Secure and Practical Splitting of IoT Device Functionalities

 Internet-of-things (IoT) devices have rapidly gained popularity in people’s daily lives. While these devices provide many smart functionalities and enable new ap?plications, they raise several security and privacy concerns and practical operational challenges for device users and vendors. With their growing adoption and sheer deployment volumes, IoT devices have become attractive targets for attackers, and many recent security incidents have had broad and serious impacts. Meanwhile, IoT devices can collect a wide range of personal data through sensors and ubiquitous placements. It is an important challenge for device vendors to protect users’ privacy and manage access control properly. In addition, device vendors have to invest heftily in cloud infrastructures to mitigate the limited computation resources on devices. With more and more devices installed in the future, the demand for more computation will also increase.

 We attribute these concerns and challenges of future IoT deployment partially to the predominant monolithic design of IoT devices and applications. Device vendors must take responsibility for many tasks, including managing device security, protecting user data privacy, and maintaining cloud infrastructure efficiently. However, device vendors mainly focus on building compelling applications to attract more users. Therefore, they have to prioritize certain tasks over other responsibilities, given their limited engineering resources. As a result, the current monolithic design leads to many vulnerabilities, security incidents, and inefficiencies. 

In this thesis, we argue that by combining formal security analyses and performance optimizations, we can achieve a separation of concerns and offload many high-level IoT functionalities to third-party services, improving IoT devices’ security and privacy while minimizing performance impacts. In particular, we design three systems — TEO, CAPTURE, and VERISPLIT — to showcase the benefits of functionality splitting. Each of these systems delivers strong security and practicality guarantees. We demonstrate their feasibility and effectiveness with prototype implementations and evaluations using various smart home applications. Overall, these systems present several novel techniques towards enabling secure and practical functionality splitting for IoT devices