Opinion: Security Lifetime Labels -- Overcoming Information Asymmetry in Security of IoT Consumer Products

Morgner P, Freiling F, Benenson Z (2018)


Publication Type: Conference contribution

Publication year: 2018

Publisher: Association for Computing Machinery, Inc

Edited Volumes: WiSec 2018 - Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks

Pages Range: 208-211

Conference Proceedings Title: Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec'18)

Event location: Stockholm, Sweden

ISBN: 978-1-4503-5731-9

URI: https://dl.acm.org/citation.cfm?id=3212486

DOI: 10.1145/3212480.3212486

Abstract

The installed base of Internet of Things (IoT) consumer products is steadily increasing, in conjunction with the number of disclosed security vulnerabilities in these devices. In this paper, we share the opinion that strong security measures are necessary but IoT security cannot solely be improved by means of sophisticated technical solutions. From our point of view, economic incentives for the manufacturers have to be established through enabling consumers to reward security. This is currently not the case, as an asymmetric information barrier prevents consumers from assessing the level of security that is provided by IoT products. As a result, consumers are not willing to pay for a comprehensive security design as they cannot distinguish it from insufficient security measures. Learning from regulatory approaches that overcame information asymmetries about other non-functional properties in consumer products, e.g., energy labels to compare the power consumption, we propose security lifetime labels, a mechanism that transforms security into an accessible feature and enables consumers to make informed buying decisions. Focusing on the delivering of security updates as an important aspect of enforcing IoT security, we aim to transform the asymmetric information about the manufacturers' willingness to provide security updates into a label that can be assessed by the consumers.

Authors with CRIS profile

How to cite

APA:

Morgner, P., Freiling, F., & Benenson, Z. (2018). Opinion: Security Lifetime Labels -- Overcoming Information Asymmetry in Security of IoT Consumer Products. In Proceedings of the 11th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec'18) (pp. 208-211). Stockholm, Sweden: Association for Computing Machinery, Inc.

MLA:

Morgner, Philipp, Felix Freiling, and Zinaida Benenson. "Opinion: Security Lifetime Labels -- Overcoming Information Asymmetry in Security of IoT Consumer Products." Proceedings of the WiSec'18, Stockholm, Sweden Association for Computing Machinery, Inc, 2018. 208-211.

BibTeX: Download