distributed attestation for device swarms in iots under
play

Distributed Attestation for Device Swarms in IoTs Under the Guidance - PowerPoint PPT Presentation

Jan 13, 2024 •343 likes •601 views

Distributed Attestation for Device Swarms in IoTs Under the Guidance of Prof. Vinay Ribeiro and Prof. Kolin Paul Samuel Wedaj(2014CSZ8390) Background: 2 The term Internet of things was first coined in 1999 A hybrid network of

  1. Distributed Attestation for Device Swarms in IoTs Under the Guidance of Prof. Vinay Ribeiro and Prof. Kolin Paul Samuel Wedaj(2014CSZ8390)

  2. Background: 2  The term “Internet of things” was first coined in 1999  A hybrid network of the Internet and resource- constrained networks Adapted from: Website. http://slideplayer.com/slide/4680231/ Distributed Attestation for IoTs

  3. Background: 3  IoT devices connected to our day to day lives  Connected devices  2012: 9 billion  2020: 24 billion  Nature of the devices  Application domain  aeronautics, space, rail, electronic transaction systems , health, military … Distributed Attestation for IoTs

  4. Background: 4  security, life and privacy critical data  ultimate target of attackers Distributed Attestation for IoTs

  5. Attestation 5  Verifying correct and safe operation Distributed Attestation for IoTs

  6. 6 Smart interconnected devices operate in swarms: large, dynamic, and self-organizing networks  Challenges  Device nature  Number of devices to be attested  What to verify? Distributed Attestation for IoTs

  7. Challenges with number of devices to be attested Issues in previous works Single prover approach  Y. Li et al. [2010] (Software-based attestation for peripherals. In International Conference on Trust and Trustworthy Computing, pages 16{29. Springer,2010.)  Firmware of peripheral devices  A . Francillon et al. [2014] (. A minimalist approach to remote attestation. In Proceedings of the conference on Design, Automation & Test in Europe, page 244. European Design and Automation Association, 2014. )  Minimalistic approach based on desired service checking  T. Rauter et al. [31-2015] (Privilege-based remote attestation: Towards integrity assurance for lightweight clients. In Proceedings of the 1st ACM Work- shop on IoT Privacy, Trust, and Security, pages 3{9. ACM, 2015)  Light weight solution based on privilege checking Issue :  scalability and efficiency 7 Distributed Attestation for IoTs

  8. Swarm attestation (Contd..)  N. Asokan et al. [2015 ] -SEDA 8 Verifier attdev attest V D 2 D 2 D 8 D 6 D 8 D 6 D 1 D 8 D 1 D 8 D 8 D 8 D 3 D 2 D 8 D 5 D 8 D 3 D 5 D 8 Swarm D 4 D 7 D 4 D 8 D 8 D 8 D 7 D 8 D 2 Communication link Attestation request Attestation response Distributed Attestation for IoTs

  9. Swarm attestation (Contd..)  N. Asokan et al. [4-2015 ] -SEDA 9 Distributed Attestation for IoTs

  10. Proposal Overview 10 Distributed Attestation for IoTs

  11. Swarm Attestation 11  A swarm S is a set of s devices with possibly different hardware and software configurations Attestation Properties:  resilient  Be more efficient  Not require VRF to know the detailed configuration of S  Support multiple attestation protocol instances.  Be independent of the underlying integrity measurement Distributed Attestation for IoTs

  12. Swarm Attestation 12 Device Requirements: (SMART/TrustLite)  Integrity measurement :  It must be infeasible for ADV to tamper with the mechanism that attests integrity of D’s software.  Integrity reporting :  It must be infeasible for ADV to forge the integrity measurement report sent from D to VRF.  Secure storage :  It must be infeasible for ADV to access any cryptographic secret(s) used by D as part of attestation Distributed Attestation for IoTs

  13. Swarm Attestation 13 Assumptions  each D in S satisfies minimal requirements for secure remote attestation  D can communicate with all its neighboring devices in S, and that the network is connected  cryptographic primitives and their implementations are secure  OP is trusted  swarm topology remains static for the duration of a given attestation protocol instance Distributed Attestation for IoTs

  14. PROTOCOL DESCRIPTION 14 Offline Phase - Initialization Training - Registration Online Phase - Attestation Distributed Attestation for IoTs

  15. Protocol Overview Distributed attestation 15 Distributed Attestation for IoTs

  16. Protocol Overview (Contd …) 16 Distributed attestation Initialization Each Device, D i , is initialized with the following parameters  Software configuration C i : hash digest of SW of D i  Code certificate Cert(C i )  Identity certificate Cert(pK i ); where K i is device identity given by manufacturer  Pair of signing Key (sK i , pK i )  Public key of Operator/Central Verifier, for verifying cert(c) and cert (pK)  System parameters, p and q  For shared key calculation (all devices in the swarm can have same value) Distributed Attestation for IoTs

