Show simple item record

dc.contributor.authorFriesen, Micheal
dc.date.accessioned2021-08-17 16:51:52 (GMT)
dc.date.available2021-08-17 16:51:52 (GMT)
dc.date.issued2021-08-17
dc.date.submitted2021-08-03
dc.identifier.urihttp://hdl.handle.net/10012/17216
dc.description.abstractSmart hubs play a key role in the modern smart home in executing code on behalf of devices locally or on the cloud. Unfortunately, smart hubs are prone to security problems due to misconfigurations, device over permissioning and network mismanagement. In this work, I show the major vulnerabilities and attacks currently targeting smart hubs, and provide a brief overview of the literature that addresses these issues. After discussing the limitations found in the literature as well as the available off the shelf smart hubs, I provide an overview of PLOX, an end-to-end approach designed to combat a large number of the common vulnerabilities and security/privacy risks that impact smart hubs, while maintaining a moderate overhead. PLOX is designed to sandbox applications on the home WiFi router. This allows for increased network controls, as well as lower latency in direct communication with devices. PLOX provides a new hybrid security model that combines a mandatory access control (MAC) system with information flow control (IFC), providing developer familiarity while addressing the overtainting issue found within taint based IFC systems through a serverless execution pattern. In our evaluations, PLOX outperforms Amazon Lambda by 500% and an open source smart hub solution, Home Assistant, by 13%, all while providing finer grained security policies and improved security guarantees. This is due to PLOX's locality and its light weight nature. This work demonstrates that PLOX, an open source end-to-end solution for the smart home is well suited to address a large number of the security and privacy problems that the smart home suffers from. This work also highlights a number of novel approaches to smart hub designs, including the use of the home router to maintain device isolation, and combination of manifest and IFC based permission systems.en
dc.language.isoenen
dc.publisherUniversity of Waterlooen
dc.subjectIoTen
dc.subjectSmart Homeen
dc.subjectPrivacyen
dc.subjectSecurityen
dc.subjectSystemsen
dc.subjectSandboxingen
dc.titlePLOX: A Secure Serverless Framework for the Smart Homeen
dc.typeMaster Thesisen
dc.pendingfalse
uws-etd.degree.departmentDavid R. Cheriton School of Computer Scienceen
uws-etd.degree.disciplineComputer Scienceen
uws-etd.degree.grantorUniversity of Waterlooen
uws-etd.degreeMaster of Mathematicsen
uws-etd.embargo.terms0en
uws.contributor.advisorMashtizadeh, Ali
uws.contributor.advisorAbari, Omid
uws.contributor.affiliation1Faculty of Mathematicsen
uws.published.cityWaterlooen
uws.published.countryCanadaen
uws.published.provinceOntarioen
uws.typeOfResourceTexten
uws.peerReviewStatusUnrevieweden
uws.scholarLevelGraduateen


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record


UWSpace

University of Waterloo Library
200 University Avenue West
Waterloo, Ontario, Canada N2L 3G1
519 888 4883

All items in UWSpace are protected by copyright, with all rights reserved.

DSpace software

Service outages