Virtual-Device-Based Policy Enforcement in Multi-Admin Smart Environments

Yunping Fang, Chenglong Fu, Xiaojiang Du

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

The Matter standard, formerly known as Connected Home over IP, has emerged as the preferred choice for most smart home IoT vendors and service providers for the next-generation smart home IoT systems. It enhances interoperability across different smart home ecosystems and introduces the multi-admin feature, allowing a device to be commissioned and managed by multiple platforms simultaneously. While this standard offers considerable convenience, it also presents challenges for security policy enforcement. Policy enforcement has been highlighted in various studies as a crucial countermeasure against smart home IoT system vulnerabilities. Existing smart home policy enforcement methods, designed for individual IoT admin platforms, operate under the assumption of having a global view and control over all IoT devices in a smart home. This assumption, however, is untenable in a multi-admin environment, where an admin may only have partial device access or a partial view. In this work, we thoroughly analyze these challenges in a multi-admin setting and propose the first cross-admin policy enforcement solution. Our solution can parse complex policies into deployable sub-policies for each admin, and create virtual device instances and virtual automation rules to interconnect various admins. We test our solution on a real-world testbed involving 12 IoT devices and three popular Matter-enabled IoT platforms. Our results show that our solution can enforce cross-admin policies with a 100% success rate and a very small delay.

Original languageEnglish
Title of host publication2023 IEEE 12th International Conference on Cloud Networking, CloudNet 2023
Pages343-351
Number of pages9
ISBN (Electronic)9798350313062
DOIs
StatePublished - 2023
Event12th IEEE International Conference on Cloud Networking, CloudNet 2023 - Hoboken, United States
Duration: 1 Nov 20233 Nov 2023

Publication series

Name2023 IEEE 12th International Conference on Cloud Networking, CloudNet 2023

Conference

Conference12th IEEE International Conference on Cloud Networking, CloudNet 2023
Country/TerritoryUnited States
CityHoboken
Period1/11/233/11/23

Keywords

  • IoT
  • Matter
  • Policy Enforcement
  • Security
  • Smart Home

Fingerprint

Dive into the research topics of 'Virtual-Device-Based Policy Enforcement in Multi-Admin Smart Environments'. Together they form a unique fingerprint.

Cite this