Palanivel A. Kodeswaran

Securing Enterprise Data on Smartphones Using Run Time Information Flow Control

There is an increasing penetration of smart phones within enterprises. Most smart phone users now run both enterprise as well as personal applications simultaneously on their phones. However, most of the personal apps that are downloaded from public market places are hardly tested for enterprise grade security, and there have been instances of malware appearing in public markets that steal sensitive user information. Smart phone platforms such as Android require users to explicitly provide permissions to applications at install time, yet lack run time monitoring of permission usage by applications. In this paper, we present a framework for the run time enforcement of privacy policies on smart phones, in particular, protecting the privacy of enterprise data on smart phones. Our privacy policies are defined in terms of permissible information flows on the phone during different contexts. This arms users with finer grained control over information access by different applications. In our policy framework, an information flow is defined based on the entities involved in the corresponding inter-process communication(IPC) viz, the caller, callee and the associated IPC data. The information flow policy specifies the conditions under which an IPC flow may be permitted (or denied). Our system tracks information flows at run time and enforces that only flows satisfying all the current policies are permitted on the phone. We describe the design and implementation of our policy based framework in Android, and present performance evaluation results measuring the overhead imposed by our framework.

Idea: A System for Efficient Failure Management in Smart IoT Environments

IoT enabled smart environments are expected to proliferate significantly in the near future, particularly in the context of monitoring services for wellness living, patient healthcare and elderly care. Timely maintenance of failed sensors is of critical importance in such deployments to ensure minimal disruption to monitoring services. However, maintenance of large and geographically spread deployments can be a significant challenge. We present Idea that significantly increases the vtime-before-repair for a smart home deployment, thereby reducing the maintenance overhead. Specifically, our approach leverages the facts that (a) there is inherent sensor redundancy when combinations of sensors monitor activities of daily living (ADLs) in smart environments, and (b) the impact of each sensor failure depends on the activities being monitored and the functional redundancy afforded by rest of the heterogeneous sensors available for detecting the activities. Consequently, Idea identifies homes that need to be fixed based on expected degradation in ADL detection performance, and optimizes maintenance scheduling accordingly. We demonstrate that our approach leads to 3--40 times fewer maintenance personnel than a scheme in which failed sensors are fixed without considering their impact.

Demultiplexing activities of daily living in IoT enabled smarthomes

Powered by the emergence of the Internet of Things, smart homes containing a variety of sensors and actuators are expected to monitor and react to the activities of the residents with the goal of improving convenience, comfort and safety. However, in typical home settings, each human Activity of Daily Living (ADL) generates events from multiple sensors, and each sensor is triggered by multiple ADLs. Consequently, achieving high detection accuracy in these complex environments requires large amounts of training data for every possible multiplexing scenario, making it a complex problem. In this paper, we propose a data driven three-step de-multiplexing approach that simplifies the ADL recognition problem by first segmenting the event stream into periods of interest, before feeding to a classifier. We mine datasets to identify salient features which allow us to achieve a good segmentation. Extensive evaluation on ten public datasets shows that our approach achieves upto 77% segmentation accuracy, and a activity detection accuracy within 91% of the best possible.

M4M: A model for enabling social network based sharing in the Internet of Things

The true potential of the Internet of Things (IoT) will be realized only when devices are able to harness the collective capabilities of a wide range of peer-devices. In this paper, we propose a novel model where friends in a social network can share device capabilities with their peers in an access controlled manner. We develop a theoretical model of such a peer-to-peer network in which devices can search for remote capabilities, and elaborate on the trade-offs of different algorithms in terms of capability searching and execution. We study various types of social network models to understand the degree of sharing in such networks. Our results show that Barabási-Albert graphs that approximate most real world social networks have a high degree of sharing, validating the utility of our social network based model. We also propose an algorithm that takes any given network and augments it to increase the level of sharing by intelligently suggesting friendship recommendations among vertices. Finally, we describe the prototype implementation of an android mobile application that uses facebook APIs to allow smartphones share GPS and camera capabilities with other devices owned by friends.

Polite: A policy framework for building managed mobile apps

The proliferation of smart phones inside enterprises and the number of enterprise apps (applications) available for various smart phone platforms has been increasing. This trend is expected to continue as smart phones tend to become the device of choice to access both enterprise and personal data. Making enterprise sensitive data accessible on smart phones requires that adequate protection mechanisms be available on these devices to ensure that sensitive data is not compromised due to various reasons, such as employees losing phones to malicious apps (installed by the user) running on the phones. Most of the existing solutions either provide device level control or have an external agent monitoring the applications behavior, and has numerous limitations. In this paper we propose a framework, Polite, to build enterprise mobile apps that can be managed at run-time, which is less intrusive to the end user while providing stronger security guarantees to the enterprise. We describe several critical scenarios where controlling the run time behavior of apps on the phone is essential and how our architecture can provide security guarantees that are not possible with existing solutions. Performance results of our implementation indicate that our framework induces a minimal overhead of only 6% that may be acceptable for most enterprise mobile apps.

Combining smart phone and infrastructure sensors to improve security in enterprise settings

There is an increasing trend among employees to bring in their own personal device to work, thereby making the enterprise more vulnerable to security attacks such as data leakage from phones. Additionally, users are increasingly running phone apps in a mixed-mode i.e. both for enterprise and personal commitments. For example, phone cameras and microphones are used to record business meetings, often resulting in the case that both employers and employees become unaware of the existence of business data on the phone at a later point in time. The lack of employer control over personal devices raises enterprise data leakage threats, when an employees phone is lost or stolen. In this paper we describe a system that leverages sensors available on the phone as well as on the enterprise infrastructure to identify business data resident on the phone for further secure handling. Office spaces have traditionally been instrumented with badge swipe readers, cameras, wifi access points etc. that can be used to provide passive sensory data about employees. For example, badge swipes can be used provide approximate location information of an employee where as calendar entries provide information about their schedule and activities. We propose a distributed architecture that leverages the context of the user for speculatively identifying enterprise data from personal data. The basic idea is to understand whether a user is engaged in enterprise or personal work by inferring her context from a combination of phone and infrastructure sensors. The contextual attributes in our system, such as location, can be sourced from a plurality of sensors on the phone as well as on the infrastructure. We exploit this diversity and propose a cost optimized distributed rule execution framework that chooses the optimal set of predicates to sense on the phone as well as on the infrastructure to reduce sensing cost. Furthermore, the framework also chooses the appropriate site for rule evaluation, either on the infrastructure or phone, to optimize for network transfer cost incurred due to shipping of sensed predicates between the two sites. Combined together,the above two optimizations reduce the battery drain caused due to context inferencing on the phone.