REVIEW: “On the Security of Consumer Wearable Devices in the Internet of Things”

by Christopher S. Nelson

       With the increased popularity of wearable device and smartphone monitoring of student’s movements, activities, and biometric data to encourage and record personal performance, the issue of vulnerability to personal security raises concern. Sandall conducted a study in which he reviewed the latest devices being applied to curriculum such as Google Glass, Oculus Rift, and Muse which can monitor attentiveness, track physiological signs of stress, and provide Virtual Reality simulations for accelerated learning (2016, p.75). The research proposed in Tahir, Tahir, and McDonald-Maier’s article looks at a select method for using central-based encryption technology to safeguard all of a student’s devices from cyber-attack.

            This is a quantitative study using applied technology in ICMetrics to create a security system for wearable devices which connect to the digital world via the Internet of Things (IoT). The method takes advantage of ICMetrics, defined as, “technology

uses the features of a device to generate an identification which is then used for the provision of cryptographic services” (Tahir, 2018, p.1), to create encryptions for data transmitted from devices. The study uses graphs and flowcharts to outline the process for easy-to-understand information flow, while maintaining the scientific integrity in the narrative as it describes functions and comparisons.

            The article dives in immediately by defining some of the more difficult technological terms and acronyms, then goes on to categorized the types of wearable devices using the IoT for communication. The authors drive home the point of vulnerability by giving a solid argument for the application of encryption, “many devices still do not possess the ability nor the resources required for the provision of security” (Tahir, 2018, p.2). To create interest and buy-in, the Fitbit is the primary beast on the dissection tray, and the concept of device imprinting based on biometrics is presented using the analogy of a duckling in its mother-figure (such as duck, dog, cat, person, etc.).

            I found the article a bit difficult to read, but was able to digest it after a few passes and cross-referencing. While the authors offer a great concept in generating a password and key-based encryption plan, I found it to be a bit pollyanna in that they never go into the consumer details. Concerns such as size, side-effects, cost, and an actual demonstration of a student using ICMetrics and the suggested Key Generation Center would have been more helpful than some of the graphs and charts. I also found the article to be biased as it did not actually compare ICMetric encryption to other option which may be present. What the article does well, however, is reveal just how vulnerable we are with these devices at the current state of weak encryption: “IoT devices are rooted in the physical world while communications happen over a network” (Tahir, 2018, p.5). In 2017, Equifax experienced a security breach that resulted in 145 million people having their Personal Identifiable Information (PII) compromised. This was static information stored in a secure database by one of the three main credit reporting agencies in the U.S. Imagine what would happen should an institution of students wearing IoT devices were cyber-attacked. This is not just identity theft. Now an attacker has the ability to know when we are not only home, but in our deepest stages of sleep.

What I feel is helpful here is that the researchers create awareness and a need for shrewd discernment prior to engaging in IoT-connected devices. For me, it would be more helpful if they had offered more concrete solutions than their one model, but they do offer a way  to cyber-sanctity with clever and sophisticated layers of encryption.

References

Sandall, B. (2016). Wearable Technology and Schools: Where are We and Where Do We Go From Here? Journal of Curriculum, Teaching, Learning, and Leadership in Education,1(1).

Tahir, H., Tahir, R., & Mcdonald-Maier, K. (2018). On the security of consumer wearable devices in the Internet of Things. Plos One, 13(4). doi:10.1371/journal.pone.0195487.

Leave a Reply

Your email address will not be published. Required fields are marked *