research-article

A Secure Event Logging System for Smart Homes

Authors:

Sepideh Avizheh,

Tam Thanh Doan,

Reihaneh Safavi-NainiAuthors Info & Claims

IoTS&P '17: Proceedings of the 2017 Workshop on Internet of Things Security and Privacy

Pages 37 - 42

https://doi.org/10.1145/3139937.3139945

Published: 03 November 2017 Publication History

Abstract

Smart homes include hundreds of devices that generate messages, and communicate with each other and the world outside the home, to provide a highly functional, optimized and personalized environment for residents. A secure and reliable event logging system is an essential component of smart homes with a wide range of applications such as fault detection, forensics and accounting. Existing smart home IoT frameworks are cloud-based and privacy of fine-grained log data is a real concern. In this paper we propose a host-based conceptual framework for storing and processing data in smart homes, analyze security requirements of such environments and design a forward secure event logging system that satisfies these environments. We give an overview of our implementation of a message (event) logging system for a typical home, and present efficiency evaluation of our cryptographic design.

References

[1]

2017. https://www.openssl.org/docs/man1.0.2/crypto/sha.html. (2017). Accessed on July 27, 2017.

[2]

James H Andrews. 1998. Testing using log file analysis: tools, methods, and issues. In Automated Software Engineering, 1998. Proceedings. 13th IEEE International Conference on. IEEE, 157--166.

[3]

Apple. 2017. Smart Home Kits. https://developer.apple.com/library/content/documentation. (2017). Accessed on July 27, 2017.

[4]

Mihir Bellare and Bennet Yee. 1997. Forward integrity for secure audit logs. Technical Report. Technical report, Computer Science and Engineering Department, University of California at San Diego.

[5]

bitcoinWiki. 2017. Transaction. https://en.bitcoin.it/wiki/Transaction. (2017). Accessed on January 05, 2017.

[6]

Dan Boneh, Ben Lynn, and Hovav Shacham. 2001. Short signatures from theWeil pairing. Advances in Cryptology - ASIACRYPT 2001 (2001), 514--532.

[7]

Denis Butin and Daniel Le Métayer. 2014. Log Analysis for Data Protection Accountability. In FM. 163--178.

[8]

Ran Canetti, Shai Halevi, and Jonathan Katz. 2003. A forward-secure public-key encryption scheme. In Eurocrypt, Vol. 2656. Springer, 255--271.

[9]

Li Da Xu,Wu He, and Shancang Li. 2014. Internet of things in industries: A survey. IEEE Transactions on industrial informatics 10, 4 (2014), 2233--2243.

[10]

Mari Carmen Domingo. 2012. An overview of the Internet of Things for people with disabilities. Journal of Network and Computer Applications 35, 2 (2012), 584--596.

Digital Library

[11]

Patrick Th. Eugster, Pascal A. Felber, Rachid Guerraoui, and Anne-Marie Kermarrec. 2003. The Many Faces of Publish/Subscribe. ACM Comput. Surv. 35, 2 (June 2003), 114--131. https://doi.org/10.1145/857076.857078

Digital Library

[12]

International Organization for Standardization. 2016. ISO/IEC 20922:2016 - Information technology - Message Queuing Telemetry Transport (MQTT) v3.1.1. https://www.iso.org/standard/69466.html. (2016). Accessed on July 01, 2017.

[13]

Oded Goldreich. 1998. Secure multi-party computation. Manuscript. Preliminary version (1998), 86--97.

[14]

Urs Hunkeler, Hong Linh Truong, and Andy Stanford-Clark. 2008. MQTT-S -A publish/subscribe protocol for Wireless Sensor Networks. In Communication systems software and middleware and workshops, 2008. comsware 2008. 3rd international conference on. IEEE, 791--798.

[15]

IBM. 2017. Watson IoT Platform. https://console.bluemix.net/docs/services/IoT/iotplatform. (2017). Accessed on July 27, 2017.

