谁在控制我的设备?面向共享智能家居环境的多用户多设备感知门禁系统

IF 3.5 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS
A. Sikder, Leonardo Babun, Z. Berkay Celik, Hidayet Aksu, P. Mcdaniel, E. Kirda, A. Uluagac
{"title":"谁在控制我的设备?面向共享智能家居环境的多用户多设备感知门禁系统","authors":"A. Sikder, Leonardo Babun, Z. Berkay Celik, Hidayet Aksu, P. Mcdaniel, E. Kirda, A. Uluagac","doi":"10.1145/3543513","DOIUrl":null,"url":null,"abstract":"Multiple users have access to multiple devices in a smart home system – typically through a dedicated app installed on a mobile device. Traditional access control mechanisms consider one unique, trusted user that controls access to the devices. However, multi-user multi-device smart home settings pose fundamentally different challenges to traditional single-user systems. For instance, in a multi-user environment, users have conflicting, complex, and dynamically-changing demands on multiple devices that cannot be handled by traditional access control techniques. Moreover, smart devices from different platforms/vendors can share the same home environment, making existing access control obsolete for smart home systems. To address these challenges, in this paper, we introduce Kratos+, a novel multi-user and multi-device-aware access control mechanism that allows smart home users to flexibly specify their access control demands. Kratos+ has four main components: user interaction module, backend server, policy manager, and policy execution module. Users can easily specify their desired access control settings using the interaction module that are translated into access control policies in the back-end server. The policy manager analyzes these policies, initiates automated negotiation between users to resolve conflicting demands, and generates final policies to enforce in smart home systems. We implemented Kratos+ as a platform-independent solution and evaluated its performance on real smart home deployments featuring multi-user scenarios with a rich set of configurations (337 different policies including 231 demand conflicts and 69 restriction policies). These configurations also included five different threats associated with access control mechanisms. Our extensive evaluations show that Kratos+ is very effective in resolving conflicting access control demands with minimal overhead. We also performed an extensive user study with 72 smart home users to better understand the user’s needs before designing the system and a usability study to evaluate the efficacy of Kratos+ in a real-life smart home environment.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":3.5000,"publicationDate":"2022-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Who’s Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home Environment\",\"authors\":\"A. Sikder, Leonardo Babun, Z. Berkay Celik, Hidayet Aksu, P. Mcdaniel, E. Kirda, A. Uluagac\",\"doi\":\"10.1145/3543513\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Multiple users have access to multiple devices in a smart home system – typically through a dedicated app installed on a mobile device. Traditional access control mechanisms consider one unique, trusted user that controls access to the devices. However, multi-user multi-device smart home settings pose fundamentally different challenges to traditional single-user systems. For instance, in a multi-user environment, users have conflicting, complex, and dynamically-changing demands on multiple devices that cannot be handled by traditional access control techniques. Moreover, smart devices from different platforms/vendors can share the same home environment, making existing access control obsolete for smart home systems. To address these challenges, in this paper, we introduce Kratos+, a novel multi-user and multi-device-aware access control mechanism that allows smart home users to flexibly specify their access control demands. Kratos+ has four main components: user interaction module, backend server, policy manager, and policy execution module. Users can easily specify their desired access control settings using the interaction module that are translated into access control policies in the back-end server. The policy manager analyzes these policies, initiates automated negotiation between users to resolve conflicting demands, and generates final policies to enforce in smart home systems. We implemented Kratos+ as a platform-independent solution and evaluated its performance on real smart home deployments featuring multi-user scenarios with a rich set of configurations (337 different policies including 231 demand conflicts and 69 restriction policies). These configurations also included five different threats associated with access control mechanisms. Our extensive evaluations show that Kratos+ is very effective in resolving conflicting access control demands with minimal overhead. We also performed an extensive user study with 72 smart home users to better understand the user’s needs before designing the system and a usability study to evaluate the efficacy of Kratos+ in a real-life smart home environment.\",\"PeriodicalId\":29764,\"journal\":{\"name\":\"ACM Transactions on Internet of Things\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":3.5000,\"publicationDate\":\"2022-06-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Transactions on Internet of Things\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3543513\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Internet of Things","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3543513","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 7

摘要

多个用户可以访问智能家居系统中的多个设备-通常通过安装在移动设备上的专用应用程序。传统的访问控制机制考虑一个唯一的、受信任的用户来控制对设备的访问。然而,多用户多设备智能家居设置对传统的单用户系统构成了根本不同的挑战。例如,在多用户环境中,用户对多个设备的需求是相互冲突的、复杂的、动态变化的,传统的访问控制技术无法处理这些需求。此外,来自不同平台/供应商的智能设备可以共享相同的家庭环境,使现有的访问控制对智能家居系统来说已经过时。为了应对这些挑战,本文介绍了一种新的多用户、多设备感知的访问控制机制Kratos+,它允许智能家居用户灵活地指定他们的访问控制需求。Kratos+有四个主要组件:用户交互模块、后端服务器、策略管理器和策略执行模块。用户可以使用交互模块轻松指定所需的访问控制设置,交互模块在后端服务器中转换为访问控制策略。策略管理器分析这些策略,启动用户之间的自动协商以解决冲突的需求,并生成最终的策略以在智能家居系统中执行。我们将Kratos+作为一个独立于平台的解决方案实现,并在具有丰富配置集(337种不同策略,包括231种需求冲突和69种限制策略)的多用户场景的真实智能家居部署中评估其性能。这些配置还包括与访问控制机制相关的五种不同威胁。我们的广泛评估表明,Kratos+在以最小的开销解决冲突的访问控制需求方面非常有效。我们还对72名智能家居用户进行了广泛的用户研究,以便在设计系统之前更好地了解用户的需求,并进行了可用性研究,以评估Kratos+在现实生活中的智能家居环境中的功效。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Who’s Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home Environment
Multiple users have access to multiple devices in a smart home system – typically through a dedicated app installed on a mobile device. Traditional access control mechanisms consider one unique, trusted user that controls access to the devices. However, multi-user multi-device smart home settings pose fundamentally different challenges to traditional single-user systems. For instance, in a multi-user environment, users have conflicting, complex, and dynamically-changing demands on multiple devices that cannot be handled by traditional access control techniques. Moreover, smart devices from different platforms/vendors can share the same home environment, making existing access control obsolete for smart home systems. To address these challenges, in this paper, we introduce Kratos+, a novel multi-user and multi-device-aware access control mechanism that allows smart home users to flexibly specify their access control demands. Kratos+ has four main components: user interaction module, backend server, policy manager, and policy execution module. Users can easily specify their desired access control settings using the interaction module that are translated into access control policies in the back-end server. The policy manager analyzes these policies, initiates automated negotiation between users to resolve conflicting demands, and generates final policies to enforce in smart home systems. We implemented Kratos+ as a platform-independent solution and evaluated its performance on real smart home deployments featuring multi-user scenarios with a rich set of configurations (337 different policies including 231 demand conflicts and 69 restriction policies). These configurations also included five different threats associated with access control mechanisms. Our extensive evaluations show that Kratos+ is very effective in resolving conflicting access control demands with minimal overhead. We also performed an extensive user study with 72 smart home users to better understand the user’s needs before designing the system and a usability study to evaluate the efficacy of Kratos+ in a real-life smart home environment.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
5.20
自引率
3.70%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信