Notes on Paper on Augmented Home Inventories: Beyong myopia in smart home security and privacy

Possible audience/conferences/journals:
*IEEE S&P SoK
*IEEE Pervasive Computing https://www.computer.org/pervasive-computing/
*Personal and Ubiquitous Computing (more HCI but not only) http://www.springer.com/computer/hci/journal/779
*Pervasive and Mobile Computing http://www.journals.elsevier.com/pervasive-and-mobile-computing

OUTLINE:
Motivation:        
        IOT work:
                lots of low hanging fruit: focus on the bad
                are there point solutions: device, libraries, programming framework
                holistic framework for describing the problem space
                        position existing work to identify new problems
                
Complicated questions around:
        device interaction
        sharing
        liability
        responsibility
        conflicts
        ownership
        disconnected operation
        homesteading/device autonomy/home sovereignityHard to answer these questions!?

For example:
        It is not clear who bears the responsibility
        Unit of concern that is to be protected is unclear
        
Proposition is to use inventories
        Define the problem space
        As a way to systematize knowledge
        identify gaps
        
Challenges to the Inventory model:
        how do you count
        can you count
        how do you describe how you counted?
        

Todo:
        - audience and conference search
        - seda will research more on inventories and send amterial to nick
        
        


                
Calandrino


Related Literature:
    
*Privacy, Discovery, and Authentication for the Internet of Things
*David J. Wu, Ankur Taly, Asim Shankar, Dan Boneh    
*http://arxiv.org/abs/1604.06959
        
       
*Middleware platform for smart home networks http://www.sciencedirect.com/science/article/pii/B9781782421191000035
*Ishikawa (technologies, social impact and sustainability) (don't have access, search later)
*
*A knowledge-based resource discovery for Internet of Things
*Perera et al. (knowledge based systems)
 
     There are dozens of articles on smart meters and privacy
     Applying crypto, differential privacy etc. I can compile them if needed: YES/NO?
        
       Survey: Choices for interaction with things on Internet and underlying issues
       Mashal et al. (ad hoc networks)
 
 
*Survey: When things matter: A survey on data-centric internet of things
      Qin et al. (journal of network and computer applications) 
       
       Edge Analytics in the Internet of Things
       Satyanarayanan et al. (pervasive computing)
       
       Survey of Security and Privacy Issues of Internet of Things
       Borgohain et al. (arxiv) http://arxiv.org/pdf/1501.02211v1.pdf
       
       
*Big Data Privacy in the Internet of Things Era
*Perera et al. (IT professional)

## Smart Home Frameworks and Infrastructure
*
*The role of smart data in smart home: health monitoring case
*Puustjarvi and Puustjarvi (international conference on advances in information technology)
*
*Privacy-preserving data infrastructure for smart home appliances based on the Octopus DHT
*Fabian and Feldhaus (Computers in Industry)
*
*Exploring the critical quality attributes and models of smart homes (kano model?)
*Luor et al (maturitas)
*
*Challenges in retaining privacy in smart spaces 
*Chau and Little (International conference on ambient systems, networks and technologies)
        
*Risk driven Smart Home resource management using cloud services
*Kirkham et al. (future generation computer systems)
*
*The concept of an ecological smart home network
*Saito (technologies, social impact and sustainability) - couldn't access pdf. need to search
*
*A comprehensive approach to privacy in the cloud-based Internet of Things
*Henze et al (future generation computer systems)
*
*Integration of Cloud computing and Internet of Things: A survey
*Botta et al. (future generation computer systems)
*
*A more human-centric Internet of Things with temporal and spatial context
*Calderon et al. (international conference on ambient systems, networks and technologies)
*
*Security, privacy and trust in Internet of Things: The road ahead
*Sciari et al (computer networks)
*
*Survey on secure communication protocols for the Internet of Things
*Nguyen et al. (ad hoc networks)
*
        
*Autonomic schemes for threat mitigation in Internet of Things
*Ashraf and Habaebi (Journal of Network and Computer Applications)
*
## Smart Home Studies

*Social barriers to the adoption of smart homes
*Balta-Ozkan et al. (Energy Policy)
*
*Modeling users` work activities in a smart home
*Allameh et al (environmental sciences)
*        
## Examples of Future Smart Home applications:
    I added these here so that they can drive our reflections on relevant privacy and security concerns
    
    Unsupervised visit detection in smart homes  
    Aicha et al. (pervasive and mobile computing)
    
*A Framework for Anomaly Diagnosis in Smart Homes Based on Ontology
*Pardo et al, Procedia Computer Science (International Conference on Ambient Systems, networks, and technologies)

*Detecting and exploring deviating behaviour of smart home residents
*Lundstrom et al. (expert systems with applications)

*State of the art of smart homes
    De Silva et al. (engineering applications of artificial intelligence) look for work that cited this work
    
    
For carl:
*    Urban computing in the wild: A survey on large scale participation and citizen engagement with ubiquitous computing, cyber physical systems, and Internet of Things
*    http://www.sciencedirect.com/science/article/pii/S1071581915000488
*
*
Notes from Meeting with Nick June, 2016:
    

nick:

compiling an inventory is more complicated than it seems
        try to figure out what is connected
        what is connected
        what if you have multiple instances
        describing the device: the users, mobility (seda has a whole list of things that are worth evaluating)


ownership of the device
        if the device looses connectivity, what happens? matter of security, privacy, consumer protection, robustness
        what should be the fall back?
                thermostat should still function
        sharing is interesting, too
                would it be good for privacy to comingle behaviors
                spotify: there is all this kids songs
                amazon recommendations
                what happens if you project that into iot
                profiling: privacy issues come up
                
IoT
        parties trying to own the home IoT: samsung, apple, google, microsoft???
        
        
bottom up myopic approaches
        it is good for pointing out the problems that exist: low hanging fruits
        if you are trying to explore the solution space to address the problems that are coming towards us
        
        there are different challenges to the role that devices and the network can play in security and privacy
        vendor/manufacturer vs isp vs consumer
                whose responsibility is it?
                the network, the device, where does the liability ultimately lie?
                is it the consumer? are they responsible for doing some things?
                isp?
                analogies from other areas?
                recall? does it even make sense?
        
blog post for policy stuff?
        technical capabilities may inform the policy recommendations
        here are some end states we would like to get to:
                a reasonable inventory
                        inventory means this and that
                we also need data protection and isolation
                sharing and conflicts
        who bears the responsibility for making these happen given technical constraints?