[16]

Johan Ivarsson and Andreas Nilsson. 2010. A Review of Hardware Security Modules. https://www.opendnssec.org/wp-content/uploads/2011/01/A-Review-of-Hardware-Security-Modules-Fall-2010.pdf. (2010).

[17]

Jiong Jin, Jayavardhana Gubbi, Slaven Marusic, and Marimuthu Palaniswami. 2014. An information framework for creating a smart city through internet of things. IEEE Internet of Things Journal 1, 2 (2014), 112--121.

[18]

Himal Lalla, Stephen Flowerday, Tendai Sanyamahwe, and Paul Tarwireyi. 2012. A Log File Digital Forensic Model. In IFIP Int. Conf. Digital Forensics. Springer, 247--259.

[19]

Ben Lynn. 2017. https://crypto.stanford.edu/pbc/. (2017). Accessed on July 27, 2017.

[20]

Di Ma. 2008. Practical forward secure sequential aggregate signatures. In Proceedings of the 2008 ACM symposium on Information, computer and communications security. ACM, 341--352.

Digital Library

[21]

Di Ma and Gene Tsudik. 2007. Forward-secure sequential aggregate authentication. In Security and Privacy, 2007. SP'07. IEEE Symposium on. IEEE, 86--91.

Digital Library

[22]

Di Ma and Gene Tsudik. 2009. A new approach to secure logging. ACM Transactions on Storage (TOS) 5, 1 (2009), 2.

[23]

Giorgia Azzurra Marson and Bertram Poettering. 2013. Practical secure logging: Seekable sequential key generators. In European Symposium on Research in Computer Security. Springer, 111--128.

[24]

Giorgia Azzurra Marson and Bertram Poettering. 2014. Even more practical secure logging: Tree-based seekable sequential key generators. In European Symposium on Research in Computer Security. Springer, 37--54.

Digital Library

[25]

David L. Mills. 1997. Computer network time synchronization. In Report Dagstuhl Seminar on Time Services Schloß Dagstuhl, March, Vol. 11. Springer, 332.

[26]

Mosquitto. 2017. An Open SourceMQTT v3.1/v3.1.1 Broker. https://mosquitto.org. (2017). Accessed on July 27, 2017.

[27]

Satoshi Nakamoto. 2017. Bitcoin. https://bitcoin.org/en/. (2017). Accessed on July 27, 2017.

[28]

Samsung. 2017. SmartThings. http://docs.smartthings.com/en/latest/getting-started/overview.html. (2017). Accessed on July 27, 2017.

[29]

Bruce Schneier. 2017. Security and the Internet of Things. https://www.schneier.com/blog/archives/2017/02/security_and_th.html. (February 2017). Accessed on August 01, 2017.

[30]

Bruce Schneier and John Kelsey. 1999. Secure audit logs to support computer forensics. ACM Transactions on Information and System Security (TISSEC) 2, 2 (1999), 159--176.

Digital Library

[31]

Alin Tomescu and Srinivas Devadas. 2017. Catena: Efficient non-equivocation via Bitcoin. In IEEE Symp. on Security and Privacy.

[32]

Ben Zhang, Nitesh Mor, John Kolb, Douglas S. Chan, Ken Lutz, Eric Allman, JohnWawrzynek, Edward A. Lee, and John Kubiatowicz. 2015. The Cloud is Not Enough: Saving IoT from the Cloud. In HotCloud.

Cited By

Muni Venkateswarlu KAvizheh SSafavi-Naini R(2020)A Blockchain Based Approach to Resource Sharing in Smart NeighbourhoodsFinancial Cryptography and Data Security10.1007/978-3-030-54455-3_39(550-567)Online publication date: 7-Aug-2020
https://doi.org/10.1007/978-3-030-54455-3_39
Avizheh SSafavi-Naini RLi S(2020)Secure Logging with Security Against Adaptive Crash AttackFoundations and Practice of Security10.1007/978-3-030-45371-8_9(137-155)Online publication date: 17-Apr-2020
https://doi.org/10.1007/978-3-030-45371-8_9
Luoto A(2019)Log Analysis of 360-degree Video Users via MQTTProceedings of the 2019 2nd International Conference on Geoinformatics and Data Analysis10.1145/3318236.3318248(130-137)Online publication date: 15-Mar-2019
https://dl.acm.org/doi/10.1145/3318236.3318248
Show More Cited By

