Security and Privacy Vulnerabilities in Human Activity Recognition systems

V. Liagkou, S. Sakka, C. Stylios
{"title":"Security and Privacy Vulnerabilities in Human Activity Recognition systems","authors":"V. Liagkou, S. Sakka, C. Stylios","doi":"10.1109/SEEDA-CECNSM57760.2022.9932957","DOIUrl":null,"url":null,"abstract":"Human activity recognition systems (HARS) should allow the secure and trustworthy exchange of sensitive data between several kinds of participating parties with different aims and claims, regarding security, data protection, and trust issues. Initially in this work, a security flaw has been identified in a complete medical IoT application using wearable devices and smart sensors. Then, we list the security vulnerabilities and attempt to make suggestions on the prevention of security flaws that may appear during the implementation of HARS and we analyze a specific attack, the Man in the Middle attack, where a third malicious entity interferes with communication between two entities and is associated with key exchange protocols. Moreover, we discuss various design considerations for protecting the data that is transmitted and stored from different sources like smart wearables, mobile phones, and cloud applications by using cryptographic and privacy-preserving techniques. Finally, we show how the use of the OAuth2.0 protocol can ensure that only authenticated users interact with the HARS.","PeriodicalId":68279,"journal":{"name":"计算机工程与设计","volume":"13 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"计算机工程与设计","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.1109/SEEDA-CECNSM57760.2022.9932957","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Human activity recognition systems (HARS) should allow the secure and trustworthy exchange of sensitive data between several kinds of participating parties with different aims and claims, regarding security, data protection, and trust issues. Initially in this work, a security flaw has been identified in a complete medical IoT application using wearable devices and smart sensors. Then, we list the security vulnerabilities and attempt to make suggestions on the prevention of security flaws that may appear during the implementation of HARS and we analyze a specific attack, the Man in the Middle attack, where a third malicious entity interferes with communication between two entities and is associated with key exchange protocols. Moreover, we discuss various design considerations for protecting the data that is transmitted and stored from different sources like smart wearables, mobile phones, and cloud applications by using cryptographic and privacy-preserving techniques. Finally, we show how the use of the OAuth2.0 protocol can ensure that only authenticated users interact with the HARS.
人体活动识别系统中的安全和隐私漏洞
人类活动识别系统(HARS)应该允许在具有不同目标和要求的几种参与方之间安全可靠地交换敏感数据,涉及安全性、数据保护和信任问题。在这项工作的最初阶段,在使用可穿戴设备和智能传感器的完整医疗物联网应用中发现了一个安全漏洞。然后,我们列出了安全漏洞,并试图对HARS实施过程中可能出现的安全漏洞的预防提出建议,我们分析了一个具体的攻击,中间人攻击,其中第三个恶意实体干扰两个实体之间的通信,并与密钥交换协议相关联。此外,我们还讨论了通过使用加密和隐私保护技术来保护从不同来源(如智能可穿戴设备、移动电话和云应用程序)传输和存储的数据的各种设计考虑。最后,我们将展示使用OAuth2.0协议如何确保只有经过身份验证的用户才能与HARS交互。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
20353
期刊介绍: Computer Engineering and Design is supervised by China Aerospace Science and Industry Corporation and sponsored by the 706th Institute of the Second Academy of China Aerospace Science and Industry Corporation. It was founded in 1980. The purpose of the journal is to disseminate new technologies and promote academic exchanges. Since its inception, it has adhered to the principle of combining depth and breadth, theory and application, and focused on reporting cutting-edge and hot computer technologies. The journal accepts academic papers with innovative and independent academic insights, including papers on fund projects, award-winning research papers, outstanding papers at academic conferences, doctoral and master's theses, etc.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信