SoftAuthZ: A context-aware, behavior-based authorization framework for home IoT

Nirnay Ghosh, Saket Ch, ra, Vinay Sachidan, a, Yuval Elovici

IEEE Internet of Things Journal 6 (6), 10773-10785, 2019

The smart home is one of the most prominent applications in the paradigm of the Internet of Things (IoT). While, it has added a level of comfort and convenience to our everyday life, at the same time, it brings a unique security challenge of mitigating insider threats, posed by legitimate users. Such threats primarily arise due to sharing of IoT devices and the presence of complex social and trust relationships among the users. The state-of-the-art home IoT platforms manage access control by deploying various multifactor authentication mechanisms. Nevertheless, such hard-security measures are inadequate to thwart insider threats, and there is a growing need to integrate user behavior and environmental contexts to make intelligent authorization decisions. In this article, we propose a novel context-sensitive and behavior-based security framework, called SoftAuthZ , that incorporates soft-security mechanisms, such as …