Trusted Domain: A security platform for home automation

In the digital age of home automation and with the proliferation of mobile Internet access, the intelligent home and its devices should be accessible at any time from anywhere. There are many challenges such as security, privacy, ease of configuration, incompatible legacy devices, a wealth of wireless standards, limited resources of embedded systems, etc. Taking these challenges into account, we present a Trusted Domain home automation platform, which dynamically and securely connects heterogeneous networks of Short-Range Wireless devices via simple non-expert user interactions, and allows remote access via IP-based devices such as smartphones. The Trusted Domain platform fits existing legacy technologies by managing their interoperability and access controls, and it seeks to avoid the security issues of relying on third-party servers outside the home. It is a distributed system that enables secure end-to-end communication with home automation devices, and it supports device revocations as well as a structure of intersecting sets of nodes for scalability. Devices in the Trusted Domain are registered in a list that is distributed using a robust epidemic protocol optimized for constrained resources and network load sharing. The resource-intensive encryption operations are reduced to a minimum by sending short signed update queries and only synchronizing when necessary. An experiment on an embedded implementation examines timing, footprint, and behavioral properties of the protocol. The protocol has been formally verified by the UPPAAL model-checking tool.