使用雾节点虚拟化实现安全轻量级物联网终端设备架构的TCB最小化

2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC) Pub Date : 2020-11-06 DOI:10.1109/PDGC50313.2020.9315850

Prateek Mishra, S. Yadav, S. Arora

{"title":"使用雾节点虚拟化实现安全轻量级物联网终端设备架构的TCB最小化","authors":"Prateek Mishra, S. Yadav, S. Arora","doi":"10.1109/PDGC50313.2020.9315850","DOIUrl":null,"url":null,"abstract":"An Internet of Things (IoT) architecture comprised of cloud, fog and resource constrained IoT end devices. The exponential development of IoT has increased the processing and footprint overhead in IoT end devices. All the components of IoT end devices that establish Chain of Trust (CoT) to ensure security are termed as Trusted Computing Base (TCB). The increased overhead in the IoT end device has increased the demand to increase the size of TCB surface area hence increases complexity of TCB surface area and also the increased the visibility of TCB surface area to the external world made the IoT end devices architecture over-architectured and unsecured. The TCB surface area minimization that has been remained unfocused reduces the complexity of TCB surface area and visibility of TCB components to the external un-trusted world hence ensures security in terms of confidentiality, integrity, authenticity (CIA) at the IoT end devices. The TCB minimization thus will convert the over-architectured IoT end device into lightweight and secured architecture highly desired for resource constrained IoT end devices. In this paper we review the IoT end device architectures proposed in the recent past and concluded that these architectures of resource constrained IoT end devices are over-architectured due to larger TCB and ignored bugs and vulnerabilities in TCB hence un-secured. We propose the Novel levelled architecture with TCB minimization by replacing oversized hypervisor with lightweight Micro(μ)-hypervisor i.e. μ-visor and transferring μ-hypervisor based virtualization over fog node for light weight and secured IoT End device architecture. The bug free TCB components confirm stable CoT for guaranteed CIA resulting into robust Trusted Execution Environment (TEE) hence secured IoT end device architecture. Thus the proposed resulting architecture is secured with minimized SRAM and flash memory combined footprint 39.05% of the total available memory per device. In this paper we review the IoT end device architectures proposed in the recent past and concluded that these architectures of resource constrained IoT end devices are over-architectured due to larger TCB and ignored bugs and vulnerabilities in TCB hence un-secured. We propose the Novel levelled architecture with TCB minimization by replacing oversized hypervisor with lightweight Micro(μ)-hypervisor i.e. μ-visor and transferring μ-hypervisor based virtualization over fog node for light weight and secured IoT End device architecture. The bug free TCB components confirm stable CoT for guaranteed CIA resulting into robust Trusted Execution Environment (TEE) hence secured IoT end device architecture. Thus the proposed resulting architecture is secured with minimized SRAM and flash memory combined footprint 39.05% of the total available memory per device.","PeriodicalId":347216,"journal":{"name":"2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"TCB Minimization towards Secured and Lightweight IoT End Device Architecture using Virtualization at Fog Node\",\"authors\":\"Prateek Mishra, S. Yadav, S. Arora\",\"doi\":\"10.1109/PDGC50313.2020.9315850\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An Internet of Things (IoT) architecture comprised of cloud, fog and resource constrained IoT end devices. The exponential development of IoT has increased the processing and footprint overhead in IoT end devices. All the components of IoT end devices that establish Chain of Trust (CoT) to ensure security are termed as Trusted Computing Base (TCB). The increased overhead in the IoT end device has increased the demand to increase the size of TCB surface area hence increases complexity of TCB surface area and also the increased the visibility of TCB surface area to the external world made the IoT end devices architecture over-architectured and unsecured. The TCB surface area minimization that has been remained unfocused reduces the complexity of TCB surface area and visibility of TCB components to the external un-trusted world hence ensures security in terms of confidentiality, integrity, authenticity (CIA) at the IoT end devices. The TCB minimization thus will convert the over-architectured IoT end device into lightweight and secured architecture highly desired for resource constrained IoT end devices. In this paper we review the IoT end device architectures proposed in the recent past and concluded that these architectures of resource constrained IoT end devices are over-architectured due to larger TCB and ignored bugs and vulnerabilities in TCB hence un-secured. We propose the Novel levelled architecture with TCB minimization by replacing oversized hypervisor with lightweight Micro(μ)-hypervisor i.e. μ-visor and transferring μ-hypervisor based virtualization over fog node for light weight and secured IoT End device architecture. The bug free TCB components confirm stable CoT for guaranteed CIA resulting into robust Trusted Execution Environment (TEE) hence secured IoT end device architecture. Thus the proposed resulting architecture is secured with minimized SRAM and flash memory combined footprint 39.05% of the total available memory per device. In this paper we review the IoT end device architectures proposed in the recent past and concluded that these architectures of resource constrained IoT end devices are over-architectured due to larger TCB and ignored bugs and vulnerabilities in TCB hence un-secured. We propose the Novel levelled architecture with TCB minimization by replacing oversized hypervisor with lightweight Micro(μ)-hypervisor i.e. μ-visor and transferring μ-hypervisor based virtualization over fog node for light weight and secured IoT End device architecture. The bug free TCB components confirm stable CoT for guaranteed CIA resulting into robust Trusted Execution Environment (TEE) hence secured IoT end device architecture. Thus the proposed resulting architecture is secured with minimized SRAM and flash memory combined footprint 39.05% of the total available memory per device.\",\"PeriodicalId\":347216,\"journal\":{\"name\":\"2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC)\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-11-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PDGC50313.2020.9315850\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDGC50313.2020.9315850","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

