1 An Approach for Secure Edge Computing in the Internet of - - PowerPoint PPT Presentation

1 an approach for secure edge computing in the internet
SMART_READER_LITE
LIVE PREVIEW

1 An Approach for Secure Edge Computing in the Internet of - - PowerPoint PPT Presentation

Jun 21, 2023 141 likes •657 views

1 An Approach for Secure Edge Computing in the Internet of Things Markus Endler, Anderson O. da Silva and Rafael A.M.S. Cruz {endler, anderson}@inf.puc-rio.br and ramscrz@gmail.com Laboratory for Advanced Collaboration

slide-1
SLIDE 1

1

An Approach for Secure Edge Computing in the Internet of Things
 


Markus Endler, Anderson O. da Silva and Rafael A.M.S. Cruz
 {endler, anderson}@inf.puc-rio.br and ramscrz@gmail.com
 
 Laboratory for Advanced Collaboration Departament of Informatics PUC-Rio


slide-2
SLIDE 2

2

Why criminals have a lot of interest in IoT?

Key points of IoT that can contribute to form a digital army:

  • Processing capability:
  • Execute malicious software (malware).
  • Storage capability:
  • Spread parts of data from crime among the things (P2P).
  • Transmission capability:
  • Transmit malicious data (attack messages).
  • Internet communication capability:
  • Targeted massive attacks over the Internet (high density botnets).
slide-3
SLIDE 3

3

Criminals are already using IoT to increase their botnets and firepower

slide-4
SLIDE 4

4

Security Threats to IoT Systems

Threats in the IoT environment might be similar to those in the traditional IT environments, but…

  • The overall impact could be very different because the targets are

abundant and cover many different industry segments.

  • Currently, IoT technology already supports connection of millions
  • f smart devices and meters.
  • By 2025, it shall support more than 50 billion connected devices.
  • The potential impact could span from minor irritant to grave and

significant damage to the infrastructure and loss of life.

  • J. Frahim, C. Pignataro, J.

Apcar, and M. Morrow. Securing the Internet of Things: A Proposed Framework, 2015.

slide-5
SLIDE 5

5

What are the threats to the classic topology of IoT Systems?

IoT Classic Three-Layer Topology: Data Acquisition – Data Aggregation – Data Analysis

slide-6
SLIDE 6

6

What are the threats to the generic topology of IoT Systems?

Threats that can compromise the security of IoT systems can be grouped into two distinct groups:

  • Group of Threats 1 (GT1)
  • Threats to the operation of the entities of the IoT system.
  • Smart Objects, Gateway and Cloud
  • Group of Threats 2 (GT2)
  • Threats to the communication between the entities of the IoT

system.

  • Smart Objects – Gateway
  • Gateway – Coud
slide-7
SLIDE 7

7

Group of Threats 1 (GT1)

Threats of GT1, in general, aims to:

  • Gain privileged or unprivileged access
  • Tamper control information
  • Tamper the firmware
  • Produce false data
  • Steal information
  • Disrupt the system
slide-8
SLIDE 8

8

Group of Threats 2 (GT2)

Common threats of GT2: Monitoring the content of the messages (passive attack)

slide-9
SLIDE 9

9

Group of Threats 2 (GT2)

Common threats of GT2: Intercepting and tampering messages (active attack)

slide-10
SLIDE 10

10

Group of Threats 2 (GT2)

Common threats of GT2: Masquerading (active attack)

slide-11
SLIDE 11

11

Group of Threats 2 (GT2)

Common threats of GT2: Denial of Service (DoS) by Flooding (active attack)

slide-12
SLIDE 12

12

What are the suitable security controls for IoT Systems?

In order to determine the need of a security control, we first have to analyze the security risks.

  • This means we have to evaluate, for each risk, its likelihood to occur,

technical impact and harm to the business or organization.

  • Sometimes, we will accept the risk and choose simple low-cost

controls or even no control at all.

  • However, other times, we will face scenarios in which it would be

irresponsible to choose such simple controls. For these, we have to invest more to acquire equipment aligned with our security needs. T.R. Peltier. Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management. CRC Press, 2001.

slide-13
SLIDE 13

13

What are the suitable security controls for IoT Systems?