  17. Protocol Overview (Contd …) 17 Distributed attestation Registration  E sends join request  Devices check certificates  If valid  Exchange parent information  shared key ( K EB ) established  If not valid  Reject join Distributed Attestation for IoTs

  18. Protocol Overview (Contd …) 18 Distributed attestation Attestation  Verifier sends, Nonce and session id  Prover sends back mac digest  Attested node becomes verifier and thus run attest  Up on node compromise  broadcast error message  Restructure network through join Distributed Attestation for IoTs

  19. Results 19 Preliminary Results:  Simulation Environment and assumptions used  OMNeT++ simulation environment  Measured run time performances  values of TrustLite[3] implementation used as delays in our simulation  end-to-end delay  average in ZigBee sensor networks[39]. Low-power, low-cost, low-complexity networking for the Internet  of Things Distributed Attestation for IoTs

  20.  Preliminary Results 20 Run-time Performance Distributed Attestation for IoTs

  21. Preliminary Results (Contd …) 21 Run-time Performance Distributed Attestation for IoTs

  22. Proposal Overview 22 Run-time Performance Distributed Attestation for IoTs

  23. PERFORMANCE EVALUATION 23 Computation cost  Dominating component is cryptographic operations Communication cost Memory cost  Each Di must store at least: q, signing key pair ( sk; pk ), its identity certificate cert( pk ), code certificate cert(c), the set of attestation keys K shared with its neighbors and identification for their parent nodes  TI MSP430  provide at least 1024 bytes of non-volatile Flash Energy costs Distributed Attestation for IoTs

  24. Advantages 24  no single-point of failure;  assures systems resilience  well suited to inherent properties of device swarms  no prior information regarding total number of devices in the swarm is required. Distributed Attestation for IoTs

  25. References: 25 [1]. N. Asokan, F. Brasser, A. Ibrahim, A.-R. Sadeghi, M. Schunter, G. Tsudik, and C. Wachsmann. Seda: Scalable embedded device attestation. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 964{975. ACM, 2015. [2]. K. Eldefrawy, G. Tsudik, A. Francillon, and D. Perito. SMART: Secure and minimal architecture for (establishing a dynamic) root of trust. In Network and Distributed System Security Symposium, 2012. [3]. P. Koeberl, S. Schulz, A.-R. Sadeghi, and V. Varadharajan. TrustLite: A security architecture for tiny embedded devices. In European Conference on Computer Systems, Distributed Attestation for IoTs 2014.

Recommend

Attestation (RATS/EAT) Overview Laurence Lundblade February 2020 Entity Attestation Good

Attestation (RATS/EAT) Overview Laurence Lundblade February 2020 Entity Attestation Good

Attestation (RATS/EAT) Overview Laurence Lundblade February 2020 Entity Attestation Good Devices Token Chip & device manufacturer Banking risk engine IoT backend Device ID (e.g. serial number) Boot state, debug state

956 views • 34 slides
Securing Industrial IoT Device Attestation, Software Updates, and Data Protection Mauro Conti ,

Securing Industrial IoT Device Attestation, Software Updates, and Data Protection Mauro Conti ,

Securing Industrial IoT Device Attestation, Software Updates, and Data Protection Mauro Conti , University of Padua Slides prepared with the support of Daniele Lain and Moreno Ambrosin SCy-Phy Systems Week 2017 Panel IV: Defences June 6, 2017,

794 views • 25 slides
BEHAVIORAL HEALTH AGENCY (BHA)- LICENSING, ATTESTATION, AND DEEMING Attestation for Substance

BEHAVIORAL HEALTH AGENCY (BHA)- LICENSING, ATTESTATION, AND DEEMING Attestation for Substance

BEHAVIORAL HEALTH AGENCY (BHA)- LICENSING, ATTESTATION, AND DEEMING Attestation for Substance Use Disorder (SUD) Services DOH agrees that an attestation process for SUD services should be an option The attestation process for SUD

474 views • 8 slides
(In)Security of IoT Pascal Lafourcade Chaire de Confiance Num erique 15th March 2016 1 / 19

(In)Security of IoT Pascal Lafourcade Chaire de Confiance Num erique 15th March 2016 1 / 19

IoTs and Security (In)Security of IoT Pascal Lafourcade Chaire de Confiance Num erique 15th March 2016 1 / 19 IoTs and Security Internet of Thing (IoT) 2 / 19 IoTs and Security Increasing Succes of IoT 3 / 19 IoTs and Security

807 views • 43 slides
PSA APIs An overview Attestation API 1.0.1 we are in the process of dropping a new

PSA APIs An overview Attestation API 1.0.1 we are in the process of dropping a new

