{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,4]],"date-time":"2025-07-04T05:19:40Z","timestamp":1751606380194,"version":"3.40.3"},"publisher-location":"Cham","reference-count":45,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031651717"},{"type":"electronic","value":"9783031651724"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-65172-4_5","type":"book-chapter","created":{"date-parts":[[2024,7,12]],"date-time":"2024-07-12T12:02:41Z","timestamp":1720785761000},"page":"71-91","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Ensuring End-to-End IoT Data Security and Privacy Through Cloud-Enhanced Confidential Computing"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8929-3003","authenticated-orcid":false,"given":"Md Shihabul","family":"Islam","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1239-8162","authenticated-orcid":false,"given":"Mahmoud","family":"Zamani","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0479-6280","authenticated-orcid":false,"given":"Kevin W.","family":"Hamlen","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9300-1576","authenticated-orcid":false,"given":"Latifur","family":"Khan","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9795-9063","authenticated-orcid":false,"given":"Murat","family":"Kantarcioglu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,7,13]]},"reference":[{"key":"5_CR1","doi-asserted-by":"crossref","unstructured":"Ahmad, A., Kim, K., Sarfaraz, M.I., Lee, B.: Obliviate: a data oblivious filesystem for intel SGX. In: NDSS (2018)","DOI":"10.14722\/ndss.2018.23284"},{"key":"5_CR2","doi-asserted-by":"crossref","unstructured":"Bastys, I., Balliu, M., Sabelfeld, A.: If this then what? Controlling flows in IoT apps. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1102\u20131119 (2018)","DOI":"10.1145\/3243734.3243841"},{"key":"5_CR3","unstructured":"BlueVoyant: Third-party supply chain cyber risk CISO report, November 2020. https:\/\/www.bluevoyant.com\/resources\/ciso-report-download-form\/"},{"key":"5_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"352","DOI":"10.1007\/978-3-319-66402-6_21","volume-title":"Computer Security \u2013 ESORICS 2017","author":"S Chandra","year":"2017","unstructured":"Chandra, S., Karande, V., Lin, Z., Khan, L., Kantarcioglu, M., Thuraisingham, B.: Securing data analytics on SGX with randomization. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10492, pp. 352\u2013369. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66402-6_21"},{"issue":"12","key":"5_CR5","doi-asserted-by":"publisher","first-page":"1113","DOI":"10.14778\/2994509.2994528","volume":"9","author":"Z Chang","year":"2016","unstructured":"Chang, Z., Xie, D., Li, F.: Oblivious RAM: a dissection and experimental evaluation. Proc. VLDB Endow. 9(12), 1113\u20131124 (2016)","journal-title":"Proc. VLDB Endow."},{"key":"5_CR6","doi-asserted-by":"crossref","unstructured":"Chen, T., Guestrin, C.: Xgboost: A scalable tree boosting system. In: Proceedings of the 22nd acm sigkdd international conference on knowledge discovery and data mining. pp. 785\u2013794 (2016)","DOI":"10.1145\/2939672.2939785"},{"key":"5_CR7","unstructured":"Chen, Y., Alhanahnah, M., Sabelfeld, A., Chatterjee, R., Fernandes, E.: Practical data access minimization in $$\\{$$Trigger-Action$$\\}$$ platforms. In: 31st USENIX Security Symposium (USENIX Security 2022), pp. 2929\u20132945 (2022)"},{"issue":"086","key":"5_CR8","first-page":"1","volume":"2016","author":"V Costan","year":"2016","unstructured":"Costan, V., Devadas, S.: Intel SGX explained. IACR Cryptol. ePrint Arch. 2016(086), 1\u2013118 (2016)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"5_CR9","unstructured":"Daemen, J., Rijmen, V.: AES proposal: Rijndael (1999)"},{"key":"5_CR10","doi-asserted-by":"crossref","unstructured":"Ding, W., Hu, H.: On the safety of IoT device physical interaction control. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 832\u2013846 (2018)","DOI":"10.1145\/3243734.3243865"},{"key":"5_CR11","doi-asserted-by":"crossref","unstructured":"Fernandes, E., Jung, J., Prakash, A.: Security analysis of emerging smart home applications. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 636\u2013654. IEEE (2016)","DOI":"10.1109\/SP.2016.44"},{"key":"5_CR12","unstructured":"Grubbs, P., et al.: Pancake: frequency smoothing for encrypted data stores. In: 29th USENIX Security Symposium (USENIX Security 2020), pp. 2451\u20132468 (2020)"},{"key":"5_CR13","doi-asserted-by":"publisher","first-page":"295","DOI":"10.1016\/j.comnet.2018.11.026","volume":"148","author":"J Hou","year":"2019","unstructured":"Hou, J., Qu, L., Shi, W.: A survey on internet of things security from data perspectives. Comput. Netw. 148, 295\u2013306 (2019)","journal-title":"Comput. Netw."