Security researchers are looking to develop a new privacy label that would apply to IoT devices, allowing prospective customers to judge the security and privacy features of new hardware quickly.
One of the weak links of the IoT ecosystems is the lack of a unified security standard, and it’s unlikely that one will emerge any time soon. Until that happens, if ever, customers need a way to tell if their planned purchase is secure.
A team of researchers in Carnegie Mellon University’s CyLab published a new study in the proceedings of the IEEE Symposium on Security & Privacy. They detailed a new prototype security and privacy “nutrition label” designed specifically for IoT devices.
“Survey results show that the vast majority of people are concerned about the security and privacy practices of devices, so we need to provide them with this information,” says CyLab’s Pardis Emami-Naeini, the study’s lead author. “The display of this information should be concise and understandable, akin to a nutrition label on food products.”
The label would be displayed on the side of the box, showing all the details a user could be interested in, including what type of data is collected and for what purpose, along with a QR code. Scanning the code unlocks the second level of information containing up to 47 pieces of information about the security and privacy aspects.
The team also creates an IoT label generator that lets manufacturers quickly generate the labels, in a way that respects the agreed-upon protocols. Still, the project is in the prototype phase, and the team is trying to persuade various companies to implement this label. Unfortunately, since there are no regulations in this area, companies will have to willingly agree to display it.
tags
Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.
View all postsNovember 14, 2024
September 06, 2024