Sujin Han (KAIST) Diana A. Vasile (Nokia Bell Labs), Fahim Kawsar (Nokia Bell Labs, University of Glasgow), Chulhong Min (Nokia Bell Labs)

Wearable devices, often used in healthcare and wellness, collect personal health data via sensors and share it with nearby devices for processing. Considering that healthcare decisions may be based on the collected data, ensuring the privacy and security of data sharing is critical. As the hardware and abilities of these wearable devices evolve, we observe a shift in perspectives: they will no longer be mere data collectors, rather they become empowered to collaborate and provide users with enhanced insights directly from their bodies with ondevice processing. However, today’s data sharing protocols do not support secure data sharing directly between wearables. To this end, we develop a comprehensive threat model for such scenarios and propose a protocol, SecuWear, for secure real-time data sharing between wearable devices. It enables secure data sharing between any set of devices owned by a user by authenticating devices with the help of an orchestrator device. This orchestrator, one of the user’s devices, enforces access control policies and verifies the authenticity of public keys. Once authenticated, the data encryption key is directly shared between the data provider and data consumer devices. Furthermore, SecuWear enables multiple data consumers to subscribe to one data provider, enabling efficient and scalable data sharing. In evaluation, we conduct an informal security analysis to demonstrate the robustness of SecuWear and the resource overhead. It imposes latency overhead of approximately 1.7s for setting up a data sharing session, which is less than 0.2% for a session lasting 15 minutes.

View More Papers

Passive Inference Attacks on Split Learning via Adversarial Regularization

Xiaochen Zhu (National University of Singapore & Massachusetts Institute of Technology), Xinjian Luo (National University of Singapore & Mohamed bin Zayed University of Artificial Intelligence), Yuncheng Wu (Renmin University of China), Yangfan Jiang (National University of Singapore), Xiaokui Xiao (National University of Singapore), Beng Chin Ooi (National University of Singapore)

Read More

Probe-Me-Not: Protecting Pre-trained Encoders from Malicious Probing

Ruyi Ding (Northeastern University), Tong Zhou (Northeastern University), Lili Su (Northeastern University), Aidong Adam Ding (Northeastern University), Xiaolin Xu (Northeastern University), Yunsi Fei (Northeastern University)

Read More

Ctrl+Alt+Deceive: Quantifying User Exposure to Online Scams

Platon Kotzias (Norton Research Group, BforeAI), Michalis Pachilakis (Norton Research Group, Computer Science Department University of Crete), Javier Aldana Iuit (Norton Research Group), Juan Caballero (IMDEA Software Institute), Iskander Sanchez-Rola (Norton Research Group), Leyla Bilge (Norton Research Group)

Read More

CounterSEVeillance: Performance-Counter Attacks on AMD SEV-SNP

Stefan Gast (Graz University of Technology), Hannes Weissteiner (Graz University of Technology), Robin Leander Schröder (Fraunhofer SIT, Darmstadt, Germany and Fraunhofer Austria, Vienna, Austria), Daniel Gruss (Graz University of Technology)

Read More