Authorization model for home automation
by Paul Madsen - Senior Technical Architect, Ping Identity - Thursday, 19 June 2014.
Smartphones promise to play an important role in the management and control of Home Automation (HA) solutions. When things and devices have either no or a constrained user interface (UI), the phone’s display becomes more and more relevant to managing devices. Additionally, new capabilities for biometric authentication to the phone such as Apple’s Touch ID will help secure these management features.

Apple’s recent announcement of their HA framework HomeKit in iOS 8 positions the user’s iPhone or iPad as the control point for the home’s devices (at least those that are HomeKit compatible). Using an iPhone to manage and control devices to some extent mitigates the current lack of interoperability between different HA platforms - who needs a standard when Apple can define their own protocol and expect hardware manufacturers to adhere to it (de jure versus de facto).

For consumers, seeing the ‘iPhone compatible’ logo on the smart lock they are considering purchasing will likely assuage any fears of setup and configuration and so HomeKit may well kick start the HA space for the mass market.

Apple has yet to release the full details of HomeKit, but the expectation is that the iPhone will communicate to the devices using BLE (peer-to-peer) or Wi-Fi (if on same network). The assumption that the phone is actually in the household highlights a fundamental challenge with the idea of using a phone as the controller - what do the devices do when the controller is not inside the house to direct them? Sit around twiddling their rhetorical thumbs waiting patiently?

Related, in its press for HomeKit, Apple uses the example of being able to tell Siri to ‘turn on the lights in the living room.’ Contrast this with the house and its devices working out when to turn on/off the living room lights - either through Nest style learning or explicit rules defined by the homeowner. (To be fair the HomeKit documentation does refer to triggers, these may well be a hook that would enable a ‘if event [X] then action [Y]’ sort of logic.)

Taken together, HomeKit’s seeming presumption of 1) ‘user in the house’ and 2) ‘user initiates actions’ creates a relatively ‘manual’ HA model - and enabling a set of use cases that might collectively be characterized as ‘I’m too lazy to get off the couch.’

The full value of HA will never be realized if the expectation is that we the user, must be directly involved in every interaction our things (our thermostats, our toasters, our TVs) perform. HA is more than a ‘universal remote’. Our things must be able to act on our behalf, whether or not we actively initiate the operation or even are physically present in the house. And of course, critically, ‘on our behalf’ implies that we stay in control throughout the various stages of the thing’s lifecycle - initial setup, ongoing operation, and eventual powering down and recycling.

This requirement, that computing devices be authorized and empowered to act on behalf of specific human users in ways that are consistent with the user’s wishes is not new - a relatively recent manifestation is how one online provider is able to query and manipulate our data maintained by some other online provider. For instance, a financial aggregator pulling my banking and investment information together for analysis, or a homeowner sharing their hydro consumption data with a third-party for tips on how to save.


Critical bug found in Cisco ASA products, attackers are scanning for affected devices

Several Cisco ASA products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th