lightweight and flexible trust assessment modules for the
play

Lightweight and Flexible Trust Assessment Modules for the Internet - PowerPoint PPT Presentation

Aug 09, 2023 •125 likes •636 views

empty Lightweight and Flexible Trust Assessment Modules for the Internet of Things Jan Tobias Mhlberg , Job Noorman and Frank Piessens jantobias.muehlberg@cs.kuleuven.be iMinds-DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Belgium

  1. empty Lightweight and Flexible Trust Assessment Modules for the Internet of Things Jan Tobias Mühlberg , Job Noorman and Frank Piessens jantobias.muehlberg@cs.kuleuven.be iMinds-DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Belgium QA&Test @ Bilbao, October 2015 1 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  2. empty COSIC and DistriNet: Who we are. COSIC (Bart Preneel, Ingrid Verbauwhede) • Cryptographic primitives R IJNDAEL (AES), L ANE (SHA-3 candidate) • Secure and compact hardware design SPONGENT (lightweight hash), Side-channel attacks DistriNet (Frank Piessens) • Low-level vulnerabilities and countermeasures Still very relevant in the IoT • Protected module architectures Software isolation with a minimal TCB • Fully abstract/secure compilation Enable security reasoning at high-level languages 2 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  3. empty Lightweight and Flexible Trust Assessment Modules for the Internet of Things Jan Tobias Mühlberg , Job Noorman and Frank Piessens jantobias.muehlberg@cs.kuleuven.be iMinds-DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Belgium QA&Test @ Bilbao, October 2015 3 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  4. empty Motivation: Security of IoT Nodes TI MSP430: designed for low cost and low power consumption • Runs 4.5 years on a single AAA cell and almost 13 years on an AA battery [Sea08] 4 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  5. empty Motivation: Security of IoT Nodes TI MSP430: designed for low cost and low power consumption • Runs 4.5 years on a single AAA cell and almost 13 years on an AA battery [Sea08] Safety and security? • No MMU, no hierarchical protection domains, etc. • Successful attacker has full control over a node: • Modify all code and data • Perform I/O 4 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  6. empty Motivation: Security of IoT Nodes TI MSP430: designed for low cost and low power consumption • Runs 4.5 years on a single AAA cell and almost 13 years on an AA battery [Sea08] Safety and security? • No MMU, no hierarchical protection domains, etc. • Successful attacker has full control over a node: • Modify all code and data • Perform I/O • DoS, forge sensor readings or node identity 4 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  7. empty Motivation: Security of IoT Nodes TI MSP430: designed for low cost and low power consumption • Runs 4.5 years on a single AAA cell and almost 13 years on an AA battery [Sea08] Safety and security? • No MMU, no hierarchical protection domains, etc. • Successful attacker has full control over a node: • Modify all code and data • Perform I/O • DoS, forge sensor readings or node identity • Even without an attacker: bugs and software ageing 4 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  8. empty Motivation: Security of IoT Nodes TI MSP430: designed for low cost and low power consumption • Runs 4.5 years on a single AAA cell and almost 13 years on an AA battery [Sea08] Safety and security? • No MMU, no hierarchical protection domains, etc. • Successful attacker has full control over a node: • Modify all code and data • Perform I/O • DoS, forge sensor readings or node identity • Even without an attacker: bugs and software ageing • Trustworthiness of a node is hard to assess! Testing? Formal verification? Observation? 4 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  9. empty Motivation: Security of IoT Nodes TI MSP430: designed for low cost and low power consumption • Runs 4.5 years on a single AAA cell and almost 13 years on an AA battery [Sea08] Safety and security? • No MMU, no hierarchical protection domains, etc. • Successful attacker has full control over a node: • Modify all code and data • Perform I/O • DoS, forge sensor readings or node identity • Even without an attacker: bugs and software ageing • Trustworthiness of a node is hard to assess! Testing? Formal verification? Observation? • Protected Module Architectures can help (Intel SGX, ARM TrustZone, SMART, TrustLite, Sancus) 4 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  10. empty Motivation: Sancus Sancus [NAD + 13] enables strong isolation, attestation and communication for embedded software components: • Implements Program Counter Based Access Control [SPP10] for Software Modules (SMs) on single-address-space architectures Ip SM protected data section SM text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM SM metadata Protected storage area K N Layout Keys 5 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  11. empty Motivation: Sancus Sancus [NAD + 13] enables strong isolation, attestation and communication for embedded software components: • Implements Program Counter Based Access Control [SPP10] for Software Modules (SMs) on single-address-space architectures Ip Public and protected sections SM protected data section SM text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM SM metadata Protected storage area K N Layout Keys 5 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  12. empty Motivation: Sancus Sancus [NAD + 13] enables strong isolation, attestation and communication for embedded software components: • Implements Program Counter Based Access Control [SPP10] for Software Modules (SMs) on single-address-space architectures Ip Module layout SM protected data section SM text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM SM metadata Protected storage area K N Layout Keys 5 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  13. empty Motivation: Sancus Sancus [NAD + 13] enables strong isolation, attestation and communication for embedded software components: • Implements Program Counter Based Access Control [SPP10] for Software Modules (SMs) on single-address-space architectures Ip Module identity SM protected data section SM text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM SM metadata Protected storage area K N Layout Keys 5 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  14. empty Motivation: Sancus Sancus [NAD + 13] enables strong isolation, attestation and communication for embedded software components: • Implements Program Counter Based Access Control [SPP10] for Software Modules (SMs) on single-address-space architectures Ip Module entry point SM protected data section SM text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM SM metadata Protected storage area K N Layout Keys 5 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  15. empty Motivation: Sancus Sancus [NAD + 13] enables strong isolation, attestation and communication for embedded software components: • Implements Program Counter Based Access Control [SPP10] for Software Modules (SMs) on single-address-space architectures Ip Module keys SM protected data section SM text section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data K N , SP , SM SM metadata Protected storage area K N Layout Keys 5 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  16. empty Motivation: Sancus Sancus [NAD + 13] enables strong isolation, attestation and communication for embedded software components: • Implements Program Counter Based Access Control [SPP10] for Software Modules (SMs) on single-address-space architectures • Provides efficient cryptographic primitives and key handling • Reference implementation based on the openMSP430 6 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  17. empty Motivation: Sancus Sancus [NAD + 13] enables strong isolation, attestation and communication for embedded software components: • Implements Program Counter Based Access Control [SPP10] for Software Modules (SMs) on single-address-space architectures • Provides efficient cryptographic primitives and key handling • Reference implementation based on the openMSP430 Some drawbacks: • Isolation vs. shared memory communication [BNMP15] • Re-implementing an existing set of applications as SMs is often not straight-forward 6 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  18. empty Motivation: Sancus Sancus [NAD + 13] enables strong isolation, attestation and communication for embedded software components: • Implements Program Counter Based Access Control [SPP10] for Software Modules (SMs) on single-address-space architectures • Provides efficient cryptographic primitives and key handling • Reference implementation based on the openMSP430 Some drawbacks: • Isolation vs. shared memory communication [BNMP15] • Re-implementing an existing set of applications as SMs is often not straight-forward Can we use Sancus SMs to implement light-weight and secure inspection components that integrate seamlessly with existing deployment scenarios? 6 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

