{"title":"Security and Privacy Vulnerabilities in Human Activity Recognition systems","authors":"V. Liagkou, S. Sakka, C. Stylios","doi":"10.1109/SEEDA-CECNSM57760.2022.9932957","DOIUrl":null,"url":null,"abstract":"Human activity recognition systems (HARS) should allow the secure and trustworthy exchange of sensitive data between several kinds of participating parties with different aims and claims, regarding security, data protection, and trust issues. Initially in this work, a security flaw has been identified in a complete medical IoT application using wearable devices and smart sensors. Then, we list the security vulnerabilities and attempt to make suggestions on the prevention of security flaws that may appear during the implementation of HARS and we analyze a specific attack, the Man in the Middle attack, where a third malicious entity interferes with communication between two entities and is associated with key exchange protocols. Moreover, we discuss various design considerations for protecting the data that is transmitted and stored from different sources like smart wearables, mobile phones, and cloud applications by using cryptographic and privacy-preserving techniques. Finally, we show how the use of the OAuth2.0 protocol can ensure that only authenticated users interact with the HARS.","PeriodicalId":68279,"journal":{"name":"计算机工程与设计","volume":"13 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"计算机工程与设计","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.1109/SEEDA-CECNSM57760.2022.9932957","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Human activity recognition systems (HARS) should allow the secure and trustworthy exchange of sensitive data between several kinds of participating parties with different aims and claims, regarding security, data protection, and trust issues. Initially in this work, a security flaw has been identified in a complete medical IoT application using wearable devices and smart sensors. Then, we list the security vulnerabilities and attempt to make suggestions on the prevention of security flaws that may appear during the implementation of HARS and we analyze a specific attack, the Man in the Middle attack, where a third malicious entity interferes with communication between two entities and is associated with key exchange protocols. Moreover, we discuss various design considerations for protecting the data that is transmitted and stored from different sources like smart wearables, mobile phones, and cloud applications by using cryptographic and privacy-preserving techniques. Finally, we show how the use of the OAuth2.0 protocol can ensure that only authenticated users interact with the HARS.
期刊介绍:
Computer Engineering and Design is supervised by China Aerospace Science and Industry Corporation and sponsored by the 706th Institute of the Second Academy of China Aerospace Science and Industry Corporation. It was founded in 1980. The purpose of the journal is to disseminate new technologies and promote academic exchanges. Since its inception, it has adhered to the principle of combining depth and breadth, theory and application, and focused on reporting cutting-edge and hot computer technologies. The journal accepts academic papers with innovative and independent academic insights, including papers on fund projects, award-winning research papers, outstanding papers at academic conferences, doctoral and master's theses, etc.