Defence Against Dark Artefacts: An Analysis of the Assumptions Underpinning Smart Home Cybersecurity Standards
16 Pages Posted: 15 Oct 2019
Date Written: October 3, 2019
As part of the EPSRC Defence Against Dark Artefacts (DADA) project, this paper analyses the assumptions underpinning a range of smart home cybersecurity standards. We use case studies (such as the Mirai Botnet affair) and the criminological concept of ‘routine activity theory’ to situate our analysis. Our study shows that current cybersecurity standards mainly assume smart home environments are underpinned by cloud architectures, which is a shortcoming. This paper argues that edge computing approaches, such as those typified by the Databox system, are emerging and challenge the cloud focused assumptions of these standards. In edge computing, data is stored at the edge of the network, locally on the device, which can have advantages for security, privacy and legal compliance, over cloud-based approaches. As a consequence, standards should start to reflect the increased interest in this trend to make them more aspirational and show other data architectures are possible that can benefit designers and citizens. We hope that our paper may influence researchers, policy makers and IoT stakeholders to work towards the adoption of edge computing models, to better manage external cyber-criminality threats in smart homes. We also briefly discuss that standards currently do not account for the complex nature of everyday life in the home. In addition to technical aspects, the social and interactional complexities of the home mean internal threats can emerge too.
Keywords: Internet of Things, smart homes, standards, security, safety, cloud, architecture, Databox
Suggested Citation: Suggested Citation