{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:00:23Z","timestamp":1750309223620,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":56,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,1]],"date-time":"2024-07-01T00:00:00Z","timestamp":1719792000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7]]},"DOI":"10.1145\/3634737.3657006","type":"proceedings-article","created":{"date-parts":[[2024,6,28]],"date-time":"2024-06-28T11:51:38Z","timestamp":1719575498000},"page":"873-885","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["The SA4P Framework: Sensing and Actuation as a Privilege"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-2439-9770","authenticated-orcid":false,"given":"Piet","family":"De Vaere","sequence":"first","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-6155-4861","authenticated-orcid":false,"given":"Felix","family":"St\u00f6ger","sequence":"additional","affiliation":[{"name":"ETH Z\u00fcrich, Zurich, Switzerland"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5280-5412","authenticated-orcid":false,"given":"Adrian","family":"Perrig","sequence":"additional","affiliation":[{"name":"ETH Z\u00fcrich, Zurich, Switzerland"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8467-8614","authenticated-orcid":false,"given":"Gene","family":"Tsudik","sequence":"additional","affiliation":[{"name":"UCI, Irvine, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,7]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978358"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3395351.3399421"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427253"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/iccps48487.2020.00036"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","unstructured":"Noah Apthorpe Dillon Reisman Srikanth Sundaresan Arvind Narayanan and Nick Feamster. 2017. Spying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic. 10.48550\/ARXIV.1708.05044","DOI":"10.48550\/ARXIV.1708.05044"},{"key":"e_1_3_2_1_7_1","unstructured":"Ionut Arghire. 2022. Nuki Smart Lock Vulnerabilities Allow Hackers to Open Doors. https:\/\/www.securityweek.com\/nuki-smart-lock-vulnerabilities-allow-hackers-open-doors\/."},{"key":"e_1_3_2_1_9_1","unstructured":"SA4P Authors. 2023. GitHub repositories accompanying this paper. https:\/\/github.com\/SA4P."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","unstructured":"Carsten Bormann Mehmet Ersue and Ari Ker\u00e4nen. 2014. Terminology for Constrained-Node Networks. RFC 7228. 10.17487\/RFC7228","DOI":"10.17487\/RFC7228"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2906388.2906390"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/cvpr.2007.383413"},{"key":"e_1_3_2_1_13_1","unstructured":"Connectivity Standards Alliance Inc. 2022. Matter Specification Version 1.0. Technical Report."},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of the 23rd USENIX Security Symposium.","author":"Costin Andrei","year":"2014","unstructured":"Andrei Costin, Jonas Zaddach, Aur\u00e9lien Francillon, and Davide Balzarotti. 2014. A Large-Scale Analysis of the Security of Embedded Firmwares. In Proceedings of the 23rd USENIX Security Symposium."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/mprv.2018.03367733"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3061639.3062276"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/wf-iot.2019.8767192"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/jiot.2021.3110142"},{"key":"e_1_3_2_1_19_1","unstructured":"Eileen Guo. 2023. Roomba testers feel misled after intimate images ended up on Facebook. https:\/\/www.technologyreview.com\/2023\/01\/10\/1066500\/."},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the International Workshop on Privacy in UbiComp (UbiPriv). \/publications\/papers\/han_jain_luk_perrig_privacy.pdf","author":"Han Jun","year":"2007","unstructured":"Jun Han, Abhishek Jain, Mark Luk, and Adrian Perrig. 2007. Don't Sweat Your Privacy: Using Humidity to Detect Human Presence. In Proceedings of the International Workshop on Privacy in UbiComp (UbiPriv). \/publications\/papers\/han_jain_luk_perrig_privacy.pdf"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3384723"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.48550\/ARXIV.2204.10920"},{"key":"e_1_3_2_1_23_1","volume-title":"Application Report: Understanding Operational Amplifier Specifications. Technical Report. Texas Instruments.","author":"Karki Jim","year":"2021","unstructured":"Jim Karki. 2021. Application Report: Understanding Operational Amplifier Specifications. Technical Report. Texas Instruments."},{"key":"e_1_3_2_1_24_1","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Khan Arslan","year":"2021","unstructured":"Arslan Khan, Hyungsub Kim, Byoungyoung Lee, Dongyan Xu, Antonio Bianchi, and Dave (Jing) Tian. 2021. M2MON: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 285--302. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/khan-arslan"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3098243.3098252"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC5869"},{"key":"e_1_3_2_1_27_1","unstructured":"Davy Landman. 