Title: Extricating IoT Devices from Vendor Infrastructure with Karl
Speaker: Gina Yuan
Date: October 6
Event link: https://stanford.zoom.us/j/99099389394?pwd=dzN5eXlaM01sL0lNS0pEVWk3TUEwUT09
Most consumer IoT devices are vertically integrated with cloud-side vendor infrastructure. Such architectures present the potential for enormous abuse, as companies gain the technical means of spying on users in their homes. Worse, users have no visibility into cloud-side activity, and hence no way of detecting when such abuse is taking place. In addition, cloud-side IoT infrastructure adds network latency, creates unintuitive failure models, and distorts design goals to generate subscription revenue needed to cover its cost.
Karl is a new smart-home framework designed to host IoT computation and storage on user-chosen devices. A key insight is that cloud-side services have moved towards serverless infrastructure, a model that can just as easily be provided by hardware users already own, such as an old laptop or phone. Alternatively, Karl allows users who want the cloud to rent computation and storage directly, at comparable costs to IoT subscriptions. Most importantly, Karl enforces security policies that cut across devices from multiple vendors and cannot be bypassed by compromised vendors or devices. We introduce two IoT security mechanisms, pipeline permissions and exit policies, that map directly to properties users care about and can be visualized in a way that matches user intuition. We evaluate Karl through two end-to-end applications.