https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
LazyTAP: On-Demand Data Minimization for Trigger-Action Applications
Chalmers University of Technology, Sweden.
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems. Chalmers University of Technology, Sweden.ORCID iD: 0000-0002-6621-8390
Chalmers University of Technology, Sweden.
2023 (English)In: Proceedings - IEEE Symposium on Security and Privacy, vol. 2023, Institute of Electrical and Electronics Engineers Inc. , 2023, p. 3079-3097Conference paper, Published paper (Refereed)
Abstract [en]

Trigger-Action Platforms (TAPs) empower applications (apps) for connecting otherwise unconnected devices and services. The current TAPs like IFTTT require trigger services to push excessive amounts of sensitive data to the TAP regardless of whether the data will be used in the app, at odds with the principle of data minimization. Furthermore, the rich features of modern TAPs, including IFTTT queries to support multiple trigger services and nondeterminism of apps, have been out of the reach of previous data minimization approaches like minTAP. This paper proposes LazyTAP, a new paradigm for fine-grained on-demand data minimization. LazyTAP breaks away from the traditional push-all approach of coarse-grained data over-approximation. Instead, LazyTAP pulls input data on-demand, once it is accessed by the app execution. Thanks to the fine granularity, LazyTAP enables tight minimization that naturally generalizes to support multiple trigger services via queries and is robust with respect to nondeterministic behavior of the apps. We achieve seamlessness for third-party app developers by leveraging laziness to defer computation and proxy objects to load necessary remote data behind the scenes as it becomes needed. We formally establish the correctness of LazyTAP and its minimization properties with respect to both IFTTT and minTAP. We implement and evaluate LazyTAP on app benchmarks showing that on average LazyTAP improves minimization by 95% over IFTTT and by 38% over minTAP, while incurring a tolerable performance overhead. 

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc. , 2023. p. 3079-3097
Keywords [en]
Benchmarking, 'current, Break-away, Data minimizations, Demand data, Fine grained, Minimisation, Non Determinism, On demands, Rich features, Sensitive datas, Sensitive data
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:mdh:diva-63971DOI: 10.1109/SP46215.2023.10179425ISI: 001035501503008Scopus ID: 2-s2.0-85166478340ISBN: 9781665493369 (print)OAI: oai:DiVA.org:mdh-63971DiVA, id: diva2:1788318
Conference
44th IEEE Symposium on Security and Privacy, SP 2023, Hybrid, San Francisco, 22 May 2023 through 25 May 2023
Available from: 2023-08-16 Created: 2023-08-16 Last updated: 2023-09-06Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Hedin, Daniel

Search in DiVA

By author/editor
Hedin, Daniel
By organisation
Embedded Systems
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 148 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf