Task automation systems (TAS) allow users to customize the behaviour of their smart devices according to their daily and personal needs. However, they do not address the security and privacy threats that can arise from the use and composition of smart devices. To democratize cybersecurity in smart environments, TASs should enable both experts and novices to protect their devices from external threats. This paper reports a study that investigated the mental models of cybersecurity novices and experts when defining security policies using the trigger-action paradigm provided by TAS. The results of this study guided the design of prototype solutions that extend a TAS, called EFESTO-5W, to allow both experts and lay users to define the security policies for IoT devices.
Task Automation Systems to Secure Smart Environments
Breve B.;Deufemia V.
2023-01-01
Abstract
Task automation systems (TAS) allow users to customize the behaviour of their smart devices according to their daily and personal needs. However, they do not address the security and privacy threats that can arise from the use and composition of smart devices. To democratize cybersecurity in smart environments, TASs should enable both experts and novices to protect their devices from external threats. This paper reports a study that investigated the mental models of cybersecurity novices and experts when defining security policies using the trigger-action paradigm provided by TAS. The results of this study guided the design of prototype solutions that extend a TAS, called EFESTO-5W, to allow both experts and lay users to define the security policies for IoT devices.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.