In the last few years various intersecting technological advances have made it possible to develop reasonably powerful computers and sensors small enough to be embedded almost everywhere. This has translated into a proliferation of smart devices that can be carried in, on, and around the human body. Examples include bracelets and wristwatches that record vital signs; glasses that augment our perceived reality; T-shirts that provide real-time feedback to the user; intelligent pill dispensers that remind a patient when it is time to take medication and record when he does so; and a new generation of smart implantable medical devices such as pacemakers, insulin pumps and neurostimulators. Smartphones have been key to this revolution, as they constitute powerful, general-purpose portable computers with permanent Internet connectivity and in radio range of other wearable devices. From all this it is emerging the vision of a body-based network of smart devices that travels with the bearer wherever he goes and allows him to interact with his body functions, with objects in his surroundings, and with other individuals devices and networks. By analogy with the Internet-of-Things (IoT), some authors and media have coined the term Internet-of-You (IoY) to refer to such a network.
Security and privacy challenges in the IoY are greater than in traditional computing and communications scenarios. Many of such devices incorporate numerous sensors that could leak highly sensitive information about location, gestures, moves, behavioral patterns and other physical activities, as well as recording audio, pictures and video from their surroundings. So far these aspects have been neglected in the current generation of smart devices, which has caused an alarming escalation in the number and sophistication of security incidents targeting these platforms.
In this project, we plan to conduct a research program that addresses some of these challenges with four general goals. Firstly, we plan to explore security models, design principles, and architectures for the IoY that minimize risk exposure against realistic adversaries. Secondly, we will develop mechanisms to maintain the integrity of the network and the confidentiality of the information that travels about. Thirdly, we will investigate novel solutions to increase trustworthiness in apps and services for the IoY and to thwart attacks based on malicious code. Finally, we will develop smart models and tools that take a holistic approach to the security and privacy governance issues of the IoY, with particular emphasis on the definition and enforcement of usable, flexible, user-dependent and context-specific policies.