• español
    • English
  • Login
  • español 
    • español
    • English
  • Tipos de Publicaciones
    • bookbook partconference objectdoctoral thesisjournal articlemagazinemaster thesispatenttechnical documentationtechnical report
Ver ítem 
  •   IMDEA Networks Principal
  • Ver ítem
  •   IMDEA Networks Principal
  • Ver ítem
JavaScript is disabled for your browser. Some features of this site may not work without it.

Analysis of security and data control in smart personal assistants from the user’s perspective

Compartir
Ficheros
2023fgcs-spa.pdf (2.031Mb)
Identificadores
URI: https://hdl.handle.net/20.500.12761/1671
DOI: 10.1016/j.future.2023.02.009
Metadatos
Mostrar el registro completo del ítem
Autor(es)
Valero, Cayetano; Pérez, Jaime; Solera-Cotanilla, Sonia; Vega-Barbas, Mario; Suarez-Tangil, Guillermo; Alvarez-Campana, Manuel; López, Gregorio
Fecha
2023
Resumen
Advances in the fields of the Internet of Things, Speech Recognition and Artificial Intelligence have facilitated the development of Smart Personal Assistants. As a result, Smart Personal Assistants currently allow requesting a wide range of tasks naturally and intuitively through voice interaction. Their wide popularity, together with the high technological complexity of their environments, have made them an attractive target from a security point of view. Recent works have shown some of the security and privacy issues they stand upon. In this work, we propose a methodology to carry out a systematic security analysis of Smart Personal Assistants using a comprehensive set of tests designed to measure issues around the installation, the interaction, key functionality, and overall Security and Privacy controls. We apply this methodology to analyze security and data control in predominant commercial Smart Personal Assistants (SPA), including Apple HomePod, Google Home and Nest, Amazon Echo (Show and Dot), and Facebook Portal. The main findings of our research are: (i) SPA are not resilient to voice replay attacks; (ii) their skills activation mechanisms can be significantly improved to be more reliable in multi-user households; (iii) the users’ control to restrict the collection and access of Personally Identifiable Information can be also improved; (iv) they lack configurations adapted to minors, which should be included to make them more appropriate for a segment of users who interact more and more with them and have especially high regulatory requirements regarding security and data protection. Among the many hot research topics within this area, we find voice authentication and authorization especially interesting since they may push the usability of Smart Personal Assistants further, as long as they are robust enough from the security perspective.
Compartir
Ficheros
2023fgcs-spa.pdf (2.031Mb)
Identificadores
URI: https://hdl.handle.net/20.500.12761/1671
DOI: 10.1016/j.future.2023.02.009
Metadatos
Mostrar el registro completo del ítem

Listar

Todo IMDEA NetworksPor fecha de publicaciónAutoresTítulosPalabras claveTipos de contenido

Mi cuenta

Acceder

Estadísticas

Ver Estadísticas de uso

Difusión

emailContacto person Directorio wifi Eduroam rss_feed Noticias
Iniciativa IMDEA Sobre IMDEA Networks Organización Memorias anuales Transparencia
Síguenos en:
Comunidad de Madrid

UNIÓN EUROPEA

Fondo Social Europeo

UNIÓN EUROPEA

Fondo Europeo de Desarrollo Regional

UNIÓN EUROPEA

Fondos Estructurales y de Inversión Europeos

© 2021 IMDEA Networks. | Declaración de accesibilidad | Política de Privacidad | Aviso legal | Política de Cookies - Valoramos su privacidad: ¡este sitio no utiliza cookies!