Trustworthy things

Abstract

We postulate that if an IoT device is able to produce trustworthy evidence about itself using Remote Attestation Procedures, it should be possible to augment its affordances with a new "trustworthiness" quality that allows to securely bind any information that the device exchanges with a set of trust metrics representing a snapshot of its most recent security state. This new "trustworthiness affordance" would be used whenever the device needs to provide application state to its users with strong authenticity, which is often the case when the contribution of the device into some distributed computation has repercussions on the individual or public health and safety.