  19. empty Trust Assessment Modules Idea • Securely deploy a protected inspection module to assess the state of an IoT node 7 /24 Jan Tobias Mühlberg Trust Assessment Modules for the IoT

Recommend

The Beneficiary Flexible Trust Tulsa Estate Planning Forum November 11, 2014 Roadmap

The Beneficiary Flexible Trust Tulsa Estate Planning Forum November 11, 2014 Roadmap

The Beneficiary Flexible Trust Tulsa Estate Planning Forum November 11, 2014 Roadmap Situations in which a Beneficiary Flexible Trust Makes Sense Goals and Attributes vs. Inherent Limitations Beneficiary Flexible Trust Agreement

622 views • 31 slides
Contiki: A Lightweight and Flexible Operating System for Tiny Networked Sensors Protothreads:

Contiki: A Lightweight and Flexible Operating System for Tiny Networked Sensors Protothreads:

Contiki: A Lightweight and Flexible Operating System for Tiny Networked Sensors Protothreads: Simplifying Event-Driven Programming of Memory-Constrained Embedded Systems SensorWare Fibers Mantis Exokernel Nemesis Contiki Open source

432 views • 10 slides
Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1. About Think Lightweight 2. What are Lightweight Structures? 3. Industry Applications 4. Product Line Review 5. Think Lightweight Component

832 views • 43 slides
Smooth and Flexible ERP Migration between Heterogeneous ERP Systems/ERP Modules Lars Frank

Smooth and Flexible ERP Migration between Heterogeneous ERP Systems/ERP Modules Lars Frank

