使用分布式账本技术的智能家居物联网设备安全增强固件管理方案

IF 2.4 4区 计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
W. M. A. B. Wijesundara, Joong-Sun Lee, Dara Tith, Eleni Aloupogianni, Hiroyuki Suzuki, Takashi Obi
{"title":"使用分布式账本技术的智能家居物联网设备安全增强固件管理方案","authors":"W. M. A. B. Wijesundara, Joong-Sun Lee, Dara Tith, Eleni Aloupogianni, Hiroyuki Suzuki, Takashi Obi","doi":"10.1007/s10207-024-00827-x","DOIUrl":null,"url":null,"abstract":"<p>With the increase of IoT devices generating large amounts of user-sensitive data, improper firmware harms users’ security and privacy. Latest home appliances are integrated with features to assure compatibility with smart home IoT. However, applying complex security mechanisms to IoT is limited by device hardware capabilities, making them vulnerable to attacks. Such attacks have recently become frequent. To address this issue, we developed a secure verification mechanism for firmware released by the device’s manufacturer. We proposed an IoT gateway for secure firmware verification and updating for smart home IoT devices utilizing the IOTA MAM (Masked Authenticated Messaging) protocol and a distributed file system with IPFS (Inter-Planetary File System) protocol. These two communication protocols ensure decentralized communication and firmware file distribution between the IoT device vendor and the IoT end device. The proposed scheme securely shares latest firmware content over IOTA and IPFS networks, performs a secure firmware update on IoT end devices and ensures authenticity and integrity of the firmware. Two types of validation methods were proposed for firmware updating and validation. We implemented the proposed scheme using three entities, Vendor, IoT gateway, and IoT end device. Our system yielded promising results in performing secure automated firmware updates on IoT end devices with very low computational power. The system’s functionality was implemented using IOTA’s MAM run on Raspberry Pi as an IoT gateway along with an ESP8266 Wi-Fi microcontroller, demonstrating the effectiveness of our approach. Our proposed methodology can be used for secure firmware distribution on home IoT applications.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"13 1","pages":""},"PeriodicalIF":2.4000,"publicationDate":"2024-03-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Security-enhanced firmware management scheme for smart home IoT devices using distributed ledger technologies\",\"authors\":\"W. M. A. B. Wijesundara, Joong-Sun Lee, Dara Tith, Eleni Aloupogianni, Hiroyuki Suzuki, Takashi Obi\",\"doi\":\"10.1007/s10207-024-00827-x\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>With the increase of IoT devices generating large amounts of user-sensitive data, improper firmware harms users’ security and privacy. Latest home appliances are integrated with features to assure compatibility with smart home IoT. However, applying complex security mechanisms to IoT is limited by device hardware capabilities, making them vulnerable to attacks. Such attacks have recently become frequent. To address this issue, we developed a secure verification mechanism for firmware released by the device’s manufacturer. We proposed an IoT gateway for secure firmware verification and updating for smart home IoT devices utilizing the IOTA MAM (Masked Authenticated Messaging) protocol and a distributed file system with IPFS (Inter-Planetary File System) protocol. These two communication protocols ensure decentralized communication and firmware file distribution between the IoT device vendor and the IoT end device. The proposed scheme securely shares latest firmware content over IOTA and IPFS networks, performs a secure firmware update on IoT end devices and ensures authenticity and integrity of the firmware. Two types of validation methods were proposed for firmware updating and validation. We implemented the proposed scheme using three entities, Vendor, IoT gateway, and IoT end device. Our system yielded promising results in performing secure automated firmware updates on IoT end devices with very low computational power. The system’s functionality was implemented using IOTA’s MAM run on Raspberry Pi as an IoT gateway along with an ESP8266 Wi-Fi microcontroller, demonstrating the effectiveness of our approach. Our proposed methodology can be used for secure firmware distribution on home IoT applications.</p>\",\"PeriodicalId\":50316,\"journal\":{\"name\":\"International Journal of Information Security\",\"volume\":\"13 1\",\"pages\":\"\"},\"PeriodicalIF\":2.4000,\"publicationDate\":\"2024-03-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Information Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s10207-024-00827-x\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10207-024-00827-x","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

