Trust schemas and ICN: key to secure home IoT

Abstract

Home and business internet of things (IoT) networking presents security challenges that can be addressed using information-centric networking (ICN) to secure information rather than channels. In particular, we leverage ICN's per-packet signing, combined with recent innovations in trust schemas, to construct a strong trust zone. This architecture creates domains governed by a secured trust schema provided to every device during its enrollment together with the device's attribute-based signing cert chain(s). Applications don't need to be rewritten to gain security; a run-time library with an MQTT-like publish/subscribe API uses the provisioned trust schema and certs to construct, sign and ship outgoing publications and to both cryptographically and structurally validate a subscriber's incoming publications. This unique application of trust schemas (Versec) is explained and an example home IoT framework is described where trust schemas express straightforward, homeowner-specific policies that an open-source library enforces at run-time on behalf of security-agnostic applications. Along with the specific innovation in trust management, the platform exploits current and emergent IoT best practices. Utility programs, libraries, and examples are available as an open-source Data-Centric Toolkit.