Study of Security Requirement of Smart Home Hub through Threat Modeling Analysis and Common Criteria
|
|
Park, Jae-Hyeon
(Center for Information Security Technologies(CIST), Korea University)
Kang, Soo-young (Center for Information Security Technologies(CIST), Korea University) Kim, Seung-joo (Center for Information Security Technologies(CIST), Korea University) |
| 1 | National Information Sociery Agency, "Home IoT Market Analysis and Implications," [Internet], Oct. 2016. http://www.nia.or.kr/site/nia_kor/ex/bbs/View.do?cbIdx=39485&bcIdx=18078&parentSeq=18078 |
| 2 | WikiLeaks, "Weeping Angel (Extending) Engineering Notes," [Internet], June 2014. https://wikileaks.org/ciav7p1/cms/pag e_12353643.html |
| 3 | Anne Bucher, "SAMSUNG CLASS ACTIO N LAWSUIT SAYS SMART TVS SPY ON CONSUMERS," TOP CLASS ACTIONS, Mar. 2017. https://topclassactions.co m/lawsuit-settlements/lawsuit-news/543 320-samsung-class-action-lawsuit-says-smart-tvs-spy-consumers/ |
| 4 | Christopher Burgess, "How Easy Is It to Hack Your Baby's Monitor? Very Easy!," Huffingtonpost, Sep. 2015. https://www.huffingtonpost.com/en-try/how-easy-is-it-to-hack-your_b_8173274.html |
| 5 | Huffingtonpost, "They take pictures with a peek at their private lives... 30 Prosec utions for hacked IP Camera," Huffington post, Nov. 2017. http://www.huffingtonp ost.kr/2017/11/01/story_n_18443668.html |
| 6 | Ministry of the Interior and Safety, "Personal Information Protection Act," Act No. 14107, July 2017. |
| 7 | Dae-man Han, Jae-hyun Lim, "Smart Home Energy Management System using IEEE 802.15.4 and Zigbee", IEEE Transactions on Consumer Electronics, vol. 56, no. 3, pp. 1403-1410, Oct. 2010. DOI |
| 8 | Rosslin John Robles, Tai-hoon Kim, "Application, Systems and Methods in Smart Home Technology: A Review", International Journal of Advanced Science and Technology, vol.15, pp. 37-48, Feb. 2010. |
| 9 | Oxford University Press, "Definition of smart home," [Internet], https://en.oxforddictionaries.com/definition/smart_home |
| 10 | H. Strese, U. Seidel, T. Knape, and A. Botthof, "Smart Home in deutschland," Institut fur Innovation und Technik (iit), pp. 8-11, May 2010. |
| 11 | Michael Schiefer, "Smart Home definition and security Threats," 2015 9th IEEE International Conference on IT Security Incident Management & IT Forensics(IMF), pp. 114-118, May 2015. |
| 12 | A. Tekeoglu, A.S. Tosun, " Investigating Security and Privacy of a Cloud-Based Wireless IP Camera : NetCam," 2015 24th IEEE International Conference on Computer Communication and Networks (ICCCN), pp. 1-6, Aug. 2015. |
| 13 | Tobias Zillner, Sebastian Strobl, "Zigbee Exploited : The Good, the Bad, and the Ugly," [Internet], Aug. 2015. https://www.blackhat.com/docs/us-15/materials/us-15-Zillner-ZigBee-Exploited-The-Good-The-Bad-And-The-Ugly-wp.pdf |
| 14 | Joseph Hall, "Breaking Bulbs Briskly by Bogus Broadcasts," [Internet], Feb. 2016. https://www.youtube.com/watch?v=EDzxMfx1v5Q |
| 15 | Dimitris Geneiatakis, Ioannis Kounelis, Ricardo Neisse, Igor Nai-Fovino, Gary Steri, and Gianmarco Baldini, "Security and Privacy Issues for an IoT based Smart Home," 2017 40th IEEE Internatioal Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 1292-1297, May 2017. |
| 16 | Billy Rios, Jonathan Butts, "WHEN IOT ATTACKS : UNDERSTANDING THE SAFETY RISKS ASSOCIATED WITH CONNECTED DEVICES," [Internet], July 2017. https://www.blackhat.com/docs/us-1 7/wednesday/us-17-Rios-When-IoT-Attac ks-Understanding-The-Safety-Risks-Associated-With-Connected-Devices.pdf |
| 17 | Thomas Branstetter, "(IN)SECURITY IN BUILDING AUTOMATION : HOW TO CREATE DARK BUILDINGS WITH LIGHT SPEED," July 2017. https://www.black hat.com/docs/us-17/wednesday/us-17-Brandstetter-insecurity-In-Building-Automation-How-To-Create-Dark-Buildings-With-Light-Speed.pdf |
| 18 | Smart Home USA, "WHAT IS A SMART HOME?," [Internet], https://www.smarthomeusa.com/smarthome/ |
| 19 | Kristian Beckers, "Comparing Privacy Requirements Engineering Approaches," 2012 7th IEEE International Conference on Availability, Reliability and Security(ARES), pp. 574-581, Aug. 2012. |
| 20 | Annanda Thavymony Rath, Jean-Noel Colin, "Strengthening Access Control in case of Compromised Accounts in Smart Home," 2017 IEEE Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 1-8, Oct. 2017. |
| 21 | Adam Shostack, Threat Modeling : Designing for Security, John Wiley & Sons, 2014. |
| 22 | Kim Wults, Wouter Joosen, "LINDDUN privacy threat modeling : a tutorial," CW685, Department of Computer Science, KU Leuven, July 2015. |
| 23 | Common Criteria Recognition Arrangement, "Common Criteria for Information Technology Security Evaluation Part 1 : Introduction and general model," CCMB-2017-04-001, Apr. 2017. |
| 24 | Mina Deng, Kim Wuyts, Riccardo Scandariato, Bart Preneel, and Wouter Joosen, "A privacy threat analysis framework : supporting the elicitation and fulfillment of privacy requirements," Requirement Engineering - Special Issue on Digital privacy : theory, policies and technologies, vol. 16, no. 2, pp. 3-32, Mar. 2011. |
| 25 | Kim Wults, Riccardo Scandariato, and Wouter Joosen, "LINDDUN privacy threat tree catalog," CW675, Department of Computer Science, KU Leuven, Sep. 2014. |
| 26 | Microsoft, "Chapter 3. Threat Modeling," [Internet], https://msdn.microsoft.com/en-us/library/ff648644.aspx, June 2003. |
| 27 | Common Criteria Recognition Arrangement, "Common Criteria for Information Technology Security Evaluation Part 2 : Security functional components," CCMB-2017-04-002, Apr. 2017. |
| 28 | Common Criteria Recognition Arrangement, "Common Criteria for Information Technology Security Evaluation Part 3 : Security assurance components," CCMB-2017-04-003, Apr. 2017. |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