随着产生大量用户敏感数据的物联网设备的增加,不适当的固件会损害用户的安全和隐私。最新的家用电器都集成了确保与智能家居物联网兼容的功能。然而,将复杂的安全机制应用于物联网受到设备硬件能力的限制,使其容易受到攻击。最近,此类攻击频频发生。为了解决这个问题,我们为设备制造商发布的固件开发了一种安全验证机制。我们提出了一种物联网网关,用于智能家居物联网设备的安全固件验证和更新,该网关采用了 IOTA MAM(掩码验证消息传递)协议和带有 IPFS(专有间文件系统)协议的分布式文件系统。这两个通信协议确保了物联网设备供应商和物联网终端设备之间的分散式通信和固件文件分发。拟议方案通过 IOTA 和 IPFS 网络安全共享最新固件内容,在物联网终端设备上执行安全固件更新,并确保固件的真实性和完整性。我们为固件更新和验证提出了两种验证方法。我们使用三个实体(供应商、物联网网关和物联网终端设备)实施了所提出的方案。我们的系统以极低的计算能力在物联网终端设备上执行安全的自动固件更新,取得了可喜的成果。该系统的功能是在作为物联网网关的树莓派(Raspberry Pi)上使用 IOTA 的 MAM 和 ESP8266 Wi-Fi 微控制器实现的,证明了我们方法的有效性。我们提出的方法可用于家庭物联网应用的安全固件分发。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

Security-enhanced firmware management scheme for smart home IoT devices using distributed ledger technologies

Security-enhanced firmware management scheme for smart home IoT devices using distributed ledger technologies

With the increase of IoT devices generating large amounts of user-sensitive data, improper firmware harms users’ security and privacy. Latest home appliances are integrated with features to assure compatibility with smart home IoT. However, applying complex security mechanisms to IoT is limited by device hardware capabilities, making them vulnerable to attacks. Such attacks have recently become frequent. To address this issue, we developed a secure verification mechanism for firmware released by the device’s manufacturer. We proposed an IoT gateway for secure firmware verification and updating for smart home IoT devices utilizing the IOTA MAM (Masked Authenticated Messaging) protocol and a distributed file system with IPFS (Inter-Planetary File System) protocol. These two communication protocols ensure decentralized communication and firmware file distribution between the IoT device vendor and the IoT end device. The proposed scheme securely shares latest firmware content over IOTA and IPFS networks, performs a secure firmware update on IoT end devices and ensures authenticity and integrity of the firmware. Two types of validation methods were proposed for firmware updating and validation. We implemented the proposed scheme using three entities, Vendor, IoT gateway, and IoT end device. Our system yielded promising results in performing secure automated firmware updates on IoT end devices with very low computational power. The system’s functionality was implemented using IOTA’s MAM run on Raspberry Pi as an IoT gateway along with an ESP8266 Wi-Fi microcontroller, demonstrating the effectiveness of our approach. Our proposed methodology can be used for secure firmware distribution on home IoT applications.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
International Journal of Information Security
International Journal of Information Security 工程技术-计算机:理论方法
CiteScore
6.30
自引率
3.10%
发文量
52
审稿时长
12 months
期刊介绍: The International Journal of Information Security is an English language periodical on research in information security which offers prompt publication of important technical work, whether theoretical, applicable, or related to implementation. Coverage includes system security: intrusion detection, secure end systems, secure operating systems, database security, security infrastructures, security evaluation; network security: Internet security, firewalls, mobile security, security agents, protocols, anti-virus and anti-hacker measures; content protection: watermarking, software protection, tamper resistant software; applications: electronic commerce, government, health, telecommunications, mobility.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信