Security Requirements for Smart Toys

Luciano Gonçalves de Carvalho; Marcelo Medeiros Eler

doi:10.5220/0006337001440154

Security Requirements for Smart Toys

Luciano Gonçalves de Carvalho, Marcelo Medeiros Eler

2017

Abstract

Toys are an essential part of our culture, and they evolve as our technology evolves. Smart toys have been recently introduced in our market as conventional toys equipped with electronic components and sensors that enable wireless network communication with mobile devices that provide services to enhance the toy's functionalities. This environment, also called toy computing, provides users with a more sophisticated and personalised experience since it collects, processes and stores personal information to be used by mobile services and the toy itself. On the other hand, it raises concerns around information security and child safety because unauthorized access to confidential information may bring many consequences. In fact, several security flaws in toy computing have been recently reported in the news due to the absence of clear security policies in this new environment. In this context, this paper presents an analysis of the toy computing environment based on the Microsoft Security Development Lifecycle and its threat modelling tool with the aim of identifying a minimum set of security requirements a smart toy should meet. As result we identified 15 threats and 20 security requirements for toy computing.

Download

Paper Citation

in Harvard Style

Gonçalves de Carvalho L. and Medeiros Eler M. (2017). Security Requirements for Smart Toys . In Proceedings of the 19th International Conference on Enterprise Information Systems - Volume 2: ICEIS, ISBN 978-989-758-248-6, pages 144-154. DOI: 10.5220/0006337001440154

in Bibtex Style

@conference{iceis17,
author={Luciano Gonçalves de Carvalho and Marcelo Medeiros Eler},
title={Security Requirements for Smart Toys},
booktitle={Proceedings of the 19th International Conference on Enterprise Information Systems - Volume 2: ICEIS,},
year={2017},
pages={144-154},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006337001440154},
isbn={978-989-758-248-6},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 19th International Conference on Enterprise Information Systems - Volume 2: ICEIS,
TI - Security Requirements for Smart Toys
SN - 978-989-758-248-6
AU - Gonçalves de Carvalho L.
AU - Medeiros Eler M.
PY - 2017
SP - 144
EP - 154
DO - 10.5220/0006337001440154