Research Areas:

Computers are now integrating into everyday objects, from medical devices to children’s toys. Most consumers are unaware that these devices are constantly collecting, storing, or disclosing their personal information. Bringing these connected devices into the home particularly raises important issues of privacy and security.

Project Resources

  • Tyche: A Risk-Based Permission Model for Smart Homes

    In this paper, presented at the 2018 IEEE Cybersecurity Development Conference (SecDev 2018), a team with Lab researchers presents Tyche, a secure development methodology to limit the risk that apps pose to smart home users.

    Research Paper
  • Decentralized Action Integrity for Trigger-Action IoT Platforms

    This paper, presented at the Network and Distributed System Security Symposium (NDSS) 2018, introduces Decentralized Action Integrity, a security principle that prevents an untrusted trigger-action platform from misusing compromised OAuth tokens in ways that are inconsistent with any given user’s set of trigger-action rules.

    Research Paper
  • Rethinking Access Control and Authentication for the Home Internet of Things

    Computing is transitioning from single-user devices to the Internet of Things, in which multiple users with complex social relationships interact with a single device. In this paper from the 12th USENIX Workshop on Offensive Technologies (WOOT 2018), a team with Lab researchers begin re-envisioning access control and authentication for such settings in the home IoT.

    Research Paper
  • Computer Security and the Internet of Things – Faculty Co-Director Tadayoshi Kohno presents at Usenix Enigma 2016

    Tech Policy Lab Faculty Co-Director Kohno's talk explored case studies in the design and analysis of computer systems for several types of everyday objects, including wireless medical devices, children's toys, and automobiles.

  • Tech Policy Lab Co-Directors Quoted in FTC Report on the Internet of Things

    In 2013 the FTC hosted a workshop on The Internet of Things: Privacy and Security in a Connected World where Lab Faculty Directors Ryan Calo and Yoshi Kohno participated in panels. The below report includes Co-Director Kohno’s recommendation that security should be designed into every IoT product, at every stage of development, including early on in the design cycle of a technology.


Past Events

  • Start with Security — Seattle

    The Lab co-sponsored the FTC Start with Security Conference, an initiative to provide companies with practical tips and strategies for implementing effective data security.