Page 137 - Kaleidoscope Academic Conference Proceedings 2021
P. 137
RESEARCH ON SECURITY AND PRIVACY FOR IOT-DOMOTICS
1
1
1
Jinxue Cheng ; Xiaoming Lu ; Qin Qiu ; Qing Lu
2
1 China Mobile (Hang Zhou) Information Technology Co. Ltd, China
2 China Mobile Communications Group Co. Ltd, China
ABSTRACT Vulnerabilities of smart device emerge one after another.
Smart devices pose threats to the security and privacy of
This paper describes the basic characteristics of IoT- individuals, businesses, and society [2,3]. In 2019, one of the
domotics, and proposes an IoT-domotics reference model world's hottest home security hardware products, the Ring
based on IoT-domotics entities, including service, IoT- smart doorbell and camera, exposed security vulnerabilities.
domotics gateway, IoT-domotics devices and physical A large number of users complained that their private lives
entities, and networks. Then, based on the IoT-domotics were transmitted to the Internet by hackers, and even hackers
reference model, this paper analyzes the security and privacy used the camera to greet the baby in the cradle [4].
risks of the IoT-domotics for different IoT-domotics entities. Researchers discovered a popular smart lock vulnerability,
Considering the characteristics of the IoT-domotics, this which attackers can use to remotely open the door and break
paper also proposes the security control principles of the into the house [5].
IoT-domotics, and gives the corresponding security and
privacy controls, aiming to provide technical support for Smart speakers, as a voice control terminal, is more
IoT-domotics security and promote the security application vulnerable to attack [6]. After several years of heated
of IoT-domotics technology. Finally, this paper compares the performances by various artificial intelligence vendors such
supporting control schemes implemented by some as Amazon, Google, Ali, and Baidu, the smart speaker
researchers to demonstrate the advantages and market finally ushered in a total explosion in 2019. But on
disadvantages of existing IoT-domotics security control the security issue, whether it is a Tesla electric car or a smart
schemes. speaker, once it receives attention by the information
security community, it will eventually be inevitable to escape
Keywords – IoT-domotics, security, privacy the curse of "death in heat". Although the likelihood of
malicious actors accessing an individual smart speaker is low,
1. INTRODUCTION cases of Echo recordings being accidentally played to
strangers have made headlines [7].
IoT-domotics is an IoT system composed of networks,
devices, services and users typically used in the domicile or Smart toys are no longer "fun". Connected smart toys are
as electronic wearables. Devices are usually available to the still unsafe [8]. In December last year, security researchers
consumer through retail purchase, and according to ISO/IEC discovered that various child-specific connected toys have
TR 22417:2017 Information technology -- Internet of things many inherent security problems, such as the lack of
(IoT)-IoT use cases [1]. Domicile denotes the private, hence authentication for device pairing, and the lack of encryption
a highly customizable area where someone lives, alone or for networked accounts. At the 2019 Black Hat Conference
with guests or cohabitants. Thus, it includes dedicated in the United States, researchers showed the security test
infrastructure aimed at supporting those individuals, such as results of the LeapPad Ultimate children's education tablet,
healthcare and wellness systems, building control systems, indicating that the tablet has many security issues, including
smart metering and systems for entertainment or gaming. allowing bad actors to track devices, send messages to
children, or launch man-in-the-middle attacks.
IoT-domotics is not only the most prominent and successful
area in IoT, but also an important application that connects The security and privacy of IoT-domotics have a bearing on
IoT technology and the physical space, and is the important the normal operations of in-domicile services, privacy and
carrier to realize the interaction between the virtual network safety of residents, and the security assurance of
world and the real world. The emergence of IoT-domotics infrastructures that are linked directly or indirectly with
brings convenience to users and greatly improves human life, devices or services. Stakeholders including users, service
but there are also many security problems hidden behind it. providers, device manufacturers, network operators and
industry supervisors are becoming increasingly concerned
by the security and privacy issues of IoT-domotics.
978-92-61-33881-7/CFP2168P @ ITU 2021 – 75 – Kaleidoscope