GGrantIndex
← Search

Collaborative Research: EAGER: Understanding User Needs for Access Control Systems in Smart Settings

$150,000FY2022CSENSF

Northeastern University, Boston MA

Investigators

Abstract

Smart devices are increasingly popular. The use of smart locks, bulbs, switches, surveillance systems, sensors, thermostats, voice-enabled speaker systems, utility systems, and Internet-connected office/house/factory appliances has grown exponentially in a short period of time. According to recent figures, there will be close to 40 billion devices connected to the Internet by 2025, and more than 11.1 trillion dollars will be invested in manufacturing such smart devices in the next five years. In a smart environment (e.g., smart home, smart office, smart factory, etc.), devices are usually connected to a central hub such as Samsung's SmartThings, or Apple's HomeKit. Multiple users can access this plethora of devices typically with conflicting, complex, dynamically changing demands and current smart environment platforms do not allow conflicting demands of the users to be expressed explicitly. Indeed, the current access control mechanisms in smart platforms offer coarse-grained access controls that may cause safety and security issues and cannot resolve the conflicts automatically. Most importantly, our understanding of the usage of the emerging smart technologies across different settings is significantly limited. To address these challenges, in this EAGER project, we aim to investigate the actual needs of the users for a multi-user and multi-device aware access control mechanism in different smart environments in a comprehensive manner. Clearly, improving the security of smart environments and platforms has a direct and profound impact on millions of users. As smart devices have become one of the most vulnerable and most exploited systems, the ability to understand different design challenges and user desires/demands to increase the security of smart devices via this project presents rich opportunities for industrial and societal impact. The lack of fine-grained access control mechanisms in the world of smart devices limits the abilities of users, practitioners, and tools to prevent malicious behavior and unintended access. Current smart devices and platforms and traditional approaches cannot address complex, conflicting demands in a multi-user smart environment with numerous devices. Moreover, these environments often deploy numerous devices from multiple vendors with different technologies. This situation is exacerbated by the fact that the smart technologies are fast introduced to the market without fully understanding the constraints, the user needs, and the security and privacy aspects. Hence, the detailed understanding of the practical techniques, ideas, and the necessary tools that will be needed for the design of better access control systems in smart settings is an important first step. Specifically, this project will study the needs of users for the necessary access control capabilities to perform the tasks effectively, and in a secure and privacy-aware manner. Because smart devices are already becoming pervasive in our lives, workplaces, industrial settings, and are sometimes being compromised, the outcomes of this project will facilitate the design of safer and more secure systems. The proposed work will investigate the needs and desires of users for (1) their conflicting and complex demands, (2) flexible and configurable designs, (3) proper security and privacy settings via dedicated user studies. The project will also investigate the feasibility of successful transition-to-practice aspects of multi-user and multi-device aware access control mechanisms for smart environments. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →