Page 137 - Kaleidoscope Academic Conference Proceedings 2021
P. 137

RESEARCH ON SECURITY AND PRIVACY FOR IOT-DOMOTICS




                                                                1
                                                                                 1
                                                    1
                                         Jinxue Cheng ; Xiaoming Lu ; Qin Qiu ; Qing Lu
                                                                        2
                                 1 China Mobile (Hang Zhou) Information Technology Co. Ltd, China
                                       2 China Mobile Communications Group Co. Ltd, China




                              ABSTRACT                        Vulnerabilities of smart device emerge one after another.
                                                              Smart  devices pose threats to the  security and privacy  of
           This  paper  describes  the  basic characteristics of IoT-  individuals, businesses, and society [2,3]. In 2019, one of the
           domotics, and  proposes  an  IoT-domotics  reference model   world's hottest home security hardware products, the Ring
           based on IoT-domotics entities,  including service, IoT-  smart doorbell and camera, exposed security vulnerabilities.
           domotics  gateway, IoT-domotics  devices  and physical   A large number of users complained that their private lives
           entities, and  networks.  Then, based on  the  IoT-domotics   were transmitted to the Internet by hackers, and even hackers
           reference model, this paper analyzes the security and privacy   used the camera to  greet  the baby in the cradle  [4].
           risks of the IoT-domotics for different IoT-domotics entities.   Researchers discovered a popular smart lock vulnerability,
           Considering the characteristics of the IoT-domotics,  this   which attackers can use to remotely open the door and break
           paper also proposes the security control principles of the   into the house [5].
           IoT-domotics,  and  gives the corresponding security and
           privacy controls, aiming to  provide technical support for   Smart speakers,  as a  voice control  terminal, is more
           IoT-domotics security and promote the security application   vulnerable to attack  [6].  After  several  years of heated
           of IoT-domotics technology. Finally, this paper compares the   performances by various artificial intelligence vendors such
           supporting  control  schemes  implemented by  some   as Amazon,  Google, Ali,  and Baidu, the smart speaker
           researchers   to   demonstrate  the  advantages  and  market finally ushered in a total explosion in 2019. But on
           disadvantages  of  existing IoT-domotics security  control   the security issue, whether it is a Tesla electric car or a smart
           schemes.                                           speaker, once  it  receives  attention by the information
                                                              security community, it will eventually be inevitable to escape
                 Keywords – IoT-domotics, security, privacy   the curse  of "death in heat".  Although the likelihood  of
                                                              malicious actors accessing an individual smart speaker is low,
                            1.  INTRODUCTION                  cases  of Echo  recordings  being accidentally played to
                                                              strangers have made headlines [7].
           IoT-domotics is  an  IoT system composed of  networks,
           devices, services and users typically used in the domicile or   Smart toys are no longer "fun". Connected smart toys are
           as electronic wearables. Devices are usually available to the   still unsafe [8]. In December last year, security researchers
           consumer through retail purchase, and according to ISO/IEC   discovered that various child-specific connected toys have
           TR 22417:2017 Information technology -- Internet of things   many inherent security  problems, such  as the lack  of
           (IoT)-IoT use cases [1]. Domicile denotes the private, hence   authentication for device pairing, and the lack of encryption
           a highly customizable area where someone lives, alone or   for networked accounts. At the 2019 Black Hat Conference
           with  guests or cohabitants. Thus, it includes  dedicated   in the United  States, researchers showed the security test
           infrastructure aimed at supporting those individuals, such as   results of the LeapPad Ultimate children's education tablet,
           healthcare and wellness systems, building control systems,   indicating that the tablet has many security issues, including
           smart metering and systems for entertainment or gaming.   allowing bad actors  to  track devices,  send  messages to
                                                              children, or launch man-in-the-middle attacks.
           IoT-domotics is not only the most prominent and successful
           area in IoT, but also an important application that connects   The security and privacy of IoT-domotics have a bearing on
           IoT technology and the physical space, and is the important   the normal operations of in-domicile services, privacy and
           carrier to realize the interaction between the virtual network   safety  of residents, and the security assurance of
           world and the real world. The emergence of IoT-domotics   infrastructures that are linked  directly  or indirectly with
           brings convenience to users and greatly improves human life,   devices  or services. Stakeholders including  users, service
           but there are also many security problems hidden behind it.   providers, device manufacturers,  network operators and
                                                              industry supervisors are  becoming increasingly concerned
                                                              by the security and privacy issues of IoT-domotics.




           978-92-61-33881-7/CFP2168P @ ITU 2021           – 75 –                                   Kaleidoscope
   132   133   134   135   136   137   138   139   140   141   142