This one-hour talk by David Kotz was presented at ARM Research in Austin, TX at the end of January 2019.  The first half covers some recent THaW research about Wanda and SNAP and the second half lays out some security challenges in the Internet of Things.  Watch the video below.

Abstract: The homes, offices, and vehicles of tomorrow will be embedded with numerous “Smart Things,” networked with each other and with the Internet. Many of these Things interact with their environment, with other devices, and with human users – and yet most of their communications occur invisibly via wireless networks.  How can users express their intent about which devices should communicate – especially in situations when those devices have never encountered each other before?   We present our work exploring novel combinations of physical proximity and user interaction to ensure user intent in establishing and securing device interactions. 

What happens when an occupant moves out or transfers ownership of her Smart Environment?  How does an occupant identify and decommission all the Things in an environment before she moves out?  How does a new occupant discover, identify, validate, and configure all the Things in the environment he adopts?  When a person moves from smart home to smart office to smart hotel, how is a new environment vetted for safety and security, how are personal settings migrated, and how are they securely deleted on departure?  When the original vendor of a Thing (or the service behind it) disappears, how can that Thing (and its data, and its configuration) be transferred to a new service provider?  What interface can enable lay people to manage these complex challenges, and be assured of their privacy, security, and safety?   We present a list of key research questions to address these important challenges.