PSA APIs An overview Attestation API 1.0.1 we are in the process of dropping a new release which allows signing using symmetric attestation keys (using COSE Mac0) Fully documented in ARM IHI 0085 TF-M master is slightly behind the

542 views • 17 slides
Distributed Test Manager (DTM) Simulate distributed systems Device Communications and Data

Distributed Test Manager (DTM) Simulate distributed systems Device Communications and Data

Distributed Test Manager (DTM) Simulate distributed systems Device Communications and Data Models IEC 61850, DNP3, IEC 60870-5, and Modbus Communication Protocols DTManager coordinates multiple DTHost instances across a network

198 views • 4 slides
What are IoTs? 2 More Than The Sum Of Its Things SEC 20 What are IoT Middlewares? 3 More

What are IoTs? 2 More Than The Sum Of Its Things SEC 20 What are IoT Middlewares? 3 More

More Than The Sum Of Its Things SEC 20 What are IoTs? 2 More Than The Sum Of Its Things SEC 20 What are IoT Middlewares? 3 More Than The Sum Of Its Things SEC 20 IoT Middleware M Abdur Razzaque, M Milojevic-Jevric, A. Palade and

602 views • 32 slides
BYOD Revisited: BUILD Your Own Device Ron Munitz The PSCG about://Ron_Munitz Distributed

BYOD Revisited: BUILD Your Own Device Ron Munitz The PSCG about://Ron_Munitz Distributed

BYOD Revisited: BUILD Your Own Device Ron Munitz The PSCG about://Ron_Munitz Distributed Fault Tolerant Avionic Systems Linux, VxWorks, very esoteric libraries, 0s and 1s Highly distributed video routers Linux Real

617 views • 49 slides
Computations by Luminous Robots Giuseppe Prencipe Universit di Pisa Swarms of robots Many

Computations by Luminous Robots Giuseppe Prencipe Universit di Pisa Swarms of robots Many

Computations by Luminous Robots Giuseppe Prencipe Universit di Pisa Swarms of robots Many Very Simple Generic Identical Autonomous Silent 21st Oct, 2015 MAC 2015 Swarms of robots A robot - alone - is computationally weak

794 views • 68 slides
Project Overview Device network architecture Decentralized, robust, distributed

Project Overview Device network architecture Decentralized, robust, distributed

Project #: 9807-04 Wireless Networks of Devices Hari Balakrishnan and John Guttag Project Overview Device network architecture Decentralized, robust, distributed Resource discovery, mobility Intentional naming system

304 views • 3 slides
PLACETO: LEARNING GENERALIZABLE DEVICE PLACEMENT ALGORITHMS FOR DISTRIBUTED MACHINE LEARNING

PLACETO: LEARNING GENERALIZABLE DEVICE PLACEMENT ALGORITHMS FOR DISTRIBUTED MACHINE LEARNING

PLACETO: LEARNING GENERALIZABLE DEVICE PLACEMENT ALGORITHMS FOR DISTRIBUTED MACHINE LEARNING Ravi vichandra Ad Addanki, , Sh Shaileshh Bo Bojja jja Ve Venkatakrishnan, , Sh Shreyan Gupta, , Ho Hongzi Mao, , Mohammad A Alizadeh

323 views • 15 slides
Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with

Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with

Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with Ernie Brickell, Liqun Chen, Manu Drivers, Anja Lehmann. jca@zurich.ibm.com, @JanCamenisch, ibm.biz/jancamenisch Direct Anonymous Attestation What

655 views • 31 slides
Watching IoTs that watch us Danny Y. Huang Assistant Professor Collaborators: Gunes es Acar,

Watching IoTs that watch us Danny Y. Huang Assistant Professor Collaborators: Gunes es Acar,

Watching IoTs that watch us Danny Y. Huang Assistant Professor Collaborators: Gunes es Acar, Noah Apthorpe, Frank Li Li, Hooman Mohajeri Moghaddam, Arunesh Mathur, Ben Burgess, Prateek Mittal, Arvind Narayanan, Edward Felten, Nick Feamster

582 views • 42 slides
Characterization of BitTorrent Swarms and their Distribution in the Internet Tobias Hofeld ,

Characterization of BitTorrent Swarms and their Distribution in the Internet Tobias Hofeld ,

Institute of Computer Science Chair of Communication Networks Prof. Dr.-Ing. P. Tran-Gia Characterization of BitTorrent Swarms and their Distribution in the Internet Tobias Hofeld , Frank Lehrieder, David Hock, Simon Oechsner University of

416 views • 13 slides
PATR TRIO IOTS TS PO POINT NT Naval & Maritime Museum BOARD OF DIRECTORS Mr. Zeb C.

PATR TRIO IOTS TS PO POINT NT Naval & Maritime Museum BOARD OF DIRECTORS Mr. Zeb C.

