{"title":"呼吁物联网智能玩具建立新的隐私和安全制度","authors":"Joshua Streiff, Naheem Noah, Sanchari Das","doi":"10.1109/DSC54232.2022.9888910","DOIUrl":null,"url":null,"abstract":"The current set of reactive regulatory agencies, legal protections, and market forces have proven inadequate for managing the security and privacy of the Internet of Things (IoT). Given the ubiquitous nature of IoT devices, current cybersecurity and privacy laws fail to enforce the protections of the data of vulnerable populations. The most vulnerable of these users are children, who are at the most significant risk of harm and least adequately protected by the current regime of controls for devices such as smart toys. In this paper, we review the currently existing regulatory and legal controls related to IoT devices while giving a brief overview of privacy & security policies that govern the data access, retention, and usage policies of children's smart toys. We detail the impact of such security and privacy vulnerabilities by conducting three case studies on IoT smart toys, including FisherPrice's SmartBear, Spiral Toys CloudPet Unicorn, and Owl's SmartWatch. Finally, we establish reasons for the complete restructuring of the responsibilities, requirements, and proactive options for implementing cybersecurity rules by IoT device manufacturers.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A Call for a New Privacy & Security Regime for IoT Smart Toys\",\"authors\":\"Joshua Streiff, Naheem Noah, Sanchari Das\",\"doi\":\"10.1109/DSC54232.2022.9888910\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The current set of reactive regulatory agencies, legal protections, and market forces have proven inadequate for managing the security and privacy of the Internet of Things (IoT). Given the ubiquitous nature of IoT devices, current cybersecurity and privacy laws fail to enforce the protections of the data of vulnerable populations. The most vulnerable of these users are children, who are at the most significant risk of harm and least adequately protected by the current regime of controls for devices such as smart toys. In this paper, we review the currently existing regulatory and legal controls related to IoT devices while giving a brief overview of privacy & security policies that govern the data access, retention, and usage policies of children's smart toys. We detail the impact of such security and privacy vulnerabilities by conducting three case studies on IoT smart toys, including FisherPrice's SmartBear, Spiral Toys CloudPet Unicorn, and Owl's SmartWatch. Finally, we establish reasons for the complete restructuring of the responsibilities, requirements, and proactive options for implementing cybersecurity rules by IoT device manufacturers.\",\"PeriodicalId\":368903,\"journal\":{\"name\":\"2022 IEEE Conference on Dependable and Secure Computing (DSC)\",\"volume\":\"41 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-06-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE Conference on Dependable and Secure Computing (DSC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DSC54232.2022.9888910\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DSC54232.2022.9888910","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Call for a New Privacy & Security Regime for IoT Smart Toys
The current set of reactive regulatory agencies, legal protections, and market forces have proven inadequate for managing the security and privacy of the Internet of Things (IoT). Given the ubiquitous nature of IoT devices, current cybersecurity and privacy laws fail to enforce the protections of the data of vulnerable populations. The most vulnerable of these users are children, who are at the most significant risk of harm and least adequately protected by the current regime of controls for devices such as smart toys. In this paper, we review the currently existing regulatory and legal controls related to IoT devices while giving a brief overview of privacy & security policies that govern the data access, retention, and usage policies of children's smart toys. We detail the impact of such security and privacy vulnerabilities by conducting three case studies on IoT smart toys, including FisherPrice's SmartBear, Spiral Toys CloudPet Unicorn, and Owl's SmartWatch. Finally, we establish reasons for the complete restructuring of the responsibilities, requirements, and proactive options for implementing cybersecurity rules by IoT device manufacturers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
