SAFEHIVE: Secure Attestation Framework for Embedded and Heterogeneous IoT Devices in Variable Environments
Pages 41 - 50
Abstract
Nowadays smart contexts (such as smart cities/homes, or Industry 4.0) are rapidly gaining popularity. These new paradigms are enabled by the adoption of smart devices, that allow several programmatically driven actions. The Internet of Things (IoT) is the network built by connecting these smart devices. A critical aspect of these devices is their limited hardware support for security functions. This makes protecting IoT devices very challenging, although very important because they implement critical functions, as in Cyber Physical Systems. In this case, the protection of these systems is of paramount importance because their compromise could cause not only digital but also physical damage. Remote Attestation (RA) is a security process that permits a trusted party to remotely verify devices integrity but this becomes challenging for IoT devices due to their hardware constraints. Swarm Attestation (SA) is a generalization of RA to reduce its overhead for IoT environments. In this way, it becomes possible to attest large IoT networks. This paper introduces SAFEHIVE, a new schema for SA to maximize dynamic swarm configuration and management. This schema permits to manage heterogeneous devices in a dynamic scenario, even in the case of great variability.
References
[1]
Moreno Ambrosin, Mauro Conti, Ahmad Ibrahim, Gregory Neven, Ahmad-Reza Sadeghi, and Matthias Schunter. 2016. SANA: Secure and Scalable Aggregate Network Attestation. In 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). ACM, Vienna (Austria), 731--742. https://doi.org/10.1145/2976749.2978335
[2]
Moreno Ambrosin, Mauro Conti, Riccardo Lazzeretti, Md Masoom Rabbani, and Silvio Ranise. 2017. Toward secure and efficient attestation for highly dynamic swarms: poster. In 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM, Boston (MA, USA), 281--282. https://doi.org/10.1145/3098243.3106026
[3]
Moreno Ambrosin, Mauro Conti, Riccardo Lazzeretti, Md Masoom Rabbani, and Silvio Ranise. 2018. PADS: Practical Attestation for Highly Dynamic Swarm Topologies. In 2018 International Workshop on Secure Internet of Things (SIoT). IEEE, Barcelona (Spain), 18--27. https://doi.org/10.1109/SIoT.2018.00009
[4]
Mahmoud Ammar, Mahdi Washha, and Bruno Crispo. 2018. WISE: Lightweight Intelligent Swarm Attestation Scheme for IoT (The Verifier's Perspective). In 2018 14th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). IEEE, Limassol (Cyprus), 1--8. https://doi.org/10.1109/WiMOB.2018.8589107
[5]
N. Asokan, Ferdinand Brasser, Ahmad Ibrahim, Ahmad-Reza Sadeghi, Matthias Schunter, Gene Tsudik, and Christian Wachsmann. 2015. SEDA: Scalable Embedded Device Attestation. In 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, Denver (CO, USA), 964--975. https://doi.org/10.1145/2810103.2813670
[6]
Luigi Atzori, Antonio Iera, and Giacomo Morabito. 2010. The Internet of Things: A survey. Computer Networks, Vol. 54, 15 (June 2010), 2787--2805. https://doi.org/10.1016/j.comnet.2010.05.010
[7]
Alexander Sprogø Banks, Marek Kisiel, and Philip Korsholm. 2021. Remote Attestation: A Literature Review. CoRR, Vol. abs/2105.02466 (May 2021), bibinfonumpages34 pages. https://doi.org/10.48550/arXiv.2105.02466
[8]
Michael Bartock, Murugiah Souppaya, Ryan Savino, Tim Knoll, Uttam Shetty, Mourad Cherfaoui, Raghu Yeluri, Akash Malhotra, Don Banks, Michael Jordan, Dimitrios Pendarakis, J. R. Rao, Peter Romness, and Karen Scarfone. 2022. Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases. https://doi.org/10.6028/NIST.IR.8320
[9]
George Coker, Joshua Guttman, Peter Loscocco, Amy Herzog, Jonathan Millen, Brian O'Hanlon, John Ramsdell, Ariel Segall, Justin Sheehy, and Brian Sniffen. 2011. Principles of remote attestation. International Journal of Information Security, Vol. 10, 2 (01 June 2011), 63--81. https://doi.org/10.1007/s10207-011-0124--7
[10]
Victor Costan and Srinivas Devadas. 2016. Intel SGX explained. https://eprint.iacr.org/2016/086.pdf
[11]
Karim Eldefrawy, Aurélien Francillon, Daniele Perito, and Gene Tsudik. 2012. SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust. In Network and Distributed System Security Symposium. San Diego (CA, USA), 462--473.