物联网(IoT)架构由云、雾和资源受限的物联网终端设备组成。物联网的指数级发展增加了物联网终端设备的处理和占用空间开销。物联网终端设备中所有建立信任链(CoT)以确保安全的组件都称为可信计算基础(TCB)。物联网终端设备开销的增加增加了对增加TCB表面积尺寸的需求，从而增加了TCB表面积的复杂性，而且TCB表面积对外部世界的可见性也增加了物联网终端设备架构的过度架构和不安全。一直未集中的TCB表面积最小化降低了TCB表面积的复杂性和TCB组件对外部不可信世界的可见性，从而确保了物联网终端设备在机密性、完整性、真实性(CIA)方面的安全性。因此，TCB最小化将把过度架构的物联网终端设备转换为轻量级和安全的架构，这是资源受限的物联网终端设备非常需要的。在本文中，我们回顾了最近提出的物联网终端设备架构，并得出结论，这些资源受限的物联网终端设备架构由于较大的TCB而过度架构，并且忽略了TCB中的错误和漏洞，因此不安全。我们提出了一种新颖的水平架构，通过用轻量级的Micro(μ)-hypervisor(即μ-visor)取代超大的hypervisor，并在雾节点上传输基于μ-hypervisor的虚拟化，以实现轻量级和安全的物联网终端设备架构，从而实现TCB最小化。无bug的TCB组件确认了有保证的CIA的稳定CoT，从而形成强大的可信执行环境(TEE)，从而安全的物联网终端设备架构。因此，所提出的最终架构以最小的SRAM和闪存组合占用39.05%的每个设备可用内存来保护。在本文中，我们回顾了最近提出的物联网终端设备架构，并得出结论，这些资源受限的物联网终端设备架构由于较大的TCB而过度架构，并且忽略了TCB中的错误和漏洞，因此不安全。我们提出了一种新颖的水平架构，通过用轻量级的Micro(μ)-hypervisor(即μ-visor)取代超大的hypervisor，并在雾节点上传输基于μ-hypervisor的虚拟化，以实现轻量级和安全的物联网终端设备架构，从而实现TCB最小化。无bug的TCB组件确认了有保证的CIA的稳定CoT，从而形成强大的可信执行环境(TEE)，从而安全的物联网终端设备架构。因此，所提出的最终架构以最小的SRAM和闪存组合占用39.05%的每个设备可用内存来保护。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

TCB Minimization towards Secured and Lightweight IoT End Device Architecture using Virtualization at Fog Node

An Internet of Things (IoT) architecture comprised of cloud, fog and resource constrained IoT end devices. The exponential development of IoT has increased the processing and footprint overhead in IoT end devices. All the components of IoT end devices that establish Chain of Trust (CoT) to ensure security are termed as Trusted Computing Base (TCB). The increased overhead in the IoT end device has increased the demand to increase the size of TCB surface area hence increases complexity of TCB surface area and also the increased the visibility of TCB surface area to the external world made the IoT end devices architecture over-architectured and unsecured. The TCB surface area minimization that has been remained unfocused reduces the complexity of TCB surface area and visibility of TCB components to the external un-trusted world hence ensures security in terms of confidentiality, integrity, authenticity (CIA) at the IoT end devices. The TCB minimization thus will convert the over-architectured IoT end device into lightweight and secured architecture highly desired for resource constrained IoT end devices. In this paper we review the IoT end device architectures proposed in the recent past and concluded that these architectures of resource constrained IoT end devices are over-architectured due to larger TCB and ignored bugs and vulnerabilities in TCB hence un-secured. We propose the Novel levelled architecture with TCB minimization by replacing oversized hypervisor with lightweight Micro(μ)-hypervisor i.e. μ-visor and transferring μ-hypervisor based virtualization over fog node for light weight and secured IoT End device architecture. The bug free TCB components confirm stable CoT for guaranteed CIA resulting into robust Trusted Execution Environment (TEE) hence secured IoT end device architecture. Thus the proposed resulting architecture is secured with minimized SRAM and flash memory combined footprint 39.05% of the total available memory per device. In this paper we review the IoT end device architectures proposed in the recent past and concluded that these architectures of resource constrained IoT end devices are over-architectured due to larger TCB and ignored bugs and vulnerabilities in TCB hence un-secured. We propose the Novel levelled architecture with TCB minimization by replacing oversized hypervisor with lightweight Micro(μ)-hypervisor i.e. μ-visor and transferring μ-hypervisor based virtualization over fog node for light weight and secured IoT End device architecture. The bug free TCB components confirm stable CoT for guaranteed CIA resulting into robust Trusted Execution Environment (TEE) hence secured IoT end device architecture. Thus the proposed resulting architecture is secured with minimized SRAM and flash memory combined footprint 39.05% of the total available memory per device.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC)

自引率

0.00%

发文量