onr:"swepub:oai:DiVA.org:kth-288489"
Search: onr:"swepub:oai:DiVA.org:kth-288489" > Friendly Fire :
- 1 of 1
- Previous record
- Next record
- To hitlist
Friendly Fire : Cross-App Interactions in IoT Platforms
-
- Balliu, Musard (author)
- KTH,Teoretisk datalogi, TCS
-
- Merro, Massimo (author)
- University of Verona
-
- Pasqua, Michele (author)
- University of Verona
- show more...
- show less...
- (creator_code:org_t)
- 2021-04
- 2021
- English.
- In: ACM Transactions on Privacy and Security (TOPS). - : Association for Computing Machinery (ACM). - 2471-2566 .- 2471-2574. ; 24:3, s. 1-40
- Journal article (peer-reviewed)
Abstract
Subject headings
Close
- IoT platforms enable users to connect various smart devices and online services via reactive apps running onthe cloud. These apps, often developed by third-parties, perform simple computations on data triggered byexternal information sources and actuate the results of computations on external information sinks. Recentresearch shows that unintended or malicious interactions between the different (even benign) apps of a usercan cause severe security and safety risks. These works leverage program analysis techniques to build toolsfor unveiling unexpected interference across apps for specific use cases. Despite these initial efforts, we arestill lacking a semantic framework for understanding interactions between IoT apps. The question of whatsecurity policy cross-app interference embodies remains largely unexplored.This paper proposes a semantic framework capturing the essence of cross-app interactions in IoT platforms.The framework generalizes and connects syntactic enforcement mechanisms to bisimulation-based notionsof security, thus providing a baseline for formulating soundness criteria of these enforcement mechanisms.Specifically, we present a calculus that models the behavioral semantics of a system of apps executingconcurrently, and use it to define desirable semantic policies targeting the security and safety of IoT apps.To demonstrate the usefulness of our framework, we define and implement static analyses for enforcingcross-app security and safety, and prove them sound with respect to our semantic conditions. We also leveragereal-world apps to validate the practical benefits of our tools based on the proposed enforcement mechanisms.
Subject headings
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik -- Datorsystem (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering -- Computer Systems (hsv//eng)
- NATURVETENSKAP -- Data- och informationsvetenskap -- Programvaruteknik (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Software Engineering (hsv//eng)
Keyword
- Cloud-based IoT platform
- IoT application security
- cross-app interference
Publication and Content Type
- ref (subject category)
- art (subject category)
Find in a library
- ACM Transactions on Privacy and Security (TOPS) (Search for host publication in LIBRIS)
To the university's database
- 1 of 1
- Previous record
- Next record
- To hitlist
Find more in SwePub
- By the author/editor
- Balliu, Musard
- Merro, Massimo
- Pasqua, Michele
- Shcherbakov, Mik ...
- About the subject
-
- ENGINEERING AND TECHNOLOGY
- ENGINEERING AND ...
- and Electrical Engin ...
- and Computer Systems
-
- NATURAL SCIENCES
- NATURAL SCIENCES
- and Computer and Inf ...
- and Software Enginee ...
- Articles in the publication
- ACM Transactions ...
- By the university
- Royal Institute of Technology
Search outside SwePub
- Extend your search to:
- Google Book Search
- Google Scholar
Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.
- Copyright © LIBRIS - National Library Systems
- LIBRIS.kb.se