Analysis of the security risks: IoT example scenarios

  • In a non-mission critical scenario where we need to acquire data about

the soil moisture or the environment temperature in order to keep the well-being of the plantation, we can accept the risk to use low-cost smart things with simple security controls.

low risk

slide-14
SLIDE 14

14

What are the suitable security controls for IoT Systems?

Analysis of the security risks: IoT example scenarios

  • In mission critical scenario, where we have to monitor the same kind
  • f data related to the reactor of a nuclear power plant, we will

eventually need special smart things with the necessary processing capabilities to implement classic and well-known high security standards.

high risk

slide-15
SLIDE 15

15

Security Architecture for the Generic Three-Layer Topology of IoT Systems

Defeating targeted attacks on the cloud and on the gateway:

slide-16
SLIDE 16

16

Security Architecture for the Generic Three-Layer Topology of IoT Systems

Defeating targeted attacks on the gateway and on the smart thing:

slide-17
SLIDE 17

17

Security Architecture for the Generic Three-Layer Topology of IoT Systems

Defeating targeted attacks on the smart things:

  • In order to reinforce the security in the smart things, we propose that

these sensors/devices shall provide two distinct operating modes:

  • (i) configuration mode
  • Allows configuration actions such as the modification of
  • perating parameters (e.g. signal strength, cryptographic keys,

network address, authentication method) and updating of the firmware, among others.

  • (ii) service mode
  • Common operating mode in which the smart thing do what it is

intended to do and allows data to be collected or changed.

  • As a security measure, the smart thing shall use an access control

method before switching modes, such as validating a PIN (Personal Identification Number).

slide-18
SLIDE 18

18

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Middleware for IoT Systems (developed at the Laboratory for Advanced Collaboration)

  • Uses a scalable mobile-cloud communication layer, SDDL (Scalable Data

Distribution Layer), plus the mobile component Mobile Hub, which is responsible for discovering and connecting Smart Objects to the Internet. Introduces the concept of IoMT (Internet of Mobile Things)

slide-19
SLIDE 19

19

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Smart Object Service Broker (the cloud)

security perimet er security perimet er V P N VP N

slide-20
SLIDE 20

20

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub), which is the ContextNet IoT Gateway

security perimet er security perimet er V P N VP N SNM P SNM P AUT H AUT H

slide-21
SLIDE 21

21

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • For the proposed protocol, the following elements must be acknowledged:

Smart Thing / Object (S-Obj) Mobile Hub (M-Hub) SDDL Core Gateway (SDDL-C GW) Symetric Authentication Keys (Kauth_s-obj) (Kauth_sddl-c- gw) Symetric Cipher Key (Kcipher_s-

  • bj)

Private Key (Kpriv_m- hub) Private Key (Kpriv_sddl-c- gw) Public Key (Kpriv_m- hub) Public Key (Kpub_ssdl-c- gw) S-Objs Key Databas Access Control Database Symetric Authenticatio n Key (Kauth_sddl- c-gw)

slide-22
SLIDE 22

22

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 1: Discovery Request Message: broadcast to all in-range S-Objs

S-Obj M-Hub SDDL-C GW Discovery_Request(broa dcast)

slide-23
SLIDE 23

23

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 2: Discovery Response Message: sent by in-range S-Objs to M-Hub

S-Obj M-Hub SDDL-C GW Discovery_Response(S- Obj_ID)

slide-24
SLIDE 24

24

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 3: TLS Connection: M-Hub creates a Sec. Assoc. with SDDL-C

S-Obj M-Hub SDDL-C GW TLS- Handshake(Cert_M- Hub) TLS- Handshake(Cert_SDDL- C GW) TLS- Handshake(master_s ecret) Bi-directional Secure Channel

slide-25
SLIDE 25

25

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 4: Get Authorization: M-Hub sends message through TLS channel

S-Obj M-Hub SDDL-C GW TLS Secure Channel Get_Authorization(S-Obj_ID, M-Hub_ID)

slide-26
SLIDE 26

26

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 4.1: SDDL-C verify if the M-Hub is authorized to access the S-Obj

S-Obj M-Hub SDDL-C GW

  • checkAuthorization(S-Obj_ID, M-Hub_ID)
  • If (DB_Check_Access_Authorization(S-

