Trustworthy Smart Band: Security Requirement Analysis with Threat Modeling
Suin Kang, Hye Min Kim, Huy Kang Kim

TL;DR
This paper applies threat modeling techniques to identify vulnerabilities in smart bands, deriving security requirements and proposing measures to enhance their trustworthiness, verified through automated security protocol analysis.
Contribution
It introduces a comprehensive threat modeling approach for smart bands, identifying vulnerabilities and proposing security measures verified by automated tools.
Findings
Identified key vulnerabilities in smart band systems.
Derived security requirements based on threat analysis.
Verified security measures using Scyther tool.
Abstract
As smart bands make life more convenient and provide a positive lifestyle, many people are now using them. Since smart bands deal with private information, security design and implementation for smart band system become necessary. To make a trustworthy smart band, we must derive the security requirements of the system first, and then design the system satisfying the security requirements. In this paper, we apply threat modeling techniques such as Data Flow Diagram, STRIDE, and Attack Tree to the smart band system to identify threats and derive security requirements accordingly. Through threat modeling, we found the vulnerabilities of the smart band system and successfully exploited smart bands with them. To defend against these threats, we propose security measures and verify that they are secure by using Scyther which is a tool for automatic verification of security protocol.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInnovation in Digital Healthcare Systems · Internet of Things and Social Network Interactions · Energy and Environmental Systems
