1 Department of Electronic Systems, The Faculty of Engineering and Science, Aalborg University, VBN2 Automation & Control, The Faculty of Engineering and Science, Aalborg University, VBN3 CISS - Center for Embedded Software Systems, The Faculty of Engineering and Science, Aalborg University, VBN4 The Faculty of Engineering and Science, Aalborg University, VBN5 University of Southern Denmark (SDU),
A security platform for home automation
In the digital age of home automation and with the proliferation of mobile Internet access, the intelligent home and its devices should be accessible at any time from anywhere. There are many challenges such as security, privacy, ease of configuration, incompatible legacy devices, a wealth of wireless standards, limited resources of embedded systems, etc. Taking these challenges into account, we present a Trusted Domain home automation platform, which dynamically and securely connects heterogeneous networks of Short-Range Wireless devices via simple non-expert user. interactions, and allows remote access via IP-based devices such as smartphones. The Trusted Domain platform fits existing legacy technologies by managing their interoperability and access controls, and it seeks to avoid the security issues of relying on third-party servers outside the home. It is a distributed system that enables secure end-to-end communication with home automation devices, and it supports device revocations as well as a structure of intersecting sets of nodes for scalability. Devices in the Trusted Domain are registered in a list that is distributed using a robust epidemic protocol optimized for constrained resources and network load sharing. The resource-intensive encryption operations are reduced to a minimum by sending short signed update queries and only synchronizing when necessary. An experiment on an embedded implementation examines timing, footprint, and behavioral properties of the protocol. The protocol has been formally verified by the UPPAAL model-checking tool. (C) 2012 Elsevier Ltd. All rights reserved.
Computers and Security, 2012, Vol 31, Issue 8, p. 940-955