About the Project

In the last few years, various intersecting technological advances have made it possible to develop reasonably powerful computers and sensors small enough to be embedded almost everywhere. This has translated into a proliferation of smart devices that can be carried in, on, and around the human body. Examples include bracelets and wristwatches that record vital signs; glasses that augment our perceived reality; T-shirts that provide real-time feedback to the user; intelligent pill dispensers that remind a patient when it is time to take medication and record when he does so; and a new generation of smart implantable medical devices such as pacemakers, insulin pumps and neurostimulators. Smartphones have been key to this revolution, as they constitute powerful, general-purpose portable computers with permanent Internet connectivity and in radio range of other wearable devices.

IoY

From all this it is emerging the vision of a body-based network of smart devices that travels with the bearer wherever he goes and allows him to interact with his body functions, with objects in his surroundings, and with other individuals' devices and networks. By analogy with the Internet-of-Things (IoT), some authors and media have coined the term Internet-of-You (IoY) to refer to such a network.

Security and privacy challenges in the IoY are greater than in traditional computing and networking scenarios. Many of such devices incorporate numerous sensors that could leak highly sensitive information about location, gestures, moves, behavioral patterns and other physical activities, as well as recording audio, pictures and video from their surroundings. So far these aspects have been neglected in the current generation of smart devices, which has caused an alarming escalation in the number and sophistication of security incidents targeting these platforms.

In SPINY, we present a research program to address some of these challenges with four general goals. Firstly, we plan to explore security models, design principles, and architectures for the IoY that minimize risk exposure against realistic adversaries. Secondly, we will develop mechanisms to maintain the integrity of the network and the confidentiality of the information that travels about. Thirdly, we will investigate novel solutions to increase trustworthiness in apps and services for the IoY and to thwart attacks based on malicious code. Finally, we will develop smart models and tools that take a holistic approach to the security and privacy governance issues of the IoY, with particular emphasis on the definition and enforcement of usable, flexible, user-dependent and context-specific policies. The expected results of this project include papers that will advance the scientific and technical knowledge in this field, as well as prototype implementations to support further research and technology transfer

We believe that this is a timely research, with important implications both at the technological and societal levels. Smart devices are flourishing at a steady pace, and their coupling with other emerging paradigms (IoT and cloud computing) will further integrate users into a complex networked society with substantially higher security and privacy risks. Experience with the origin and evolution of the Internet warns us about the perils of neglecting such risks during the genesis of a new paradigm: technologies that are born flawed remain flawed.