Sensing instrumentation using smartphones: Securing impact and awareness

As the Internet of Things (IoT) continues to proliferate though the field of instrumentation and measurement, there are many issues to address: one being security. The very technologies that are utilized by advanced IoT algorithms can also be compromised and provide access to a user's smart phone sensors. In this paper, algorithms that activate sensing instrumentation in conjunction with Near-Field Communication (NFC), Quick Response (QR) codes, and HTML 5 scripting on smartphones are presented, and examined from a security perspective in terms of vectors that could result in unwanted access of sensor data, and the algorithms to derive these parameters. The IoT proliferation issue of security is addressed in this paper by examining sensor data access. With no user prompt at all, accelerometer and gyroscope data can be extracted, and from this, the user's speed and position changes can be extracted. Motion data then can be accessed with nothing other than activation using the tap of an NFC card, QR code scanned, or URL entered. With a tap and a single user acknowledgment, images can be captured or locations can be shared. New instrumentation and measurement techniques and IoT proliferation opens up many new opportunities, but regular security awareness is necessary for steps to increase protection from unwanted sensor data leakage. When designing an IoT instrumentation system, it is important to consider user security awareness, training, and overall situational awareness.