Computers are being embedded in home appliances at a rapidly accelerating pace. As a result, devices, applications, and services in smart homes can be augmented with novel features and sensing capabilities that enhance users' interaction in everyday life. At the same time, such devices are capable of collecting potentially sensitive data (e.g., a smart thermostat knows whether a person is at home or not) and access to devices and services should be restricted to a certain group of users (e.g., users may occasionally rent out their apartment via AirBnB and want to prevent changes being made to the smart thermostats configured to save energy).

Traditionally, security and privacy mechanisms are tightly integrated with the device they protect and leverage the available sensing capabilities (e.g., touchscreen, fingerprint reader, or camera on a smart phone or keyboard and touchpad on a laptop). In smart homes, devices are typically configured remotely via smart phones today. Despite often being sold as a useful feature, using the smart phone rather seems to be a work around for an open research challenge. This approach creates a considerable authentication overhead (users need to take the phone out of their pocket and launch an app rather than directly interact with the appliance) and supports a trend towards requiring people to use more passwords than they can remember. For example, already today, people have problems remembering passwords for their routers, smart TVs, and similar devices.

Our research focuses on bringing usable authentication to smart homes. In particular, we investigate how people (will) interact with smart appliances to understand how (a) existing security mechanisms users are familiar with can be adapted (for example, by means of other modalities) or (b) how entirely novel security concepts need to be designed to blend with how users interact in smart homes to, hence, strike a balance between being secure while at the same time remaining usable as they are being applied to hundreds of devices. Particular challenges include but are not limited to shared use of devices in smart homes, how authentication mechanisms can be built that scale (e.g., is it meaningful to use one authentication method / secret for all classes of devices?) and how to adapt to the current authentication context.

Publications

prange2022mum.jpg Sarah Prange, Sarah Delgado Rodriguez, Lukas Mecke und Florian Alt. “I Saw Your Partner Naked”: Exploring Privacy Challenges During Video-Based Online Meetings. In Proceedings of the 21st International Conference on Mobile and Ubiquitous Multimedia. MUM '22. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]  
delgado2022nordichi.jpg Sarah Delgado Rodriguez, Sarah Prange, Christina Vergara Ossenberg, Markus Henkel, Florian Alt und Karola Marky. PriKey – Investigating Tangible Privacy Control for Smart Home Inhabitants and Visitors . In Proceedings of the 12th Nordic Conference on Human-Computer Interaction:. NordiCHI '22. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]  
prange2022avi.jpg Sarah Prange, Niklas Thiem, Michael Fröhlich und Florian Alt. “Secure settings are quick and easy!” – Motivating End-Users to Choose Secure Smart Home Configurations. In Proceedings of the International Conference on Advanced Visual Interfaces. AVI '22. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]  
prange2022chiea.jpg Sarah Prange, Sarah Delgado Rodriguez, Timo Döding und Florian Alt. "Where did you first meet the owner?” – Exploring Usable Authentication for Smart Home Visitors. In Extended Abstracts of the 2022 CHI Conference on Human Factors in Computing Systems. CHI EA ’22. Association for Computing Machinery, New York, NY, USA. [Download Bibtex] [Video]  
marky2021mum.jpg Karola Marky, Sarah Prange, Max Mühlhäuser und Florian Alt. Roles Matter! Understanding Differences in the Privacy Mental Models ofSmart Home Visitors and Resident. In Proceedings of the 19th International Conference on Mobile and Ubiquitous Multimedia. MUM'21. ACM, New York, NY, USA. [Download Bibtex]  
prange2021muc.jpg Sarah Prange und Cenu George AND Florian Alt. Design Considerations for Usable Authentication in Smart Homes. In Proceedings of the Conference on Mensch Und Computer. MuC '21. Association for Computing Machinery, New York, NY, USA. [Download Bibtex]  
prange2021chi.jpg Sarah Prange, Ahmed Shams, Robin Piening, Yomna Abdelrahman und Florian Alt. PriView – Exploring Visualisations Supporting Users' Privacy Awareness. In Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems. CHI ’21. Association for Computing Machinery, New York, NY, USA. [Download Bibtex] [Video]  
marky2020mum.jpg Karola Marky, Sarah Prange, Florian Krell, Max Mühlhäuser und Florian Alt. 'You just can't know about everything': Privacy Perceptions of Smart Home Visitors. In Proceedings of the 19th International Conference on Mobile and Ubiquitous Multimedia. MUM'20. ACM, New York, NY, USA. [Download Bibtex]  
prange2020chiea.jpg Sarah Prange und Florian Alt. I Wish You Were Smart(er): Investigating Users' Desires and Needs Towards Home Appliances. In Extended Abstracts of the 2020 CHI Conference on Human Factors in Computing Systems. CHI '20. Association for Computing Machinery, New York, NY, USA. [Download Bibtex] [Video]