{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:02:10Z","timestamp":1750309330898,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":28,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,8,13]],"date-time":"2024-08-13T00:00:00Z","timestamp":1723507200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,8,13]]},"DOI":"10.1145\/3675741.3675744","type":"proceedings-article","created":{"date-parts":[[2024,8,6]],"date-time":"2024-08-06T16:34:45Z","timestamp":1722962085000},"page":"1-7","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Hardening the Internet of Things: Toward Designing Access Control For Resource Constrained IoT Devices"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-1650-6382","authenticated-orcid":false,"given":"Manuel","family":"Bessler","sequence":"first","affiliation":[{"name":"Xylem, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-4464-5111","authenticated-orcid":false,"given":"Paul","family":"Sangster","sequence":"additional","affiliation":[{"name":"Xylem, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2975-7387","authenticated-orcid":false,"given":"Radhika","family":"Upadrashta","sequence":"additional","affiliation":[{"name":"Xylem, United States of America"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9707-1830","authenticated-orcid":false,"given":"TJ","family":"OConnor","sequence":"additional","affiliation":[{"name":"Florida Institute of Technology, United States of America"}]}],"member":"320","published-online":{"date-parts":[[2024,8,13]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"MPO: MQTT-Based Privacy Orchestrator for Smart Home Users. In Computers, Software, and Applications Conference (COMPSAC)","author":"Alhazmi Ahmed","year":"2022","unstructured":"Ahmed Alhazmi, Khulud Alawaji, and TJ OConnor. 2022. MPO: MQTT-Based Privacy Orchestrator for Smart Home Users. In Computers, Software, and Applications Conference (COMPSAC). IEEE, Virtual Event, 988\u2013993."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/COINS51742.2021.9524236"},{"key":"e_1_3_2_1_3_1","volume-title":"USENIX Security Symposium (USENIX Security 17)","author":"Antonakakis Manos","year":"2017","unstructured":"Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J\u00a0Alex Halderman, Luca Invernizzi, Michalis Kallitsis, 2017. Understanding the mirai botnet. In USENIX Security Symposium (USENIX Security 17). USENIX, Vancouver, BC, 1093\u20131110."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"crossref","unstructured":"Daniel Campos and TJ OConnor. 2021. Towards Labeling On-Demand IoT Traffic. In Cyber Security Experimentation and Test (CSET). USENIX Virtual Event 49\u201357.","DOI":"10.1145\/3474718.3474727"},{"key":"e_1_3_2_1_5_1","volume-title":"Modeling Internet-of-Things (IoT) Behavior for Enforcing Security and Privacy Policies. In Computing Conference. Springer","author":"Ganeriwala Parth","year":"2023","unstructured":"Parth Ganeriwala, Anubhav Gupta, Daniel Campos, Siddhartha Bhattacharyya, TJ OConnor, and Adolf Dcosta. 2023. Modeling Internet-of-Things (IoT) Behavior for Enforcing Security and Privacy Policies. In Computing Conference. Springer, London, UK, 1451\u20131473."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.2991\/3ca-13.2013.42"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.mcm.2013.02.006"},{"key":"e_1_3_2_1_8_1","unstructured":"T. Handa. 2012. CaitSith: a new type of rule based in-kernel access control. http:\/\/kernsec.org\/files\/CaitSith-en.pdf. In LinuxCon North America. The Linux Foundation San Diego CA 1\u2013117."},{"volume-title":"PAC SEC. Dragos Ruiu","author":"Harada T.","key":"e_1_3_2_1_9_1","unstructured":"T. Harada. 2007. TOMOYO Linux: A practical method to understand and protect your own Linux box. https:\/\/ja.osdn.net\/projects\/tomoyo\/docs\/PacSec2007-en-no-demo.pdf. In PAC SEC. Dragos Ruiu, Tokyo, JP, 1\u201334."},{"key":"e_1_3_2_1_10_1","volume-title":"Free and Open Source Software Developers European Meeting (FOSDEM). Universit\u00e9 libre de Bruxelles","author":"Harada T.","year":"2008","unstructured":"T. Harada. 2008. TOMOYO Linux for Secure Embedded. https:\/\/osdn.net\/projects\/tomoyo\/docs\/fosdem2008.pdf\/en\/18\/fosdem2008.pdf.pdf. In Free and Open Source Software Developers European Meeting (FOSDEM). Universit\u00e9 libre de Bruxelles, Brussels, BE, 1\u201347."},{"key":"e_1_3_2_1_11_1","volume-title":"Never Ending Story: Authentication and Access Control Design Flaws in Shared IoT Devices. In IEEE Security and Privacy SafeThings Workshop (SafeThings). IEEE, Virtual Event, 104\u2013109","author":"Janes Blake","year":"2020","unstructured":"Blake Janes, Heather Crawford, and TJ OConnor. 2020. Never Ending Story: Authentication and Access Control Design Flaws in Shared IoT Devices. In IEEE Security and Privacy SafeThings Workshop (SafeThings). IEEE, Virtual Event, 104\u2013109."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/QRS57517.2022.00011"},{"key":"e_1_3_2_1_13_1","unstructured":"A. Murray. 2021. Yocto Security Hardening: CVEs. https:\/\/www.thegoodpenguin.co.uk\/blog\/yocto-security-hardening-cve\/."},{"key":"e_1_3_2_1_14_1","volume-title":"About TOMOYO Linux. https:\/\/tomoyo.osdn.jp\/about.html.en. Accessed","author":"NTT DATA Corporation","year":"2024","unstructured":"NTT DATA Corporation. 