},{"key":"5_CR14","unstructured":"Business Insider: The security and privacy issues that come with the Internet of Things, January 2020. https:\/\/www.businessinsider.com\/iot-security-privacy"},{"key":"5_CR15","unstructured":"Intel: Intel\u00ae software guard extensions (intel\u00ae SGX) SDK for Linux* OS, June 2020. https:\/\/download.01.org\/intel-sgx\/sgx-linux\/2.10\/docs\/Intel_SGX_Developer_Reference_Linux_2.10_Open_Source.pdf"},{"key":"5_CR16","unstructured":"Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: Ndss, vol.\u00a020, p.\u00a012. Citeseer (2012)"},{"key":"5_CR17","unstructured":"Larson, S.: Stuffed toys leak millions of voice recordings from kids and parents, February 2017. https:\/\/money.cnn.com\/2017\/02\/27\/technology\/cloudpets-data-leak-voices-photos\/index.html"},{"key":"5_CR18","unstructured":"Linaro: Open portable trusted execution environment (2022). www.op-tee.org"},{"key":"5_CR19","unstructured":"Matetic, S., et al.: $$\\{$$ROTE$$\\}$$: rollback protection for trusted execution. In: 26th USENIX Security Symposium (USENIX Security 2017), pp. 1289\u20131306 (2017)"},{"key":"5_CR20","doi-asserted-by":"crossref","unstructured":"Mishra, P., Poddar, R., Chen, J., Chiesa, A., Popa, R.A.: Oblix: an efficient oblivious search index. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 279\u2013296. IEEE (2018)","DOI":"10.1109\/SP.2018.00045"},{"key":"5_CR21","unstructured":"MQTT: Message queuing telemetry transport (MQTT) (2022). http:\/\/mqtt.org\/"},{"key":"5_CR22","unstructured":"Ohrimenko, O., et al.: Oblivious multi-party machine learning on trusted processors. In: 25th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2016), pp. 619\u2013636 (2016)"},{"key":"5_CR23","unstructured":"Paul, F.: Top 10 IoT vulnerabilities, April 2019. https:\/\/www.networkworld.com\/article\/3332032\/top-10-iot-vulnerabilities.html"},{"key":"5_CR24","unstructured":"Puddu, I., Schneider, M., Haller, M., \u010capkun, S.: Frontal attack: leaking $$\\{$$Control-Flow$$\\}$$ in $$\\{$$SGX$$\\}$$ via the $$\\{$$CPU$$\\}$$ frontend. In: 30th USENIX Security Symposium (USENIX Security 2021), pp. 663\u2013680 (2021)"},{"key":"5_CR25","unstructured":"Rane, A., Lin, C., Tiwari, M.: Raccoon: closing digital side-channels through obfuscated execution. In: 24th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 2015), pp. 431\u2013446 (2015)"},{"key":"5_CR26","unstructured":"IBM X-Force Research: The weaponization of IoT devices, April 2017. https:\/\/www.ibm.com\/downloads\/cas\/6MLEALKV"},{"key":"5_CR27","unstructured":"SAMSUNG: Samsung smartthings developers: working with rules (2021). https:\/\/smartthings.developer.samsung.com\/docs\/rules\/overview.html"},{"key":"5_CR28","doi-asserted-by":"crossref","unstructured":"Sasy, S., Gorbunov, S., Fletcher, C.W.: ZeroTrace: oblivious memory primitives from Intel SGX. In: NDSS (2018)","DOI":"10.14722\/ndss.2018.23239"},{"key":"5_CR29","doi-asserted-by":"crossref","unstructured":"Shah, T., Venkatesan, S., Ngo, T., Neelamegam, K., et\u00a0al.: Conflict detection in rule based IoT systems. In: 2019 IEEE 10th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), pp. 0276\u20130284. IEEE (2019)","DOI":"10.1109\/IEMCON.2019.8936266"},{"key":"5_CR30","doi-asserted-by":"crossref","unstructured":"Shahid, M.R., Blanc, G., Zhang, Z., Debar, H.: IoT devices recognition through network traffic analysis. In: 2018 IEEE International Conference on Big Data (Big Data), pp. 5187\u20135192. IEEE (2018)","DOI":"10.1109\/BigData.2018.8622243"},{"key":"5_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"367","DOI":"10.1007\/978-3-030-49669-2_21","volume-title":"Data and Applications Security and Privacy XXXIV","author":"F Shaon","year":"2020","unstructured":"Shaon, F., Kantarcioglu, M.: SGX-IR: secure information retrieval with trusted processors. In: Singhal, A., Vaidya, J. (eds.) DBSec 2020. LNCS, vol. 12122, pp. 367\u2013387. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-49669-2_21"},{"key":"5_CR32","doi-asserted-by":"crossref","unstructured":"Shaon, F., Kantarcioglu, M., Lin, Z., Khan, L.: SGX-bigmatrix: a practical encrypted data analytic framework with trusted processors. