Strengthening Access Control in case of Compromised Accounts in Smart Home

Research output: Contribution in Book/Catalog/Report/Conference proceedingConference contribution

23 Downloads (Pure)

Abstract

Smart home user usually controls smart devices through smart application, which is managed by user’s account. Thus, compromised account is possible and countermeasure to such attack can help protect both devices and data pertaining to them. In this paper, we propose a security countermeasure in case of compromised account in smart home system by intro- ducing another layer of access control beyond the traditional authentication method (e.g. username and password). In our proposed approach, although user is successfully authenticated, he subjects to another control at devices or data permission level for every access attempt to them. This control takes into account the profile and behaviour of user requesting access to the system to determine whether user is legitimate or malicious and access control permission and type of access control enforcement are decided based on that factor.
Original languageEnglish
Title of host publication2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2017
Pages1-8
Number of pages8
Volume2017-October
ISBN (Electronic)9781538638392
DOIs
Publication statusPublished - 20 Nov 2017
EventThe 2nd IEEE WiMob 2017 Workshop on Smart Environments & Urban Networking, (SEUNet 2017) Collocated with the 13th IEEE WiMob 2017, Rome, Italy, 9th October 2017 - Rome, Italy
Duration: 9 Oct 20179 Oct 2017
http://www.polymtl.ca/seunet2017/authors.html

Publication series

NameInternational Conference on Wireless and Mobile Computing, Networking and Communications
Volume2017-October

Scientific committee

Scientific committeeThe 2nd IEEE WiMob 2017 Workshop on Smart Environments & Urban Networking, (SEUNet 2017) Collocated with the 13th IEEE WiMob 2017, Rome, Italy, 9th October 2017
CountryItaly
CityRome
Period9/10/179/10/17
Internet address

Fingerprint

Access control
Authentication

Keywords

  • Access control
  • Account hacking
  • Compromised account
  • IoT
  • Security countermeasure
  • Smart home

Cite this

Rath, T. M. A., & Colin, J-N. (2017). Strengthening Access Control in case of Compromised Accounts in Smart Home. In 2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2017 (Vol. 2017-October, pp. 1-8). [8115827] (International Conference on Wireless and Mobile Computing, Networking and Communications; Vol. 2017-October). https://doi.org/10.1109/WiMOB.2017.8115827
Rath, Thavy Mony Annanda ; Colin, Jean-Noël. / Strengthening Access Control in case of Compromised Accounts in Smart Home. 2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2017. Vol. 2017-October 2017. pp. 1-8 (International Conference on Wireless and Mobile Computing, Networking and Communications).
@inproceedings{c1574250f2ef477e8197ccd8d1d8192a,
title = "Strengthening Access Control in case of Compromised Accounts in Smart Home",
abstract = "Smart home user usually controls smart devices through smart application, which is managed by user’s account. Thus, compromised account is possible and countermeasure to such attack can help protect both devices and data pertaining to them. In this paper, we propose a security countermeasure in case of compromised account in smart home system by intro- ducing another layer of access control beyond the traditional authentication method (e.g. username and password). In our proposed approach, although user is successfully authenticated, he subjects to another control at devices or data permission level for every access attempt to them. This control takes into account the profile and behaviour of user requesting access to the system to determine whether user is legitimate or malicious and access control permission and type of access control enforcement are decided based on that factor.",
keywords = "Access control, Account hacking, Compromised account, IoT, Security countermeasure, Smart home",
author = "Rath, {Thavy Mony Annanda} and Jean-No{\"e}l Colin",
year = "2017",
month = "11",
day = "20",
doi = "10.1109/WiMOB.2017.8115827",
language = "English",
isbn = "9781538638392",
volume = "2017-October",
series = "International Conference on Wireless and Mobile Computing, Networking and Communications",
pages = "1--8",
booktitle = "2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2017",

}

Rath, TMA & Colin, J-N 2017, Strengthening Access Control in case of Compromised Accounts in Smart Home. in 2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2017. vol. 2017-October, 8115827, International Conference on Wireless and Mobile Computing, Networking and Communications, vol. 2017-October, pp. 1-8, The 2nd IEEE WiMob 2017 Workshop on Smart Environments & Urban Networking, (SEUNet 2017) Collocated with the 13th IEEE WiMob 2017, Rome, Italy, 9th October 2017, Rome, Italy, 9/10/17. https://doi.org/10.1109/WiMOB.2017.8115827

Strengthening Access Control in case of Compromised Accounts in Smart Home. / Rath, Thavy Mony Annanda; Colin, Jean-Noël.

2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2017. Vol. 2017-October 2017. p. 1-8 8115827 (International Conference on Wireless and Mobile Computing, Networking and Communications; Vol. 2017-October).

Research output: Contribution in Book/Catalog/Report/Conference proceedingConference contribution

TY - GEN

T1 - Strengthening Access Control in case of Compromised Accounts in Smart Home

AU - Rath, Thavy Mony Annanda

AU - Colin, Jean-Noël

PY - 2017/11/20

Y1 - 2017/11/20

N2 - Smart home user usually controls smart devices through smart application, which is managed by user’s account. Thus, compromised account is possible and countermeasure to such attack can help protect both devices and data pertaining to them. In this paper, we propose a security countermeasure in case of compromised account in smart home system by intro- ducing another layer of access control beyond the traditional authentication method (e.g. username and password). In our proposed approach, although user is successfully authenticated, he subjects to another control at devices or data permission level for every access attempt to them. This control takes into account the profile and behaviour of user requesting access to the system to determine whether user is legitimate or malicious and access control permission and type of access control enforcement are decided based on that factor.

AB - Smart home user usually controls smart devices through smart application, which is managed by user’s account. Thus, compromised account is possible and countermeasure to such attack can help protect both devices and data pertaining to them. In this paper, we propose a security countermeasure in case of compromised account in smart home system by intro- ducing another layer of access control beyond the traditional authentication method (e.g. username and password). In our proposed approach, although user is successfully authenticated, he subjects to another control at devices or data permission level for every access attempt to them. This control takes into account the profile and behaviour of user requesting access to the system to determine whether user is legitimate or malicious and access control permission and type of access control enforcement are decided based on that factor.

KW - Access control

KW - Account hacking

KW - Compromised account

KW - IoT

KW - Security countermeasure

KW - Smart home

UR - http://www.scopus.com/inward/record.url?scp=85041385331&partnerID=8YFLogxK

U2 - 10.1109/WiMOB.2017.8115827

DO - 10.1109/WiMOB.2017.8115827

M3 - Conference contribution

SN - 9781538638392

VL - 2017-October

T3 - International Conference on Wireless and Mobile Computing, Networking and Communications

SP - 1

EP - 8

BT - 2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2017

ER -

Rath TMA, Colin J-N. Strengthening Access Control in case of Compromised Accounts in Smart Home. In 2017 IEEE 13th International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2017. Vol. 2017-October. 2017. p. 1-8. 8115827. (International Conference on Wireless and Mobile Computing, Networking and Communications). https://doi.org/10.1109/WiMOB.2017.8115827