2022. compact25519: A compact portable X25519 + Ed25519 implementation. https:\/\/github.com\/DavyLandman\/compact25519."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45809-3_19"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/msp.2011.67"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3210240.3210334"},{"key":"e_1_3_2_1_31_1","unstructured":"ARM Ltd. 2020. ARM Cortex-M33 Devices Generic User Guide. https:\/\/developer.arm.com\/documentation\/100235\/0100. Version r1p0."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2523649.2523673"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-39799-8_48"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3131672.3131688"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2906388.2906391"},{"key":"e_1_3_2_1_37_1","volume-title":"The Margrave Tool for Firewall Analysis. (05","author":"Nelson Timothy","year":"2012","unstructured":"Timothy Nelson, Christopher Barratt, Daniel Dougherty, Kathi Fisler, and Shriram Krishnamurthi. 2012. The Margrave Tool for Firewall Analysis. (05 2012)."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2994551.2994555"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"crossref","unstructured":"Jakob Nielsen. 1993. Usability Engineering. AP Professional.","DOI":"10.1016\/B978-0-08-052029-2.50007-3"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3079763"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/sp46214.2022.9833737"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.3390\/s19081884"},{"key":"e_1_3_2_1_46_1","unstructured":"Trevor Perrin. 2018. The Noise Protocol Framework. https:\/\/noiseprotocol.org\/noise.pdf. Revision 34."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/tpami.2016.2637354"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/jiot.2020.2969326"},{"volume-title":"IEEE Symposium on Security and Privacy.","author":"Quarta D.","key":"e_1_3_2_1_49_1","unstructured":"D. Quarta, M. Pogliani, M. Polino, F. Maggi, A. M. Zanchettin, and S. Zanero. 2017. An Experimental Security Analysis of an Industrial Robot Controller. In IEEE Symposium on Security and Privacy."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","unstructured":"L. Seitz G. Selander E. Wahlstroem S. Erdtman and H. Tschofenig. 2022. Authentication and Authorization for Constrained Environments Using the OAuth 2.0 Framework (ACE-OAuth). Technical Report. 10.17487\/rfc9200","DOI":"10.17487\/rfc9200"},{"volume-title":"6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices. In 26th USENIX Security Symposium (USENIX Security 17)","author":"Sikder Amit Kumar","key":"e_1_3_2_1_52_1","unstructured":"Amit Kumar Sikder, Hidayet Aksu, and A. Selcuk Uluagac. 2017. 6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 397--414. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/sikder"},{"key":"e_1_3_2_1_53_1","unstructured":"Dimitrios Slamaris. 2022. Embedded Systems Security and TrustZone. https:\/\/embeddedsecurity.io. Accessed: 2023-02-07."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/sp40000.2020.00042"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/mass.2019.00056"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/twc.2021.3098608"},{"key":"e_1_3_2_1_58_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Wang Zhiwei","year":"2022","unstructured":"Zhiwei Wang, Yihui Yan, Yueli Yan, Huangxun Chen, and Zhice Yang. 2022. CamShield: Securing Smart Cameras through Physical Replication and Isolation. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 3467--3484. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/wang-zhiwei"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/avss.2014.6918661"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/avss.2010.38"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/2545883"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/sp.2019.00084"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/icpr.2014.715"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","unstructured":"Binbin Zhao Shouling Ji Jiacheng Xu Yuan Tian Qiuyang Wei Qinying Wang Chenyang Lyu Xuhong Zhang Changting Lin Jingzheng Wu and Raheem Beyah. 2022. One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware. 10.48550\/ARXIV.2212.13716","DOI":"10.48550\/ARXIV.2212.13716"}],"event":{"name":"ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Singapore Singapore","acronym":"ASIA CCS '24"},"container-title":["Proceedings of the 19th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3657006","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T23:44:07Z","timestamp":1750290247000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3657006"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7]]},"references-count":56,"alternative-id":["10.1145\/3634737.3657006","10.1145\/3634737"],"URL":"https:\/\/doi.org\/10.1145\/3634737.3657006","relation":{},"subject":[],"published":{"date-parts":[[2024,7]]},"assertion":[{"value":"2024-07-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}