Index Terms

A Secure Event Logging System for Smart Homes
1. Security and privacy

Recommendations

Secure Smart Homes: Opportunities and Challenges

The Smart Home concept integrates smart applications in the daily human life. In recent years, Smart Homes have increased security and management challenges due to the low capacity of small sensors, multiple connectivity to the Internet for efficient ...
A Survey on the Security of Smart Homes: Issues and Solutions
ICSDE'18: Proceedings of the 2nd International Conference on Smart Digital Environment

Today we are witnessing a new concept that is growing fast: The Internet of Things (IoT). We can see all devices we use in any field, are transformed into a smarter version such as smart homes, smart beds, smart coffee machines and smart everything. ...
Pervasive Activity Logging for Indoor Localization in Smart Homes
DSIT 2021: 2021 4th International Conference on Data Science and Information Technology

The scientific contribution of this work to address multiple global societal and economic challenges associated with the increasing aging population is primarily two-fold. First, it presents and discusses a new computing methodology - Pervasive Activity ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

IoTS&P '17: Proceedings of the 2017 Workshop on Internet of Things Security and Privacy

November 2017

90 pages

ISBN:9781450353960

DOI:10.1145/3139937

General Chairs:
Peng Liu
Penn State University, USA
,
Yuqing Zhang
University of Chinese Academy of Sciences, China
,
Program Chairs:
Theophilus Benson
Brown University, USA
,
Srikanth Sundaresan
Princeton University, USA

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '17

Sponsor:

SIGSAC

CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security

November 3, 2017

Texas, Dallas, USA

Acceptance Rates

IoTS&P '17 Paper Acceptance Rate 12 of 30 submissions, 40%;

Overall Acceptance Rate 12 of 30 submissions, 40%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
732
Total Downloads

Downloads (Last 12 months)22
Downloads (Last 6 weeks)1

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Muni Venkateswarlu KAvizheh SSafavi-Naini R(2020)A Blockchain Based Approach to Resource Sharing in Smart NeighbourhoodsFinancial Cryptography and Data Security10.1007/978-3-030-54455-3_39(550-567)Online publication date: 7-Aug-2020
https://doi.org/10.1007/978-3-030-54455-3_39
Avizheh SSafavi-Naini RLi S(2020)Secure Logging with Security Against Adaptive Crash AttackFoundations and Practice of Security10.1007/978-3-030-45371-8_9(137-155)Online publication date: 17-Apr-2020
https://doi.org/10.1007/978-3-030-45371-8_9
Luoto A(2019)Log Analysis of 360-degree Video Users via MQTTProceedings of the 2019 2nd International Conference on Geoinformatics and Data Analysis10.1145/3318236.3318248(130-137)Online publication date: 15-Mar-2019
https://dl.acm.org/doi/10.1145/3318236.3318248
Gupta HSingh M(2019)Cyber Threat Analysis of Consumer DevicesAdvances in Computing and Data Sciences10.1007/978-981-13-9942-8_4(32-45)Online publication date: 19-Jul-2019
https://doi.org/10.1007/978-981-13-9942-8_4
Doan TSafavi-Naini RLi SAvizheh SK. MFong P(2018)Towards a Resilient Smart HomeProceedings of the 2018 Workshop on IoT Security and Privacy10.1145/3229565.3229570(15-21)Online publication date: 7-Aug-2018
https://dl.acm.org/doi/10.1145/3229565.3229570
Barriga A JYoo S(2018)Security over Smart Home Automation Systems: A SurveyDevelopments and Advances in Defense and Security10.1007/978-3-319-78605-6_7(87-96)Online publication date: 6-Apr-2018
https://doi.org/10.1007/978-3-319-78605-6_7

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents