The Tangible Security project (TANSEC) aims to offer a more secure and accessible means to control IoT devices in from outside the home. A common approach to securing end-to-end connectivity between devices on the Internet is to utilise a Virtual Private Network (VPN) which requires a cloud-based intermediary to manage communication. With this reliance upon a third-party comes a set of security, privacy and compliance concerns that are difficult to mitigate. In the TANSEC project, we are exploring how new protocols can be exploited to support direct encrypted communication between householders and their devices. A core challenge of secure peer to peer communication is how to enable the secure exchange of the keys necessary to encrypt traffic. Making physical interactions a requirement of exchange has the potential to mitigate a whole class of online attacks. TANSEC is therefore investigating the viability of a solution space that utilises semi-fixed features within a user’s household as a means to authenticate and enable key exchange between devices. These semi-fixed features may either be dedicated devices or mundane household objects, such as shelves, lamps and chairs, enhanced with new interactional capabilities.
We are currently running an online study, which presents nine different scenarios and asks for feedback on each. It only takes ten to fifteen minutes to complete, and is open to anyone and everyone to take part. If you are interested we’d really appreciate it if you could give it a go. Thanks!
Tags: Internet of Things, IoT, online, smart devices, trust, trusted, VPN