Smooth and Flexible ERP Migration between Heterogeneous ERP Systems/ERP Modules Lars Frank Copenhagen Business School The two types of ACID properties: 1. Traditional ACID properties may be viewed as a DBMS guarantee to users that they are

475 views • 18 slides
THE BASICS IN ACTION UBC DIETETICS PROGRAM Module 2 of 2 SCOPE OF THESE MODULES Modules 1 &

THE BASICS IN ACTION UBC DIETETICS PROGRAM Module 2 of 2 SCOPE OF THESE MODULES Modules 1 &

HOME TUBE FEEDING THE BASICS IN ACTION UBC DIETETICS PROGRAM Module 2 of 2 SCOPE OF THESE MODULES Modules 1 & 2 address the following Nutrition Care Process steps Intervention Monitoring and Evaluation Assessment and Diagnosis are

492 views • 18 slides
TPM Meets DRE: Reducing the Trust Base for Electronic Voting Using Trusted Platform Modules

TPM Meets DRE: Reducing the Trust Base for Electronic Voting Using Trusted Platform Modules

TPM Meets DRE: Reducing the Trust Base for Electronic Voting Using Trusted Platform Modules Russell A. Fink, Alan T. Sherman, and Richard Carback Direct Recording Electronic (DRE) Higher usability compared to paper ballot Multi-language

299 views • 15 slides
Rapid Prototyping of Wireless Physical Layer Modules Using Flexible Software/Hardware Design Flow

Rapid Prototyping of Wireless Physical Layer Modules Using Flexible Software/Hardware Design Flow

Rapid Prototyping of Wireless Physical Layer Modules Using Flexible Software/Hardware Design Flow James Chacko jjc652@drexel.edu Cem Sahin cs486@drexel.edu Doug Pfeil dsp36@drexel.edu wireless.ece.drexel.edu Dr. Nagarajan Kandasamy

468 views • 26 slides
HOME TUBE FEEDING BASICS UBC DIETETICS PROGRAM Module 1 of 2 SCOPE OF THESE MODULES Modules 1

HOME TUBE FEEDING BASICS UBC DIETETICS PROGRAM Module 1 of 2 SCOPE OF THESE MODULES Modules 1

HOME TUBE FEEDING BASICS UBC DIETETICS PROGRAM Module 1 of 2 SCOPE OF THESE MODULES Modules 1 & 2 address the following Nutrition Care Process steps Intervention Monitoring and Evaluation Assessment and Diagnosis are not explicitly

586 views • 34 slides
Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005

Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005

Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 Prototyping a Lightweight Trust Architecture to Fight Phishing David Chau 6 October 2005 6.UAP LTA Presentation Thanks to my collaborators Ben

421 views • 24 slides
Lightweight Software Process Assessment and Improvement Tom Feliz tom.feliz@tektronix.com

Lightweight Software Process Assessment and Improvement Tom Feliz tom.feliz@tektronix.com

11/15/2012 Lightweight Software Process Assessment and Improvement Tom Feliz tom.feliz@tektronix.com Author Biography Tom Feliz is a Senior Software Design Engineer and Software Quality Lead at Tektronix. He has been engineering software

363 views • 12 slides
The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will revolutionise the international high-rise construction industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight

417 views • 12 slides
Social Impact Assessment Preserving trust in the Internet of Things Lilian Edwards, Derek

Social Impact Assessment Preserving trust in the Internet of Things Lilian Edwards, Derek

From Privacy Impact Assessment to Social Impact Assessment Preserving trust in the Internet of Things Lilian Edwards, Derek McAuley, and Laurence Diver Universities of Strathclyde, Nottingham, and Edinburgh The problem space : trust in the IoT

367 views • 5 slides
The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept will revolutionise the aviation industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight applications Patent Applied For

479 views • 12 slides
Inkjet-/ 3D-/4D-Printed Wireless Ultrabroadband Modules for IoT, SmartAg and Smart City

Inkjet-/ 3D-/4D-Printed Wireless Ultrabroadband Modules for IoT, SmartAg and Smart City

Inkjet-/ 3D-/4D-Printed Wireless Ultrabroadband Modules for IoT, SmartAg and Smart City Applications Manos M. Tentzeris Ken Byers Professor in Flexible Electronics School of Electrical and Computer Engineering, Georgia Institute of Technology,

