POSTER: Friend or Foe? Context Authentication for Trust Domain Separation in IoT Environments

The Internet of Things (IoT) is rapidly emerging, resulting in a growing demand for guaranteeing its security and privacy. Imagine the following scenario: In a not so distant future you have just purchased a number of Internet-of-Things (IoT) appliances for your smart home. You are standing in your living room and would like to have these new devices wirelessly connect to each other and your home network. The set of your own devices in your network constitute your trust domain. Most IoT devices are equipped with environmental sensors, e.g., for monitoring ambient luminosity, audio, or temperature. A breach in your trust domain could leak such sensor data, and hence potentially sensitive private information about your behavior and habits, to outsiders. Therefore, you want to make sure that none of your devices accidentally connect to your neighbor’s home network. You also want to make sure that only your own devices are granted access to your trust domain. The devices could use appropriate service discovery and key exchange protocols to establish secure communication links with each other and other devices like the home WiFi router. But how can your devices distinguish between other devices that belong to your trust domain and devices of your neighbors that happen to lie within wireless communication range? That is, how can devices in a trust domain (e.g., your home) authenticate each other?