previous approaches, LazyTAP supports both multiple trig-
gers/queries and nondeterministic/randomized behaviors of the
apps. We leverage laziness and proxy objects to develop a
novel architecture for on-demand computation for third-party
JavaScript apps, loading necessary remote data behind the
scenes. This achieves full backward compatibility for app
developers. We formally establish the correctness of LazyTAP
and its minimization properties with respect to both IFTTT
and minTAP. We implement and evaluate LazyTAP on app
benchmarks showing that on average LazyTAP improves min-
imization by 95% over IFTTT and by 38% over minTAP, while
incurring a tolerable performance overhead.
Acknowledgments. Thanks are due to Musard Balliu, Ear-
lence Fernandes, Sandro Stucki, and the anonymous reviewers
for their valuable feedback. This work was partially supported
by the Wallenberg AI, Autonomous Systems and Software
Program (WASP) funded by the Knut and Alice Wallenberg
Foundation, the Swedish Foundation for Strategic Research
(SSF), and the Swedish Research Council (VR).
REFERENCES
[1] M. M. Ahmadpanah, D. Hedin, M. Balliu, L. E. Olsson, and
A. Sabelfeld. SandTrap: Securing JavaScript-driven Trigger-Action
Platforms. In USENIX Security, 2021.
[2] M. M. Ahmadpanah, D. Hedin, and A. Sabelfeld. LazyTAP implemen-
tation and benchmarks. https://www.cse.chalmers.se/research/group/sec
urity/lazytap/, 2023.
[3] M. Alhanahnah, C. Stevens, and H. Bagheri. Scalable analysis of
interaction threats in IoT systems. In ISSTA, 2020.
[4] Amazon. AWS Lambda. https://aws.amazon.com/lambda/, 2023.
[5] N. Anciaux, W. Bezza, B. Nguyen, and M. Vazirgiannis. Minexp-card:
limiting data collection using a smart card. In EDBT, 2013.
[6] N. Anciaux, D. Boutara, B. Nguyen, and M. Vazirgiannis. Limiting data
exposure in multi-label classification processes. Fundam. Informaticae,
2015.
[7] N. Anciaux, B. Nguyen, and M. Vazirgiannis. Limiting data collection
in application forms: A real-case application of a founding privacy
principle. In PST, 2012.
[8] T. Antignac, D. Sands, and G. Schneider. Data minimisation: A
language-based approach. In SEC, 2017.
[9] M. Balliu, I. Bastys, and A. Sabelfeld. Securing IoT Apps. IEEE Security
& Privacy Magazine, 2019.
[10] I. Bastys, M. Balliu, and A. Sabelfeld. If This Then What? Controlling
Flows in IoT Apps. In CCS, 2018.
[11] Z. B. Celik, E. Fernandes, E. Pauley, G. Tan, and P. D. McDaniel.
Program Analysis of Commodity IoT Applications for Security and
Privacy: Challenges and Opportunities. ACM Computing Surveys, 2019.
[12] G. Chen, S. Chen, Y. Xiao, Y. Zhang, Z. Lin, and T. H. Lai. Sgxpectre:
Stealing intel secrets from sgx enclaves via speculative execution. In
EuroS&P, 2019.
[13] X. Chen, X. Zhang, M. Elliot, X. Wang, and F. Wang. Fix the leaking
tap: A survey of trigger-action programming (TAP) security issues,
detection techniques and solutions. Comput. Secur., 2022.
[14] Y. Chen, M. Alhanahnah, A. Sabelfeld, R. Chatterjee, and E. Fernandes.
Practical data access minimization in trigger-action platforms. In
USENIX Security, 2022.
[15] Y. Chen, A. R. Chowdhury, R. Wang, A. Sabelfeld, R. Chatterjee, and
E. Fernandes. Data Privacy in Trigger-Action Systems. In S&P, 2021.
[16] Y.-H. Chiang, H.-C. Hsiao, C.-M. Yu, and T. H.-J. Kim. On the Privacy
Risks of Compromised Trigger-Action Platforms. In L. Chen, N. Li,
K. Liang, and S. Schneider, editors, ESORICS, 2020.
[17] C. Cobb, M. Surbatovich, A. Kawakami, M. Sharif, L. Bauer, A. Das,
and L. Jia. How risky are real users’ IFTTT applets? In SOUPS, 2020.
[18] California Privacy Rights Act (CPRA). https://oag.ca.gov/privacy/,
2020.
[19] ECMA-262 6th Edition, The ECMAScript 2015 Language Specification.
https://262.ecma-international.org/6.0, 2023.
[20] E. Fernandes, A. Rahmati, J. Jung, and A. Prakash. Decentralized action
integrity for trigger-action iot platforms. In NDSS, 2018.
