"Researchers Propose Ephemeral Approach to IoT Privacy"

An Internet of Things (IoT) device is likely collecting data about its user. The fact that many of these devices collect data on everyone around, regardless of whether they are the device owners or not, further compounds the possibility that this data may be sensitive. CyLab researchers' new work aims to tackle precisely this problem. The researchers have proposed a new model of ownership called IoT Ephemeral Ownership (TEO). Although IoT and smart devices, in general, have grown in popularity over the past few years, the majority of systems and research efforts so far have focused on private smart homes. However, IoT is becoming more prevalent in shared spaces such as offices, conference rooms, and temporary housing. Smart home management systems are inadequate for dealing with the complexities of these environments. While owners of smart devices can currently create "guest" accounts, the owners retain control over the data generated, not the guests. TEO addresses this issue by dividing the traditional holistic role of the device owner into two parts. The model enables stakeholders to quickly register with an IoT device for a limited time, effectively claiming co-ownership of the sensitive data generated by the device. The IoT device's sensitive data is encrypted and accessible only to individuals who have obtained explicit permission from the data's co-owners. The goal is to protect ephemeral owners, or actual device users, by giving them complete control over the device and the data it collects while in use. This article continues to discuss the TEO approach to bolstering IoT device privacy. 

CyLab reports "Researchers propose ephemeral approach to IoT privacy"