Computer Science Thesis Proposal

— 4:30pm

Location:
In Person and Virtual - ET - McWilliams Classroom, Gates Hillman 4303 and Zoom

Speaker:
HAN ZHANG , Ph.D. StudentComputer Science DepartmentCarnegie Mellon University
https://zhanghan177.github.io/

Practical and Secure Splitting of IoT Device Functionalities

Internet-of-things (IoT) devices have rapidly gained popularity in people's daily lives. While these devices provide many smart functionalities and enable new applications, they raise several security and privacy concerns and practical operational challenges for device users and vendors. With their growing adoption and sheer volumes in deployment, IoT devices have become attractive targets for attackers, and many recent security incidents have broad and serious impacts. Meanwhile, IoT devices can collect a wide range of personal data through sensors and ubiquitous placements. It is an important challenge for device vendors to protect users' privacy and manage the access control properly. In addition, device vendors have to invest heftily in cloud infrastructures to mitigate the limited computation resources on devices. With more and more devices installed in the future, the demand for more computation will also increase.

We attribute these concerns and challenges of future IoT deployment partially to the predominant monolithic design of IoT devices and applications. Device vendors nowadays are responsible for many tasks, including addressing security and privacy concerns and maintaining their infrastructure to facilitate application demands. However, device vendors mainly focus on building compelling applications to attract more users. Therefore, they have to prioritize certain tasks over fulfilling other responsibilities given limited engineering resources. As a result, the current monolithic design leads to many vulnerabilities, security incidents, and inefficiencies.

In this thesis, we propose three new system architectures to split various functionalities current IoT device vendors need to manage themselves and offload them to third-parties. These offloading solutions improve the overall security, privacy, and efficiency in future smart home landscapes. Specifically, we demonstrate the following benefits of functionality splitting through efficient and secure designs for IoT devices. First, we can improve device security by relieving developers from the burden of managing third-party libraries themselves. Second, we can better protect users' privacy by having IoT devices delegate the task of managing ownership and data access control for users' private data. Finally, we can help reduce device vendors' management overhead and operating costs by enabling local computation offloading across different devices in users' homes, while providing integrity and security guarantees for the computation results.

Thesis Committee: Yuvraj Agarwal (Co-chair) Matt Fredrikson (Co-chair) Vyas Sekar Alec Wolman (Microsoft) Additional Information

In Person and Zoom Participation.  See announcement.

For More Information:
deb@cs.cmu.edu

Add event to Google
Add event to iCal