PATR TRIO IOTS TS PO POINT NT Naval & Maritime Museum BOARD OF DIRECTORS Mr. Zeb C. Williams, Board Member Mr. Ray Chandler, Chairman South Carolina Legislative Council Chandler and Jennings, LLC Senior Legal Counsel Mr. Wayne

681 views • 37 slides
Joseph'Tan,'PhD' (With'Michael'Dohan,'Lecturer,'Lakehead'U;'

Joseph'Tan,'PhD' (With'Michael'Dohan,'Lecturer,'Lakehead'U;'

Joseph'Tan,'PhD' (With'Michael'Dohan,'Lecturer,'Lakehead'U;' &'Mohamed'Abouzahra,'PhD'Candidate)' Interconnectedness'promotes'a'shared,'distributed'economy,' creaEng'new'business'ideas'&'models:' ' ' The$Internet$of$Things$(IoTs)

342 views • 20 slides
A Minimalist Approach to Remote Attestation Aurlien Francillon Eurecom Quan Nguyen, Kasper B.

A Minimalist Approach to Remote Attestation Aurlien Francillon Eurecom Quan Nguyen, Kasper B.

A Minimalist Approach to Remote Attestation Aurlien Francillon Eurecom Quan Nguyen, Kasper B. Rasmussen, Gene Tsudik UC Irvine Overview Motivation Definition of Remote Attestation From Definition to Properties From Properties

452 views • 17 slides
Nquire ask anything Anis Abboud, Chris Snyder, Mario Finelli Device 1 Device 2 Device 1

Nquire ask anything Anis Abboud, Chris Snyder, Mario Finelli Device 1 Device 2 Device 1

Nquire ask anything Anis Abboud, Chris Snyder, Mario Finelli Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2 Device 1 Device 2

821 views • 49 slides
From robot swarms to ethical robots: the challenges of verification and validation - part 1

From robot swarms to ethical robots: the challenges of verification and validation - part 1

From robot swarms to ethical robots: the challenges of verification and validation - part 1 Swarm Engineering Alan FT Winfield RoboCheck Winter School, Bristol Robotics Laboratories University of York http://www.brl.ac.uk 1 Dec 2015 This

578 views • 43 slides
Hardware and Device Drivers Device virtualization Device drivers and security Bjrn

Hardware and Device Drivers Device virtualization Device drivers and security Bjrn

Outline Faculty of Computer Science Institute for System Architecture, Operating Systems Group What's so different about device drivers? Hardware access Writing device drivers on L4 Reuse of legacy drivers Hardware and Device

619 views • 12 slides
Beyond pheromones: evolving error-tolerant, flexible, and scalable ant-inspired robot swarms

Beyond pheromones: evolving error-tolerant, flexible, and scalable ant-inspired robot swarms

Beyond pheromones: evolving error-tolerant, flexible, and scalable ant-inspired robot swarms Written by Joshua P. Hecker and Melanie E. Moses Presented by Nitin Bhandari, Antonio Griego, Jacob McCullough, and Noah Lewis Topics to be

1.04k views • 38 slides
Automated Iterative Partitioning for Cooperatively Coevolving Particle Swarms in Large Scale

Automated Iterative Partitioning for Cooperatively Coevolving Particle Swarms in Large Scale

CCPSO2 Proposed Approach Experimental Results Conclusion Automated Iterative Partitioning for Cooperatively Coevolving Particle Swarms in Large Scale Optimization Peter Frank Perroni 1 Daniel Weingaertner 1 Myriam Regattieri Delgado 2 1

319 views • 21 slides
-1- 1 CONTENTS 1. INTRODUCTION 2. HISTORY 3. PRODUCTS 4. ATTESTATION 5. CUSTOMERS 6. VISION

-1- 1 CONTENTS 1. INTRODUCTION 2. HISTORY 3. PRODUCTS 4. ATTESTATION 5. CUSTOMERS 6. VISION

-1- 1 CONTENTS 1. INTRODUCTION 2. HISTORY 3. PRODUCTS 4. ATTESTATION 5. CUSTOMERS 6. VISION 7. PICTURES -2- 2 1.INTRODUCE COMPANY NAME : HY ROBOTICS CO., LTD ( SOUTH KOREA ) HYROBOTICS CORP ( USA ) PRESIDENT : KANG, DAE

364 views • 10 slides
7.1 TEMPORARY INSCRIPTION ATTESTATION What is TIA? Controlling TIA: Every foreign vessel under

7.1 TEMPORARY INSCRIPTION ATTESTATION What is TIA? Controlling TIA: Every foreign vessel under

7.1 TEMPORARY INSCRIPTION ATTESTATION What is TIA? Controlling TIA: Every foreign vessel under contract to operate on BJW shall be subscribed on Inspection Management System SISGEVI. Expire Date of the TIA: The expiring date of the TIA

336 views • 17 slides

More recommend