Obj_ID, M-Hub_ID)) Then

  • Return Go_To_Step_4.2
  • Else
  • Return Authorization_Error

Query(S-Obj_ID, M- Hub_ID) Result(True/ False)

slide-27
SLIDE 27

27

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 4.2: SDDL-C gets S-Obj keys (Kauth_s-obj, Kcipher_s-obj) from DB

S-Obj M-Hub SDDL-C GW

  • Get STKeys(S-Obj_ID)
  • If (DB_Get_Kauth_Kcipher(S-Obj_ID))

Then

  • Return Go_To_Step_4.3
  • Else
  • Return S-Obj_Keys_Query_Error

Query(S-Obj_ID) Result(True/False, Kauth_s-obj_id, kcipher_s-obj_id)

slide-28
SLIDE 28

28

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 4.3: SDDL-C generates the OTPChallenge (random positive value)

S-Obj M-Hub SDDL-C GW

  • GenerateOTPChallenge(nonce)
  • OTPChallenge=GeneratePositiveRand
  • m(nonce)
  • Return OTPChallenge
  • Go To Step 4.4

OTP Challe nge

slide-29
SLIDE 29

29

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 4.4: SDDL-C generates the OTP value (seed of the key used by HMAC)

S-Obj M-Hub SDDL-C GW

  • GenerateOTP(S-Obj_ID, M-Hub_ID,

OTPChallenge, Kauth_s-obj)

  • OTP=Concat(S-Obj_ID, M-Hub_ID,

Kauth_s-obj, OTPChallenge)

  • For i=1 To OTPChallenge Do
  • OTP=HASH(OTP)
  • Return OTP
  • Go To Step 4.5

OT P

slide-30
SLIDE 30

30

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 4.5: SDDL-C generates the session cipher key (Ksession)

S-Obj M-Hub SDDL-C GW

  • GenerateKsession(nonce)
  • Ksession=GenerateRandomKey(nonce)
  • Return Ksession
  • Go To Step 4.6
slide-31
SLIDE 31

31

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 4.6: SDDL-C generates the secret package for S-Obj (Package_K)

S-Obj M-Hub SDDL-C GW

  • GenerateST_PackageK(OTPChallenge,

Ksession, Kchiper_s-obj)

  • Package=CreatePackage(OTPChallenge

, Ksession)

  • Package_K=Encrypt(Package,

Kcipher_s-obj)

  • Return Package_K
  • Go To Step 4.7

encry pt

slide-32
SLIDE 32

32

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 4.7: SDDL-C signs the secret package for S-Obj (Signed_Package_K)

S-Obj M-Hub SDDL-C GW

  • SignST_Package_K(Package_K, Kauth_sddl-

c)

  • Package_K_HMAC=

GenerateHMAC(Package_K, timestamp, Kauth_sddl-c)

  • Return Package_K_HMAC
  • Go To Step 5

HASH HMA C

slide-33
SLIDE 33

33

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 5: SDDL-C sends OTP, Ksession and Package_K to the M-Hub

S-Obj M-Hub SDDL-C GW TLS Secure Channel Authorization_Response(OT P, Ksession, S-Obj_ID, Package_K_With_HMAC)

slide-34
SLIDE 34

34

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 5.1: M-Hub stores Ksession and OTP for the S-Obj_ID

S-Obj M-Hub SDDL-C GW

OT P

  • StoreKey(S-Obj_ID, Ksession, OTP)
  • If (DB_Insert_Key(S-Obj_ID, ksession,

OTP)) Then

  • Return Go_To_Step_5.2
  • Else
  • Return Ksession_OTP_Insert_Error

Insert(S-Obj_ID, Ksession, OTP) Result(True/ False)

slide-35
SLIDE 35

35

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 5.2: M-Hub signs the Hello Message with HMAC (OTP is seed of key)

S-Obj M-Hub SDDL-C GW

OT P

  • signHelloMessage(M-Hub_ID, OTP, timestamp,

Package_K_With_HMAC)

  • Kauth_m-hub=Generate_M-

Hub_Auth_Key(OTP)

  • Hello_Message_HMAC=

GenerateHMAC(M-Hub_ID, timestamp, Kauth_m-hub, Package_K_With_HMAC)