380 views • 36 slides
GraphHopper Route Optimization Stefan Schrder What is GraphHopper? Fast and Flexible

GraphHopper Route Optimization Stefan Schrder What is GraphHopper? Fast and Flexible

GraphHopper Route Optimization Stefan Schrder What is GraphHopper? Fast and Flexible Directions API Lightweight API to solve heavy routing problems Brief history 04/2012 Peter Karich published OS GraphHopper routing based on

478 views • 26 slides
The Illusion of Method: Challenges of Model-Based Safety Assessment Oleg Lisagor Linling Sun

The Illusion of Method: Challenges of Model-Based Safety Assessment Oleg Lisagor Linling Sun

The Illusion of Method: Challenges of Model-Based Safety Assessment Oleg Lisagor Linling Sun Tim Kelly Overview Why do we trust safety assessment? Why do we trust FTA? Can we trust current MBSA techniques on the same basis? What do we need

196 views • 18 slides
New Lightweight DES Variants Suited for RFID Applications G. Leander, C. Paar, A. Poschmann, K.

New Lightweight DES Variants Suited for RFID Applications G. Leander, C. Paar, A. Poschmann, K.

New Lightweight DES Variants Suited for RFID Applications G. Leander, C. Paar, A. Poschmann, K. Schramm Workshop on Fast Software Encryption 2007 Outline Introduction Why lightweight? Why choose DES? DESL: DES Lightweight Why change DES?

364 views • 12 slides
Flexible Capacity Needs and Availability Assessment Hours Technical Study for 2019 Clyde Loutan

Flexible Capacity Needs and Availability Assessment Hours Technical Study for 2019 Clyde Loutan

Flexible Capacity Needs and Availability Assessment Hours Technical Study for 2019 Clyde Loutan Principal, Renewable Energy Integration Hong Zhou Market Development Analyst, Lead April 16, 2018 2018 CAISO - Public Whats the purpose of

886 views • 50 slides
How does LuK come to life? LuK consists of a collection of modules you only link in the modules

How does LuK come to life? LuK consists of a collection of modules you only link in the modules

slide 1 gaius How does LuK come to life? LuK consists of a collection of modules you only link in the modules actually required the mixture of the modules required for the lab exercises may be different each lab exercise has a file: init

492 views • 24 slides
Rule-Based Trust Assessment on the Semantic Web Ian Jacobi 1 , Lalana Kagal 1 , Ankesh Khandelwal

Rule-Based Trust Assessment on the Semantic Web Ian Jacobi 1 , Lalana Kagal 1 , Ankesh Khandelwal

General model AIR overview Trust on and by rules Related work, summary and future work Rule-Based Trust Assessment on the Semantic Web Ian Jacobi 1 , Lalana Kagal 1 , Ankesh Khandelwal 2 Decentralized Information Group 1 Massachussets

457 views • 33 slides
Modules Modules A module is a collection of functions that we can use to do more powerful things

Modules Modules A module is a collection of functions that we can use to do more powerful things

Modules Modules A module is a collection of functions that we can use to do more powerful things with our Python programs. Lots of modules exist, written by other developers. You can use a module without needing to understand what it is doing

165 views • 14 slides
Flexible Infrastructure Qualification What Is Flexible Infrastructure/Benefits Flexible

Flexible Infrastructure Qualification What Is Flexible Infrastructure/Benefits Flexible

Flexible Infrastructure Qualification What Is Flexible Infrastructure/Benefits Flexible Infrastructure is a system of systems that will provide capabilities for rapid space changes without the use of hot work. Benefits:

546 views • 8 slides
1 Some overlap with all modules particularly modules 3, 6 and 7. LDF/plan making evidence

1 Some overlap with all modules particularly modules 3, 6 and 7. LDF/plan making evidence

1 Some overlap with all modules particularly modules 3, 6 and 7. LDF/plan making evidence base and Implementation of the Yorkshire and Humber renewable and Low Carbon Energy Study, 2011 Introduction to climate change policy and context

1.04k views • 77 slides
Personalized Learning Flexible Seating and Space Flexible Seating and Space Flexible Seating and

Personalized Learning Flexible Seating and Space Flexible Seating and Space Flexible Seating and

Personalized Learning Flexible Seating and Space Flexible Seating and Space Flexible Seating and Space Flexible Seating and Space Departmentalizing and Schedule -Homerooms -ELA/MATH -Science/SS/Writing Independent Study Must Dos:

275 views • 10 slides

More recommend