Page 140 - Kaleidoscope Academic Conference Proceedings 2021
P. 140
2021 ITU Kaleidoscope Academic Conference
device, and then can modify the device ID to control other The security level of hardware does not meet the security
users' devices horizontally and beyond authority. requirements of storing biological information, for
example, a trusted execution environment or special security
Replay attack. Some protocols did not consider security chip is not used.
factors at the beginning of design, which may lead to replay
attacks. There are no hardware control privacy options, such as
buttons to turn off the built-in microphone and camera of the
Network traffic analysis attack. The attacker can analyze IoT-domotics device.
the network traffic generated by the device to obtain
sensitive information such as the user's home environment or 3.2.4 Privacy risks for networks
privacy.
Network eavesdropping and traffic analysis. By analyzing
3.2 Privacy risks the sensor traffic, an attacker can access the original location
data by locating the transmission device and eavesdropping
3.2.1 Privacy risks for service subsystems on the location information transmission channel without
authorization, and obtain personal privacy information
No authorization or accurate authorization. In the IoT- related to the location information through computational
domotics scenario, the business ordered by an IoT-domotics inference.
user will be used by other IoT-domotics users, and the users
will be able to collect Personally Identifiable Information 4. SECURITY AND PRIVACY CONTROLS
(PII) [11] by default without knowing it. Collection of FOR IOT-DOMOTICS
children’s PII without the authorization of the child’s
guardian. 4.1 Principles for IoT-domotics controls
3.2.2 Privacy risks for IoT-domotics gateway Considering the characteristics of the IoT-domotics, before
giving a specific analysis of the privacy and security controls
Not authorized by the user. The built-in applications of an of the IoT-domotics, the following principles are important
IoT-domotics gateway lack a user interaction interface, for IoT-domotics controls.
which cannot well show the privacy policy and obtain IoT-
domotics users authorization. Different levels of security for different services. There are
natural physical boundaries between the domotics
The PII stored locally in the IoT-domotics gateway is not environment and outside environment, and the security
encrypted. The account password is stored in plain text. requirements are often different inside and outside the
physical boundaries.
Missing or insufficient access control mechanism. Lack of
access control and authentication mechanism for the USB Easy security settings for users. The security settings of
peripheral interface of the IoT-domotics gateway causes the devices and services in the domotics environment should be
application to have unrestricted access to the NAS device user-friendly. Complicated and expensive solutions would
through the USB peripheral interface of the IoT-domotics hinder the application of security measures.
gateway to obtain pictures and files.
Failsafe domotics devices. In case of a failure, domotics
3.2.3 Privacy risks for IoT-domotics devices and physical devices must be set in a state that cannot cause harm to the
entities inhabitants or the building. A failing system must not block
the use of other devices.
Not authorized by the user. The application may not be
able to show the user its privacy policy and obtain IoT- Restricted access to content services. According to
domotics users authorization. Smart TVs, cameras, voice whether the accessed content is suitable for minors, different
speakers, microphones and other devices and applications levels of permissions of the delivered content should be set.
have default monitoring and collection of PII in the
background. Consideration for children. The independence of children's
privacy should be fully respected. Children's privacy should
Lack of effective access control mechanism. The installed only be processed with the consent or authorization of the
third-party application can access the PII stored in the IoT- child's guardian.
domotics device. Family members can access other family
members' PII when using an IoT-domotics device. Scenario-specific privacy preferences. Depending on
whether the service is applied only with inhabitants in a
Network traffic is intercepted and eavesdropped on. domotics environment, the intensity of privacy protection is
When the wearable device starts the Bluetooth broadcast, the often different.
attacker can indirectly locate the location of the end user
through monitoring. Devices with RFID tags are scanned, Based on the above principles, security and privacy controls
located and tracked. Privacy information is seen and stolen. of IoT-domotics are considered, as in Table 2.
– 78 –
