Fix the leaking tap: A survey of Trigger-Action Programming (TAP) security issues, detection techniques and solutions

The Internet of Things (IoT) connects all emerging devices and services while creating interactions between people and things. Allowing users to match devices and services by causal relationship, Trigger-Action Programming (TAP) is a common user-programming paradigm in IoT smart home platforms. Thus...

Full description

Saved in:
Bibliographic Details
Published in:Computers & security Vol. 120; p. 102812
Main Authors: Chen, Xuyang, Zhang, Xiaolu, Elliot, Michael, Wang, Xiaoyin, Wang, Feng
Format: Journal Article
Language:English
Published: Elsevier Ltd 01.09.2022
Subjects:
IFTTT
Internet of things
Smartthings
TAP security
Trigger-Action Programming
Trigger-Action Programming
Internet of things
Smartthings
IFTTT
TAP security
ISSN:0167-4048, 1872-6208
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The Internet of Things (IoT) connects all emerging devices and services while creating interactions between people and things. Allowing users to match devices and services by causal relationship, Trigger-Action Programming (TAP) is a common user-programming paradigm in IoT smart home platforms. Thus, the security issues of TAP need to be addressed to ensure the privacy and security of data and human safety. This paper summarizes the existing literature on 1) security issues caused by different types of logical errors found in TAP rules and the vulnerabilities on well-known TAP platforms, and 2) the corresponding detection techniques and solutions that are classified based on different types of approaches adopted (e.g., Model Checking and Natural Language Processing). Finally, we summarized the datasets from literature or publicly available on the Internet in a separate section for potential reference of future TAP security research.
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2022.102812