Previous Work: Security and Privacy for Wearable and Continuous Sensing Platforms
In this collaborative project, researchers at ICSI, UC Berkeley, and University of Washington are systematically exploring the security and privacy issues brought up by the increasing popularity of wearable computers. The recent demand for devices like Google Glass, smart watches, and wearable fitness monitors suggests that wearable computers may become as ubiquitous as cellphones. Other devices that continuously monitor their environments for input are also becoming popular: the Xbox One accepts voice command, Intel motherboards include cameras for accepting gesture-based commands, and so on. These devices offer many benefits to end-users in terms of realtime access to information, the augmentation of human memory, and new interaction modalities, but they are also likely to introduce new and complex privacy and security problems.
Researchers are addressing three classes of challenges surrounding the privacy and security of continuous sensing platforms: device-to-user, environment-to-device, and device-to-device challenges. As with smartphones, an ecosystem of third-party apps that utilize the rich sensor data create device-to-user security concerns. To preserve privacy, platforms will need to communicate an application’s access to sensitive data, so that users remain in control of their personal information. Similarly, the constant monitoring of audio and video for new commands and contextual cues will create new environment-to-device challenges, including the need to architect platforms that limit application access to sensor data and the emergence of new attack vectors, such as potentially malicious commands embedded in the devices’ environments. Finally, these devices will need to communicate amongst themselves, which creates device-to-device privacy and security concerns. The focus of this project is exploring these new challenges to security and privacy and how they can be mitigated.
Funding provided by NSF. Additional funding provided by Mozilla and Cisco.