Kratos: Multi-user multi-device-aware access control system for the smart home

Amit Kumar Sikder, Leonardo Babun, Z. Berkay Celik, Abbas Acar, Hidayet Aksu, Patrick McDaniel, Engin Kirda, A. Selcuk Uluagac

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In a smart home system, multiple users have access to multiple devices, typically through a dedicated app installed on a mobile device. Traditional access control mechanisms consider one unique trusted user that controls the access to the devices. However, multi-user multi-device smart home settings pose fundamentally different challenges to traditional single-user systems. For instance, in a multi-user environment, users have conflicting, complex, and dynamically changing demands on multiple devices, which cannot be handled by traditional access control techniques. To address these challenges, in this paper, we introduce Kratos, a novel multi-user and multi-device-aware access control mechanism that allows smart home users to flexibly specify their access control demands. Kratos has three main components: user interaction module, back-end server, and policy manager. Users can specify their desired access control settings using the interaction module which are translated into access control policies in the backend server. The policy manager analyzes these policies and initiates negotiation between users to resolve conflicting demands and generates final policies. We implemented Kratos and evaluated its performance on real smart home deployments featuring multi-user scenarios with a rich set of configurations (309 different policies including 213 demand conflicts and 24 restriction policies). These configurations included five different threats associated with access control mechanisms. Our extensive evaluations show that Kratos is very effective in resolving conflicting access control demands with minimal overhead, and robust against different attacks.

Original languageEnglish (US)
Title of host publicationWiSec 2020 - Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks
PublisherAssociation for Computing Machinery
Pages111-121
Number of pages11
ISBN (Electronic)9781450380065
DOIs
StatePublished - Jul 8 2020
Event13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2020 - Linz, Virtual, Austria
Duration: Jul 8 2020Jul 10 2020

Publication series

NameWiSec 2020 - Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Conference

Conference13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2020
CountryAustria
CityLinz, Virtual
Period7/8/207/10/20

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Kratos: Multi-user multi-device-aware access control system for the smart home'. Together they form a unique fingerprint.

Cite this