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1211\u20131228 (2017)","DOI":"10.1145\/3133956.3134095"},{"key":"5_CR33","doi-asserted-by":"crossref","unstructured":"Siami-Namini, S., Tavakoli, N., Namin, A.S.: The performance of LSTM and BiLSTM in forecasting time series. In: 2019 IEEE International Conference on Big Data (Big Data), pp. 3285\u20133292. IEEE (2019)","DOI":"10.1109\/BigData47090.2019.9005997"},{"key":"5_CR34","unstructured":"Sparks, P.: The route to a trillion devices. White Paper, ARM (2017)"},{"issue":"2","key":"5_CR35","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1109\/THMS.2014.2364613","volume":"45","author":"Y Sun","year":"2014","unstructured":"Sun, Y., Wang, X., Luo, H., Li, X.: Conflict detection scheme based on formal rule model for smart building systems. IEEE Trans. Hum.-Mach. Syst. 45(2), 215\u2013227 (2014)","journal-title":"IEEE Trans. Hum.-Mach. Syst."},{"key":"5_CR36","doi-asserted-by":"crossref","unstructured":"Ur, B., et al.: Trigger-action programming in the wild: an analysis of 200,000 IFTTT recipes. In: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, pp. 3227\u20133231 (2016)","DOI":"10.1145\/2858036.2858556"},{"key":"5_CR37","unstructured":"Vailshery, L.S.: Consumer spending on smart home related devices worldwide from 2019 to 2025, January 2021. https:\/\/www.statista.com\/statistics\/873607\/worldwide-smart-home-annual-device-sales\/"},{"key":"5_CR38","doi-asserted-by":"crossref","unstructured":"Van\u00a0Bulck, J., Piessens, F., Strackx, R.: SGX-step: a practical attack framework for precise enclave execution control. In: 2nd Workshop on System Software for Trusted Execution (SysTEX), pp. 4:1\u20134:6. ACM, October 2017","DOI":"10.1145\/3152701.3152706"},{"key":"5_CR39","unstructured":"Vuppalapati, M., Babel, K., Khandelwal, A., Agarwal, R.: $$\\{$$SHORTSTACK$$\\}$$: distributed, fault-tolerant, oblivious data access. In: 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI 22), pp. 719\u2013734 (2022)"},{"key":"5_CR40","doi-asserted-by":"crossref","unstructured":"Wang, Q., Datta, P., Yang, W., Liu, S., Bates, A., Gunter, C.A.: Charting the attack surface of trigger-action IoT platforms. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1439\u20131453 (2019)","DOI":"10.1145\/3319535.3345662"},{"key":"5_CR41","doi-asserted-by":"crossref","unstructured":"Wang, W., et al.: Leaky cauldron on the dark land: understanding memory side-channel hazards in SGX. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 2421\u20132434 (2017)","DOI":"10.1145\/3133956.3134038"},{"key":"5_CR42","doi-asserted-by":"crossref","unstructured":"Winter, J.: Trusted computing building blocks for embedded Linux-based arm trustzone platforms. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, pp. 21\u201330 (2008)","DOI":"10.1145\/1456455.1456460"},{"key":"5_CR43","doi-asserted-by":"publisher","first-page":"63457","DOI":"10.1109\/ACCESS.2019.2911202","volume":"7","author":"R Xu","year":"2019","unstructured":"Xu, R., Zeng, Q., Zhu, L., Chi, H., Du, X., Guizani, M.: Privacy leakage in smart homes and its mitigation: IFTTT as a case study. IEEE Access 7, 63457\u201363471 (2019)","journal-title":"IEEE Access"},{"key":"5_CR44","doi-asserted-by":"crossref","unstructured":"Xu, Y., Cui, W., Peinado, M.: Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: 2015 IEEE Symposium on Security and Privacy, pp. 640\u2013656. IEEE (2015)","DOI":"10.1109\/SP.2015.45"},{"key":"5_CR45","doi-asserted-by":"crossref","unstructured":"Yu, J., Hsiung, L., El\u2019Hajj, M., Fletcher, C.W.: Data oblivious ISA extensions for side channel-resistant and high performance computing. In: The Network and Distributed System Security Symposium (NDSS) (2019)","DOI":"10.14722\/ndss.2019.23061"}],"container-title":["Lecture Notes in Computer Science","Data and Applications Security and Privacy XXXVIII"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-65172-4_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,12]],"date-time":"2024-07-12T12:03:46Z","timestamp":1720785826000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-65172-4_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031651717","9783031651724"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-65172-4_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"13 July 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DBSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP Annual Conference on Data and Applications Security and Privacy","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"San Jose, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 July 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 July 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"38","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dbsec2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.dbsec2024.unimol.it\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}