[Colloquium] LOCATION UPDATE - Weijia He Candidacy Exam/May 12, 2022

Thu May 12 08:29:44 CDT 2022

This is an announcement of Weijia He's Candidacy Exam.
===============================================
Candidate: Weijia He

Date: Thursday, May 12, 2022

Time:  9 am CST

Location: Exam will now be held fully remote, please see zoom link below

Zoom Link:  https://uchicago.zoom.us/j/91976514990?pwd=UWlLK0w5YU0xMUxFeHJqZkRDblYrZz09<https://urldefense.com/v3/__https://uchicago.zoom.us/j/91976514990?pwd=UWlLK0w5YU0xMUxFeHJqZkRDblYrZz09__;!!BpyFHLRN4TMTrA!9PHrjwIQwqDWjU_zYVS29fUJ5Lm-tz8QlXDzEW05GPjidM4XpeAUUOiZ_JxWyLpbitUwuwNLNH_W0AWfWpguYfqj$>

Title: Making Interactions With Home IoT Devices More Secure, Private, and Usable

Abstract: The internet of things for homes (home IoT) brings unique challenges to security. These home IoT devices often interact with multiple people under the same roof and are equipped with various modalities. They don't only react to commands from the user but also from the environment, which increases the attacking surface and changes the threat model. Home IoT devices' highly fragmented ecosystem only makes things worse, making it harder to find a solution that fits all. Traditional security measurements fail in these challenges because they are designed for conventional computing devices like computers or smartphones, which are mostly used by one user with proper screens and keyboards. These premises make mechanisms like access control and authentication much more manageable. On the other hand, traditional computing devices are all general-purposed, making enforcing allowlists impossible. This is no longer the case for home IoT devices, and new strategies must be taken. Responding to these emerging challenges in home IoT, we create a road map about how to make a home IoT system secure and usable on different levels. We are mainly interested in the device's interactions with the external world, such as users, environments, and remote servers. With such emphasis, we divide a home IoT system into three parts: user & software, environment & hardware, and network. For the user & software part, we survey what an access control system needs for complicatedly associated users and constantly changing contexts. For environments & hardware, we create a framework for context sensing, systematizing contexts and their required sensors, along with the security, privacy, and usability promises they hold. In the network part, we explore the design space of creating an allowlist that can work for various devices of one kind.

Advisors: Blase Ur

Committee Members: Blase Ur, Nick Feamster, and Heather Zheng

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.uchicago.edu/pipermail/colloquium/attachments/20220512/5d346019/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Thesis_Proposal.pdf
Type: application/pdf
Size: 2235147 bytes
Desc: Thesis_Proposal.pdf
URL: <http://mailman.cs.uchicago.edu/pipermail/colloquium/attachments/20220512/5d346019/attachment-0001.pdf>