2023. About TOMOYO Linux. https:\/\/tomoyo.osdn.jp\/about.html.en. Accessed: July 4, 2024."},{"key":"e_1_3_2_1_15_1","volume-title":"TOMOYO Linux functionality comparison table. https:\/\/tomoyo.osdn.jp\/comparison.html.en. Accessed","author":"NTT DATA Corporation","year":"2024","unstructured":"NTT DATA Corporation. 2023. TOMOYO Linux functionality comparison table. https:\/\/tomoyo.osdn.jp\/comparison.html.en. Accessed: July 4, 2024."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3185467.3185474"},{"key":"e_1_3_2_1_17_1","volume-title":"Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things. In Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM","author":"Connor TJ","year":"2019","unstructured":"TJ OConnor, William Enck, and Bradley Reaves. 2019. Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things. In Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). ACM, Miami,FL, 140\u2013150."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"TJ OConnor Dylan Jesse and Daniel Camps. 2021. Through the Spyglass: Toward IoT Companion App Man-in-the-Middle Attacks. In Cyber Security Experimentation and Test (CSET). USENIX Virtual Event 58\u201362.","DOI":"10.1145\/3474718.3474729"},{"volume-title":"Annual Computers, Software, and Applications Conference (COMPSAC)","author":"Connor TJ","key":"e_1_3_2_1_19_1","unstructured":"TJ OConnor, Dylan Jessee, and Daniel Campos. 2023. Towards Examining The Security Cost of Inexpensive Smart Home IoT Devices. In Annual Computers, Software, and Applications Conference (COMPSAC). IEEE, Turin, IT, 1293\u20131298."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC57700.2023.00123"},{"key":"e_1_3_2_1_21_1","volume-title":"LinPEAS - Linux Privilege Escalation Awesome Script. https:\/\/github.com\/carlospolop\/PEASS-ng\/tree\/master\/linPEAS. Accessed","author":"Polop Carlos","year":"2024","unstructured":"Carlos Polop. 2023. LinPEAS - Linux Privilege Escalation Awesome Script. https:\/\/github.com\/carlospolop\/PEASS-ng\/tree\/master\/linPEAS. Accessed: July 4, 2024."},{"key":"e_1_3_2_1_22_1","volume-title":"Accessed","author":"Hat Red","year":"2023","unstructured":"Red Hat, Inc.2023. Enhancing security with the kernel integrity subsystem. https:\/\/access.redhat.com\/documentation\/en-us\/red_hat_enterprise_linux\/7\/html\/kernel_administration_guide\/enhancing_security_with_the_kernel_integrity_subsystem. Accessed: July 4, 2024."},{"volume-title":"AppArmor, and FBAC-LSM. In Transactions on Information and System Security (TISSEC)","author":"Schreuders Z\u00a0Cliffe","key":"e_1_3_2_1_23_1","unstructured":"Z\u00a0Cliffe Schreuders, Tanya McGill, and Christian Payne. 2011. Empowering end users to confine their own applications: The results of a usability study comparing SELinux, AppArmor, and FBAC-LSM. In Transactions on Information and System Security (TISSEC). ACM, New York, NY, 1\u201328."},{"key":"e_1_3_2_1_24_1","volume-title":"Linux Security Module Usage. https:\/\/www.kernel.org\/doc\/html\/latest\/admin-guide\/LSM\/index.html. Accessed","author":"Development Community The Kernel","year":"2024","unstructured":"The Kernel Development Community. 2024. Linux Security Module Usage. https:\/\/www.kernel.org\/doc\/html\/latest\/admin-guide\/LSM\/index.html. Accessed: July 4, 2024."},{"key":"e_1_3_2_1_25_1","unstructured":"The White House. 2023. Biden Harris Administration Announces Cybersecurity Labeling Program for Smart Devices to Protect American Consumers. https:\/\/www.whitehouse.gov\/briefing-room\/statements-releases\/2023\/07\/18\/biden-harris-administration-announces-cybersecurity-labeling-program-for-smart-devices-to-protect-american-consumers\/. Accessed: July 4 2024."},{"volume-title":"Passive and Active Measurement (PAM)","author":"Xu Haitao","key":"e_1_3_2_1_26_1","unstructured":"Haitao Xu, Fengyuan Xu, and Bo Chen. 2018. Internet protocol cameras with no password protection: An empirical investigation. In Passive and Active Measurement (PAM). Springer, Berlin, DE, 47\u201359."},{"key":"e_1_3_2_1_27_1","unstructured":"Xylem.com. 2024. artifacts. https:\/\/www.xylem.com\/siteassets\/support\/case-studies\/case-studies-pdf\/tomoyo-caitsith-recipes.tar.zip."},{"key":"e_1_3_2_1_28_1","volume-title":"https:\/\/www.yoctoproject.org\/. Accessed","author":"Project Yocto","year":"2024","unstructured":"Yocto Project. 2024. Yocto Project. https:\/\/www.yoctoproject.org\/. Accessed: July 4, 2024."}],"event":{"name":"CSET 2024: Workshop on Cyber Security Experimentation and Test","acronym":"CSET 2024","location":"Philadelphia PA USA"},"container-title":["Proceedings of the 17th Cyber Security Experimentation and Test Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3675741.3675744","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3675741.3675744","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:04:09Z","timestamp":1750291449000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3675741.3675744"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,8,13]]},"references-count":28,"alternative-id":["10.1145\/3675741.3675744","10.1145\/3675741"],"URL":"https:\/\/doi.org\/10.1145\/3675741.3675744","relation":{},"subject":[],"published":{"date-parts":[[2024,8,13]]},"assertion":[{"value":"2024-08-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}