[12]
Karim Eldefrawy, Norrathep Rattanavipanon, and Gene Tsudik. 2017. HYDRA: Hybrid Design for Remote Attestation (Using a Formally Verified Microkernel). In 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '17). ACM, Boston (MA, USA), 99--110. https://doi.org/10.1145/3098243.3098261
[13]
Bei Gong, Yu Zhang, and Yubo Wang. 2018. A remote attestation mechanism for the sensing layer nodes of the Internet of Things. Future Generation Computer Systems, Vol. 78 (2018), 867--886. https://doi.org/10.1016/j.future.2017.07.034
[14]
Patrick Koeberl, Steffen Schulz, Ahmad-Reza Sadeghi, and Vijay Varadharajan. 2014. TrustLite: a security architecture for tiny embedded devices. In EuroSys '14: Ninth European Conference on Computer Systems. ACM, Amsterdam (The Netherlands), bibinfonumpages14 pages. https://doi.org/10.1145/2592798.2592824
[15]
Florian Kohnh"auser, Niklas Büscher, and Stefan Katzenbeisser. 2018. SALAD: Secure and Lightweight Attestation of Highly Dynamic and Disruptive Networks. In 2018 Asia Conference on Computer and Communications Security. Association for Computing Machinery, Incheon (Korea), 329--342. https://doi.org/10.1145/3196494.3196544
[16]
Boyu Kuang, Anmin Fu, Shui Yu, Guomin Yang, Mang Su, and Yuqing Zhang. 2019. ESDRA: An Efficient and Secure Distributed Remote Attestation Scheme for IoT Swarms. IEEE Internet of Things Journal, Vol. 6, 5 (May 2019), 8372--8383. https://doi.org/10.1109/JIOT.2019.2917223
[17]
Cong Nie. 2007. Dynamic root of trust in trusted computing. TKK T1105290 Seminar on Network Security. https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=a446b7b281c55d4e94bb79c034cf3f2d86bd3267
[18]
Daniele Perito and Gene Tsudik. 2010. Secure code update for embedded devices via proofs of secure erasure. In 15th European Conference on Research in Computer Security. Springer Berlin Heidelberg, Athens (Greece), 643--662. https://doi.org/10.1007/978--3--642--15497--3_39
[19]
Sandro Pinto and Nuno Santos. 2019. Demystifying ARM TrustZone: A Comprehensive Survey. ACM Comput. Surv., Vol. 51, 6, Article 130 (Jan. 2019), bibinfonumpages36 pages. https://doi.org/10.1145/3291047
[20]
Mohamed Sabt, Mohammed Achemlal, and Abdelmadjid Bouabdallah. 2015. Trusted Execution Environment: What It is, and What It is Not. In IEEE Trustcom/BigDataSE/ISPA, Vol. 1. IEEE, Helsinki (Finland), 57--64. https://doi.org/10.1109/Trustcom.2015.357
[21]
Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla. 2005. Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems. In 20th ACM Symposium on Operating Systems Principles (SOSP '05). ACM, Brighton (UK), 1--16. https://doi.org/10.1145/1095810.1095812
[22]
Arvind Seshadri, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla. 2004. SWATT: softWare-based attestation for embedded devices. In IEEE Symposium on Security and Privacy, 2004. IEEE, Oakland (CA, USA), 272--282. https://doi.org/10.1109/SECPRI.2004.1301329
[23]
Hailun Tan, Gene Tsudik, and Sanjay Jha. 2017. MTRA: Multiple-tier remote attestation in IoT networks. In 2017 IEEE Conference on Communications and Network Security (CNS). IEEE, Austin (TX, USA), 1--9. https://doi.org/10.1109/CNS.2017.8228638
[24]
TCG. 2014. Trusted Computing Group Protection Profile PC Client Specific Trusted Platform Module TPM Family 1.2. https://www.commoncriteriaportal.org/files/ppfiles/pp0030b.pdf
[25]
Allan Tomlinson. 2017. Introduction to the TPM. Springer International Publishing, Cham, 173--191. https://doi.org/10.1007/978--3--319--50500--8_7
[26]
Shiyong Wang, Jiafu Wan, Daqiang Zhang, Di Li, and Chunhua Zhang. 2016. Towards Smart Factory for Industry 4.0: A Self-organized Multi-agent System with Big Data Based Feedback and Coordination. Computer Networks, Vol. 101 (June 2016), 158--168. https://doi.org/10.1016/j.comnet.2015.12.017
[27]
Wenjuan Xu, Xinwen Zhang, Hongxin Hu, Gail-Joon Ahn, and Jean-Pierre Seifert. 2011. Remote Attestation with Domain-Based Integrity Model and Policy Analysis. IEEE Transactions on Dependable and Secure Computing, Vol. 9, 3 (Dec. 2011), 429--442. https://doi.org/10.1109/TDSC.2011.61
Index Terms
- SAFEHIVE: Secure Attestation Framework for Embedded and Heterogeneous IoT Devices in Variable Environments
Recommendations
Lightweight Swarm Attestation: A Tale of Two LISA-s
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications SecurityIn the last decade, Remote Attestation (RA) emerged as a distinct security service for detecting attacks on embedded devices, cyber-physical systems (CPS) and Internet of Things (IoT) devices. RA involves verification of current internal state of an ...
WISE: A Lightweight Intelligent Swarm Attestation Scheme for the Internet of Things
The Internet of Things (IoT) is shaped by increasing number of low-cost Internet-connected embedded devices that are becoming ubiquitous in every aspect of modern life, including safety- and privacy-critical application scenarios. Such devices offer ...
HAGAR: Hashgraph-based Aggregated Communication and Remote Attestation
CF '24 Companion: Proceedings of the 21st ACM International Conference on Computing Frontiers: Workshops and Special SessionsOver the past decade, an exponential rise in the deployment of Internet-of-Things (IoT) devices engulfed our surroundings. IoT devices have spread into domains like personal smart devices, industrial applications, military applications, and medical ...
Comments
Information & Contributors
Information
Published In
June 2024
97 pages
ISBN:9798400705557
DOI:10.1145/3643650
- Program Chairs:
- Maanak Gupta,
- Mahmoud Abdelsalam,
- Mir Pritom,
- Feras Awaysheh
Copyright © 2024 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 19 June 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
CODASPY '24
Sponsor:
CODASPY '24: Fourteenth ACM Conference on Data and Application Security and Privacy
June 21, 2024
Porto, Portugal
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 66Total Downloads
- Downloads (Last 12 months)66
- Downloads (Last 6 weeks)31
Reflects downloads up to 04 Oct 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in