Proceedings of the 2018 Workshop on IoT Security and Privacy最新文献

筛选

英文中文

Towards Secure Distributed Trust Management on a Global Scale: An analytical approach for applying Distributed Ledgers for authorization in the IoT 迈向全球范围内的安全分布式信任管理:一种应用分布式账本进行物联网授权的分析方法

Proceedings of the 2018 Workshop on IoT Security and Privacy Pub Date : 2018-07-05 DOI: 10.1145/3229565.3229569

Nikolaos Alexopoulos, Sheikh Mahbub Habib, M. Mühlhäuser

{"title":"Towards Secure Distributed Trust Management on a Global Scale: An analytical approach for applying Distributed Ledgers for authorization in the IoT","authors":"Nikolaos Alexopoulos, Sheikh Mahbub Habib, M. Mühlhäuser","doi":"10.1145/3229565.3229569","DOIUrl":"https://doi.org/10.1145/3229565.3229569","url":null,"abstract":"Authorization, and more generally Trust Management (TM), is an indispensable part of the correct operation of most IT systems. The advent of the Internet of Things (IoT), with its cyber-physical and distributed nature, creates new challenges, that existing TM systems cannot adequately address, such as for example the need for non-interactive exclusive access enforcement. In the meantime, a line of thought in the research community is that Distributed Ledgers (DLs), like the one implemented by the Ethereum blockchain, can provide strong security guarantees for distributed access control. However, this approach has not yet been examined in a scientific, systematic manner, and has many pitfalls, with arguably the most important one being scalability. In this paper, we critically explore the shortcomings of existing solutions for trust management in distributed networks, pinpoint which of these shortcomings can be addressed by utilizing DLs, and offer a conceptual design for a scalable, secure TM system. Our design approaches the problem in three layers, namely a global, an intermediate group or shard layer, and a local layer, corresponding to the set of embedded devices behind an internet access point. We view our design as a novel first step, helping the community to produce more secure and realistic authorization solutions for the IoT, in the near future.","PeriodicalId":20541,"journal":{"name":"Proceedings of the 2018 Workshop on IoT Security and Privacy","volume":"39 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2018-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90756255","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 17

Clear as MUD: Generating, Validating and Applying IoT Behavioral Profiles 清晰如MUD:生成、验证和应用物联网行为概况

Proceedings of the 2018 Workshop on IoT Security and Privacy Pub Date : 2018-04-12 DOI: 10.1145/3229565.3229566

Ayyoob Hamza, Dinesha Ranathunga, H. Gharakheili, M. Roughan, V. Sivaraman

{"title":"Clear as MUD: Generating, Validating and Applying IoT Behavioral Profiles","authors":"Ayyoob Hamza, Dinesha Ranathunga, H. Gharakheili, M. Roughan, V. Sivaraman","doi":"10.1145/3229565.3229566","DOIUrl":"https://doi.org/10.1145/3229565.3229566","url":null,"abstract":"IoT devices are increasingly being implicated in cyber-attacks, raising community concern about the risks they pose to critical infrastructure, corporations, and citizens. In order to reduce this risk, the IETF is pushing IoT vendors to develop formal specifications of the intended purpose of their IoT devices, in the form of a Manufacturer Usage Description (MUD), so that their network behavior in any operating environment can be locked down and verified rigorously. This paper aims to assist IoT manufacturers in developing and verifying MUD profiles, while also helping adopters of these devices to ensure they are compatible with their organizational policies. Our first contribution is to develop a tool that takes the traffic trace of an arbitrary IoT device as input and automatically generates the MUD profile for it. We contribute our tool as open source, apply it to 28 consumer IoT devices, and highlight insights and challenges encountered in the process. Our second contribution is to apply a formal semantic framework that not only validates a given MUD profile for consistency, but also checks its compatibility with a given organizational policy. Finally, we apply our framework to representative organizations and selected devices, to demonstrate how MUD can reduce the effort needed for IoT acceptance testing.","PeriodicalId":20541,"journal":{"name":"Proceedings of the 2018 Workshop on IoT Security and Privacy","volume":"13 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2018-04-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88487995","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 88

首页上一页