Extricating IoT Devices from Vendor Infrastructure with Karl

Most consumer IoT devices are vertically integrated with cloud-side infrastructure. Such architectures present enormous risk to user data, exacerbated by vendor heterogeneity and the inability for users to audit cloud-side activity. A more promising approach would be to leverage local hardware, providing users control over how their data is processed and why it can be shared with other devices or the Internet. Karl is a new smart-home framework designed to host IoT computation and storage on user-chosen devices. A key insight in Karl's modular programming model is that a familiar interface (inspired by serverless) can capture most modern cloud-side IoT components under a single framework, which executes modules agnostic of hardware location. While local hosting eliminates many flows, modularity enables all remaining flows to be justified using fine-grained primitives. We introduce two IoT security mechanisms: pipeline permissions that permit device data to be shared given some justification and exit policies that block flows unless specific conditions are met. We evaluate Karl through two end-to-end applications.