Authors:
Luciano Gonçalves de Carvalho
1
and
Marcelo Medeiros Eler
2
Affiliations:
1
São Paulo State Technological College and University of São Paulo, Brazil
;
2
University of São Paulo, Brazil
Keyword(s):
Smart Toys, Toy Computing, Security, Security Requirements.
Related
Ontology
Subjects/Areas/Topics:
Computer-Supported Education
;
Enterprise Information Systems
;
Information Systems Analysis and Specification
;
Information Technologies Supporting Learning
;
Security
;
Security and Privacy
;
Software Agents and Internet Computing
;
Software Engineering
;
Telecommunications
;
Wireless and Mobile Computing
;
Wireless and Mobile Technologies
;
Wireless Information Networks and Systems
Abstract:
Toys are an essential part of our culture, and they evolve as our technology evolves. Smart toys have been recently introduced in our market as conventional toys equipped with electronic components and sensors that enable wireless network communication with mobile devices that provide services to enhance the toy's functionalities. This environment, also called toy computing, provides users with a more sophisticated and personalised experience since it collects, processes and stores personal information to be used by mobile services and the toy itself. On the other hand, it raises concerns around information security and child safety because unauthorized access to confidential information may bring many consequences. In fact, several security flaws in toy computing have been recently reported in the news due to the absence of clear security policies in this new environment. In this context, this paper presents an analysis of the toy computing environment based on the Microsoft Securit
y Development Lifecycle and its threat modelling tool with the aim of identifying a minimum set of security requirements a smart toy should meet. As result we identified 15 threats and 20 security requirements for toy computing.
(More)