[21] General Data Protection Regulation (GDPR). Art. 5 Principles relating
to processing of personal data. https://gdpr-info.eu/art-5-gdpr/, 2018.
[22] GoogleCalendar. Search events of a calendar. https://ifttt.com/google_c
alendar/queries/search_events, 2023.
[23] GoogleTasks. List all tasks in a list. https://ifttt.com/google_tasks/que
ries/list_all_tasks, 2023.
[24] Daily Fitbit activity summary emailed to me. https://ifttt.com/applets/
rPh7NHe6, 2023.
[25] Email a message to a Slack channel. https://ifttt.com/applets/EJVR4sz8,
2023.
[26] Example applets using queries and filter code. https://help.ifttt.com/hc/
en-us/articles/360053657913-Example-Applets-using-queries-and-filte
r-code, 2023.
[27] IFTTT. Explore Applets. https://ifttt.com/explore/applets, 2023.
[28] Get a daily recap on Slack of all my Google Tasks due today. https:
//ifttt.com/applets/YG5HSLvK, 2023.
[29] Get a morning reminder about your first meeting daily. https://ifttt.co
m/connections/WHQ7AjWP, 2023.
[30] Get a notification when the ISS passes over your house but only if it is
clear skies and after dark. https://ifttt.com/applets/VDdNBmiE, 2023.
[31] Get Slack notifications for new calendar events without an agenda. https:
//ifttt.com/applets/xvyUBQsh, 2023.
[32] IFTTT. IFTTT: Creating Applets. https://platform.ifttt.com/docs/applets,
2023.
[33] IFTTT: If This Then That. https://ifttt.com, 2023.
[34] IFTTT. IFTTT: Service API requirements. https://platform.ifttt.com/d
ocs/api_reference, 2023.
[35] IFTTT. IFTTT’s Glossary: Query. https://platform.ifttt.com/docs/glos
sary}query, 2023.
[36] Plant trees when your car trips have less than ideal fuel economy. https:
//ifttt.com/applets/iqZPNUtR, 2023.
[37] Saturday movie night recommendations with Samsung SmartThings and
Trackt. https://ifttt.com/applets/jUy5if7H, 2023.
[38] IFTTT. The art of the query. https://ifttt.com/developer_blog/the-art-
of-the-query, 2023.
[39] Tweet your most watched movies every week! https://ifttt.com/applets/
AxJSC34d, 2023.
[40] Weekly date night email. https://ifttt.com/applets/MRm9VBxG, 2023.
[41] S. Kalantari, D. Hughes, and B. De Deckerd. Listing the ingredients for
ifttt recipes. In TrustCom, 2022.
[42] X. Mi, F. Qian, Y. Zhang, and X. Wang. An empirical characterization
of ifttt: ecosystem, usage, and performance. In Internet Measurement,
2017.
[43] Microsoft Power Automate. https://powerautomate.microsoft.com,
2023.
[44] K. Murdock, D. Oswald, F. D. Garcia, J. Van Bulck, D. Gruss, and
F. Piessens. Plundervolt: Software-based Fault Injection Attacks against
Intel SGX. In S&P, 2020.
[45] A. Pfitzmann and M. Hansen. A terminology for talking about privacy
by data minimization: Anonymity, unlinkability, undetectability, unob-
servability, pseudonymity, and identity management. https://dud.inf.tu
-dresden.de/literatur/Anon_Terminology_v0.34.pdf, 2010.
[46] S. Pinisetty, T. Antignac, D. Sands, and G. Schneider. Monitoring data
minimisation. CoRR, abs/1801.02484, 2018.
[47] S. Schoettler, A. Thompson, R. Gopalakrishna, and T. Gupta. Walnut: A
low-trust trigger-action platform. https://arxiv.org/pdf/2009.12447.pdf,
2020.
[48] M. Surbatovich, J. Aljuraidan, L. Bauer, A. Das, and L. Jia. Some
recipes can do more than spoil your appetite: Analyzing the security
and privacy risks of IFTTT recipes. In WWW, 2017.
[49] Trakt. List my most watched movies. https://ifttt.com/trakt/queries/mo
st_watched_movies, 2023.
[50] J. Van Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens,
M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx. Foreshadow:
Extracting the keys to the Intel SGX kingdom with transient out-of-order
execution. In USENIX, 2018.
[51] Q. Wang, P. Datta, W. Yang, S. Liu, A. Bates, and C. A. Gunter. Charting
the attack surface of trigger-action IoT platforms. In CCS, 2019.
[52] WeatherUnderground. Get the current weather. https://ifttt.com/weathe
r/queries/current_weather, 2023.
3048