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home Environment-Reference-Cited by-同舟云学术

Who’s Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home Environment

Published:2022-09-06 Issue:4 Volume:3 Page:1-39
ISSN:2691-1914
Container-title:ACM Transactions on Internet of Things
language:en
Short-container-title:ACM Trans. Internet Things

Author:

Sikder Amit Kumar¹^ORCID,Babun Leonardo¹^ORCID,Celik Z. Berkay²^ORCID,Aksu Hidayet³^ORCID,McDaniel Patrick⁴^ORCID,Kirda Engin⁵^ORCID,Uluagac A. Selcuk¹^ORCID

Affiliation:

1. Florida International University, Miami, Florida, USA

2. Purdue University, Indiana, USA

3. Google, California, USA

4. Pennsylvania State University, Pennsylvania, USA

5. Northeastern University, Boston, Massachusetts, USA

Abstract

Multiple users have access to multiple devices in a smart home system – typically through a dedicated app installed on a mobile device. Traditional access control mechanisms consider one unique, trusted user that controls access to the devices. However, multi-user multi-device smart home settings pose fundamentally different challenges to traditional single-user systems. For instance, in a multi-user environment, users have conflicting, complex, and dynamically-changing demands on multiple devices that cannot be handled by traditional access control techniques. Moreover, smart devices from different platforms/vendors can share the same home environment, making existing access control obsolete for smart home systems. To address these challenges, in this paper, we introduce Kratos+ , a novel multi-user and multi-device-aware access control mechanism that allows smart home users to flexibly specify their access control demands. Kratos+ has four main components: user interaction module, backend server, policy manager, and policy execution module. Users can easily specify their desired access control settings using the interaction module that are translated into access control policies in the back-end server. The policy manager analyzes these policies, initiates automated negotiation between users to resolve conflicting demands, and generates final policies to enforce in smart home systems. We implemented Kratos+ as a platform-independent solution and evaluated its performance on real smart home deployments featuring multi-user scenarios with a rich set of configurations (337 different policies including 231 demand conflicts and 69 restriction policies). These configurations also included five different threats associated with access control mechanisms. Our extensive evaluations show that Kratos+ is very effective in resolving conflicting access control demands with minimal overhead. We also performed an extensive user study with 72 smart home users to better understand the user’s needs before designing the system and a usability study to evaluate the efficacy of Kratos+ in a real-life smart home environment.

Funder

US National Science Foundation

US Office of Naval Research grant Cyber-physical Systems

Publisher

Association for Computing Machinery (ACM)

Subject

Software,Information Systems,Hardware and Architecture,Computer Science Applications,Computer Networks and Communications

Link

https://dl.acm.org/doi/pdf/10.1145/3543513

Reference64 articles.

1. Peek-a-boo

2. Ioannis Agadakos, Per Hallgren, Dimitrios Damopoulos, Andrei Sabelfeld, and Georgios Portokalidis. 2016. Location-enhanced authentication using the IoT: Because you cannot be in two places at once. In Proceedings of the 32nd Annual Conference on Computer Security Applications. ACM.

3. Abrar S. Alrumayh, Sarah M. Lehman, and Chiu C. Tan. 2019. ABACUS: Audio based access control utility for smarthomes. In Proceedings of the 4th ACM/IEEE Symposium on Edge Computing. 395–400.

4. Context aware access control for home voice assistant in multi-occupant homes;Alrumayh Abrar S.;Pervasive and Mobile Computing,2020

5. Leonardo Babun, Z. Berkay Celik, Patrick McDaniel, and A. Selcuk Uluagac. 2021. Real-time analysis of privacy-(un) aware IoT applications. In Privacy Enhancing Technologies Symposium (PETS).

Cited by 13 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Enhancing the Multi-User Experience in Fully Autonomous Vehicles Through Explainable AI Voice Agents;International Journal of Human–Computer Interaction;2024-07-29

2. SHPAC: Fine-grained and Multi-platform Supported Access Control System for Smart Home Scenario;2024 33rd International Conference on Computer Communications and Networks (ICCCN);2024-07-29

3. The $$\mathrm {ACAC_{D}}$$ model for mutable activity control and chain of dependencies in smart and connected systems;International Journal of Information Security;2024-07-20

4. Beyond Individual Concerns: Multi-user Privacy in Large Language Models;ACM Conversational User Interfaces 2024;2024-07-08

5. Connecting Home: Human-Centric Setup Automation in the Augmented Smart Home;Proceedings of the CHI Conference on Human Factors in Computing Systems;2024-05-11