Who's In Control? On Security Risks of Disjointed IoT Device Management Channels

An IoT device today can be managed through different channels, e.g., by its device manufacturer's app, or third-party channels such as Apple's Home app, or a smart speaker. Supporting each channel is a management framework integrated in the device and provided by different parties. For example, a device that integrates Apple HomeKit framework can be managed by Apple Home app. We call the management framework of this kind, including all its device- and cloud-side components, a device management channel (DMC). 4 third-party DMCs are widely integrated in today's IoT devices along with the device manufacturer's own DMC: HomeKit, Zigbee/Z-Wave compatible DMC, and smart-speaker Seamless DMC. Each of these DMCs is a standalone system that has full mandate on the device; however, if their security policies and control are not aligned, consequences can be serious, allowing a malicious user to utilize one DMC to bypass the security control imposed by the device owner on another DMC. We call such a problem Chaotic Device Management (Codema). This paper presents the first systematic study on Codema, based on a new model-guided approach. We purchased and analyzed 14 top-rated IoT devices and their integration and management of multiple DMCs. We found that Codema is both general and fundamental: these DMCs are generally not designed to coordinate with each other for security policies and control. The Codema problems enable the adversary to practically gain unauthorized access to sensitive devices (e.g., locks, garage doors, etc.). We reported our findings to affected parties (e.g., Apple, August, Philips Hue, ismartgate, Abode), which all acknowledged their importance. To mitigate this new threat, we designed and implemented CGuard, a new access control framework that device manufacturers can easily integrate into their IoT devices to protect end users. Our evaluation shows that CGuard is highly usable and acceptable to users, easy to adopt by manufacturers, and efficient and effective in security control.

[1]  Srikanth V. Krishnamurthy,et al.  IotSan: fortifying the safety of IoT systems , 2018, CoNEXT.

[2]  Hai Jin,et al.  Shattered Chain of Trust: Understanding Security Risks in Cross-Cloud IoT Access Delegation , 2020, USENIX Security Symposium.

[3]  Blase Ur,et al.  Rethinking Access Control and Authentication for the Home Internet of Things (IoT) , 2018, USENIX Security Symposium.

[4]  Jiwon Choi,et al.  Detecting and Identifying Faulty IoT Devices in Smart Home with Context Extraction , 2018, 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[5]  Vitaly Shmatikov,et al.  Situational Access Control in the Internet of Things , 2018, CCS.

[6]  Carl A. Gunter,et al.  Charting the Attack Surface of Trigger-Action IoT Platforms , 2019, CCS.

[7]  Yuan Tian,et al.  SmartAuth: User-Centered Authorization for the Internet of Things , 2017, USENIX Security Symposium.

[8]  David E. Culler,et al.  WAVE: A Decentralized Authorization Framework with Transitive Delegation , 2019, USENIX Security Symposium.

[9]  Atul Prakash,et al.  Decentralized Action Integrity for Trigger-Action IoT Platforms , 2018, NDSS.

[10]  Wei Zhang,et al.  HoMonit: Monitoring Smart Home Apps from Encrypted Traffic , 2018, CCS.

[11]  Peng Liu,et al.  Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms , 2018, USENIX Security Symposium.

[12]  Earlence Fernandes,et al.  Security Analysis of Emerging Smart Home Applications , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[13]  Yan Jia,et al.  Burglars’ IoT Paradise: Understanding and Mitigating Security Risks of General Messaging Protocols on IoT Clouds , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[14]  Omar Alrawi,et al.  SoK: Security Evaluation of Home-Based IoT Deployments , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[15]  Patrick D. McDaniel,et al.  Soteria: Automated IoT Safety and Security Analysis , 2018, USENIX Annual Technical Conference.

[16]  Patrick D. McDaniel,et al.  IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT , 2019, NDSS.

[17]  Hongxin Hu,et al.  On the Safety of IoT Device Physical Interaction Control , 2018, CCS.

[18]  Qi Alfred Chen,et al.  ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms , 2017, NDSS.

[19]  Kehuan Zhang,et al.  Your IoTs Are (Not) Mine: On the Remote Binding Between IoT Devices and Users , 2019, 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[20]  Ravi Sandhu,et al.  The EGRBAC Model for Smart Home IoT , 2020, 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI).