“他们都在推销产品和闪亮的东西,而不是基本的安全”:绘制智能家居安全中的社会技术挑战

Jiahong Chen, Lachlan D. Urquhart
{"title":"“他们都在推销产品和闪亮的东西,而不是基本的安全”:绘制智能家居安全中的社会技术挑战","authors":"Jiahong Chen, Lachlan D. Urquhart","doi":"10.1080/13600834.2021.1957193","DOIUrl":null,"url":null,"abstract":"ABSTRACT Insecure connected devices can cause serious threats not just to smart home-owners, but also the underlying infrastructural network. There has been increasing academic and regulatory interest in addressing cybersecurity risks from both the standpoint of IoT vendors and that of end-users. In addition to the current data protection and network security legal frameworks, for example, the UK government has initiated the ‘Secure by Design’ campaign. While there has been work on how organisations and individuals manage their own cybersecurity risks, it remains unclear to what extent IoT vendors are supporting end-users to perform day-to-day management of such risks, and what is stopping the vendors from improving such support. We interviewed 13 experts in the field of IoT and identified three main categories of barriers to making IoT products useably secure: technical, legal and organisational. In this paper we further discuss the policymaking implications of these findings and make some recommendations.","PeriodicalId":44342,"journal":{"name":"Information & Communications Technology Law","volume":null,"pages":null},"PeriodicalIF":1.8000,"publicationDate":"2021-05-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/13600834.2021.1957193","citationCount":"3","resultStr":"{\"title\":\"‘They’re all about pushing the products and shiny things rather than fundamental security’:Mapping socio-technical challenges in securing the smart home\",\"authors\":\"Jiahong Chen, Lachlan D. Urquhart\",\"doi\":\"10.1080/13600834.2021.1957193\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ABSTRACT Insecure connected devices can cause serious threats not just to smart home-owners, but also the underlying infrastructural network. There has been increasing academic and regulatory interest in addressing cybersecurity risks from both the standpoint of IoT vendors and that of end-users. In addition to the current data protection and network security legal frameworks, for example, the UK government has initiated the ‘Secure by Design’ campaign. While there has been work on how organisations and individuals manage their own cybersecurity risks, it remains unclear to what extent IoT vendors are supporting end-users to perform day-to-day management of such risks, and what is stopping the vendors from improving such support. We interviewed 13 experts in the field of IoT and identified three main categories of barriers to making IoT products useably secure: technical, legal and organisational. In this paper we further discuss the policymaking implications of these findings and make some recommendations.\",\"PeriodicalId\":44342,\"journal\":{\"name\":\"Information & Communications Technology Law\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.8000,\"publicationDate\":\"2021-05-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1080/13600834.2021.1957193\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information & Communications Technology Law\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/13600834.2021.1957193\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"LAW\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information & Communications Technology Law","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/13600834.2021.1957193","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}
引用次数: 3

摘要

摘要连接不安全的设备不仅会对智能家居用户造成严重威胁,还会对底层基础设施网络造成严重威胁。从物联网供应商和最终用户的角度来看,学术界和监管部门对解决网络安全风险越来越感兴趣。例如,除了当前的数据保护和网络安全法律框架外,英国政府还发起了“设计安全”运动。虽然已经就组织和个人如何管理自己的网络安全风险进行了研究,但目前尚不清楚物联网供应商在多大程度上支持最终用户对此类风险进行日常管理,以及是什么阻止了供应商改进此类支持。我们采访了物联网领域的13位专家,确定了使物联网产品安全使用的三大障碍:技术、法律和组织。在本文中,我们进一步讨论了这些发现对政策制定的影响,并提出了一些建议。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
‘They’re all about pushing the products and shiny things rather than fundamental security’:Mapping socio-technical challenges in securing the smart home
ABSTRACT Insecure connected devices can cause serious threats not just to smart home-owners, but also the underlying infrastructural network. There has been increasing academic and regulatory interest in addressing cybersecurity risks from both the standpoint of IoT vendors and that of end-users. In addition to the current data protection and network security legal frameworks, for example, the UK government has initiated the ‘Secure by Design’ campaign. While there has been work on how organisations and individuals manage their own cybersecurity risks, it remains unclear to what extent IoT vendors are supporting end-users to perform day-to-day management of such risks, and what is stopping the vendors from improving such support. We interviewed 13 experts in the field of IoT and identified three main categories of barriers to making IoT products useably secure: technical, legal and organisational. In this paper we further discuss the policymaking implications of these findings and make some recommendations.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
3.10
自引率
0.00%
发文量
17
期刊介绍: The last decade has seen the introduction of computers and information technology at many levels of human transaction. Information technology (IT) is now used for data collation, in daily commercial transactions like transfer of funds, conclusion of contract, and complex diagnostic purposes in fields such as law, medicine and transport. The use of IT has expanded rapidly with the introduction of multimedia and the Internet. Any new technology inevitably raises a number of questions ranging from the legal to the ethical and the social. Information & Communications Technology Law covers topics such as: the implications of IT for legal processes and legal decision-making and related ethical and social issues.
期刊最新文献
When objects betray you: the Internet of Things and the privilege against self-incrimination From object obfuscation to contextually-dependent identification: enhancing automated privacy protection in street-level image platforms (SLIPs) Balancing the autonomy and protection of children: competency challenges in data protection law Fidelity in legal coding: applying legal translation frameworks to address interpretive challenges The role of corporate social responsibility in the regulation of OTT platforms: the case of film industry and Turkish corporate law
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1