TY - GEN
T1 - Practical Integrity Validation in the Smart Home with HomeEndorser
AU - Kafle, Kaushal
AU - Jagtap, Kirti
AU - Ahmed-Rengers, Mansoor
AU - Jaeger, Trent
AU - Nadkarni, Adwait
N1 - Publisher Copyright:
© 2024 Owner/Author.
PY - 2024/5/27
Y1 - 2024/5/27
N2 - Modern smart home platforms facilitate home automation using trigger-action routines. While providing flexibility, routines may also cause serious threats to system integrity: untrusted third-parties may use platform APIs to modify the abstract home objects (AHOs) that high-integrity devices (e.g., security camera) rely on (i.e., as triggers). As most AHO accesses are legitimate, applying naive information flow controls or removing permissions would not only fail to prevent these problems, but also break functionality. Therefore, this paper proposes the alternate approach of home abstraction endorsement, which endorses a proposed AHO change by correlating it with expected environmental changes. We present the HomeEndorser framework, which provides a policy model to express changes in device states as endorsement policy templates that are automatically instantiated in a given configuration (based on device availability/placement), and a platform-based reference monitor to mediate all API requests to change AHOs. We implement HomeEndorser as an enhancement to the HomeAssistant platform, and demonstrate less than 10% performance overhead and no false alarms under realistic usage, as well as derive policy templates for 6 key AHOs.
AB - Modern smart home platforms facilitate home automation using trigger-action routines. While providing flexibility, routines may also cause serious threats to system integrity: untrusted third-parties may use platform APIs to modify the abstract home objects (AHOs) that high-integrity devices (e.g., security camera) rely on (i.e., as triggers). As most AHO accesses are legitimate, applying naive information flow controls or removing permissions would not only fail to prevent these problems, but also break functionality. Therefore, this paper proposes the alternate approach of home abstraction endorsement, which endorses a proposed AHO change by correlating it with expected environmental changes. We present the HomeEndorser framework, which provides a policy model to express changes in device states as endorsement policy templates that are automatically instantiated in a given configuration (based on device availability/placement), and a platform-based reference monitor to mediate all API requests to change AHOs. We implement HomeEndorser as an enhancement to the HomeAssistant platform, and demonstrate less than 10% performance overhead and no false alarms under realistic usage, as well as derive policy templates for 6 key AHOs.
UR - http://www.scopus.com/inward/record.url?scp=85198059454&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85198059454&partnerID=8YFLogxK
U2 - 10.1145/3643833.3656116
DO - 10.1145/3643833.3656116
M3 - Conference contribution
AN - SCOPUS:85198059454
T3 - WiSec 2024 - Proceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks
SP - 207
EP - 218
BT - WiSec 2024 - Proceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks
PB - Association for Computing Machinery, Inc
T2 - 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2024
Y2 - 27 May 2024 through 29 May 2024
ER -