  • Return Hello_Message_HMAC
  • Go To Step 6

HASH HMA C

OT P

slide-36
SLIDE 36

36 Hello(M-Hub_ID, timestamp, HelloMessageHMAC, Package_K_With_HMAC)

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 6: M-Hub sends a signed Hello Message (HMAC) to S-Obj

S-Obj M-Hub SDDL-C GW

OT P

slide-37
SLIDE 37

37

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 6.1: S-Obj checks the signature of the Package_K_With_HMAC

S-Obj M-Hub SDDL-C GW

OT P

  • CheckSignForPackage(Package_K_With_HMA

C, Kauth_sddl-c)

  • If (CheckSign(Package_K_With_HMAC,

Kauth_sddl-c)) Then

  • Return Go_To_Step_6.2
  • Else
  • Return Package_K_Signature_Error

HASH HMA C

= ?

slide-38
SLIDE 38

38

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 6.2: S-Obj decrypts Package_K to get Ksession and OTPChallenge

S-Obj M-Hub SDDL-C GW

OT P

  • DecryptPackage(Package_K,

Kcipher_s-obj)

  • Package=Decrypt(Package_K,

Kcipher_s-obj)

  • Return Package
  • Go To Step 6.3

Decry pt

slide-39
SLIDE 39

39

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 6.3: S-Obj generates the OTP value (seed of the key used by HMAC)

S-Obj M-Hub SDDL-C GW

OT P

  • GenerateOTP(S-Obj_ID, M-Hub_ID,

OTPChallenge, Kauth_s-obj)

  • OTP=Concat(S-Obj_ID, M-Hub_ID,

Kauth_s-obj, OTPChallenge)

  • For i=1 To OTPChallenge Do
  • OTP=HASH(OTP)
  • Return OTP
  • Go To Step 6.4

OT P

slide-40
SLIDE 40

40

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 6.4: S-Obj checks the signature of the Hello Message sent by M-Hub

S-Obj M-Hub SDDL-C GW

OT P

  • CheckSignForHelloMessage(M-Hub_ID, OTP,

HelloMessage)

  • Kauth_m-hub=Generate_M-Hub_Auth_Key(OTP)
  • Hello_Message_HMAC=

GenerateHMAC(M-Hub_ID, timestamp, Kauth_m- hub, HelloMessage)

  • If (CheckSignature(HMAC, New_HMAC) Then
  • Return Go_To_Step_6.5
  • Else Return Hello_Message_Signature_Error

HASH HMA C

OT P

= ?

slide-41
SLIDE 41

41

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 6.5: S-Obj stores Ksession and OTP for the M-Hub

S-Obj M-Hub SDDL-C GW

OT P

  • StoreKey(M-Hub_ID, Ksession, OTP)
  • If (DB_Insert_Key(M-Hub_ID, ksession,

OTP)) Then

  • Return Go_To_Step_6.6
  • Else
  • Return Ksession_OTP_Insert_Error

Insert(M-Hub_ID, Ksession, OTP) Result(True/ False)

OT P

slide-42
SLIDE 42

42

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 6.6: S-Obj signs the Hello Accepted Message with HMAC

S-Obj M-Hub SDDL-C GW

OT P OT P

  • signHelloAcceptedMessage(S-Obj_ID, M-

Hub_ID, OTP, timestamp)

  • Kauth_m-hub=Generate_M-

Hub_Auth_Key(OTP)

  • Hello_Accepted_Message_HMAC=

GenerateHMAC(S-Obj_ID, M-Hub_ID, timestamp, Kauth_m-hub)

  • Return Hello_Accepted_Message_HMAC
  • Go To Step 7

HASH HMA C

OT P

slide-43
SLIDE 43

43 HelloAccepted(S-Obj_ID, M- Hub_ID, timestamp, HelloAcceptedMessageHMAC)

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 7: S-Obj sends the signed Hello Accepted Message (HMAC) to M-Hub

S-Obj M-Hub SDDL-C GW

OT P OT P

slide-44
SLIDE 44

44

Applying the Security Architecture to the ContextNet Middleware

ContextNet: Securing the Mobile Hub (M-Hub) communication with SDDL Core and Smart Things

  • Step 7.1: M-Hub checks the signature of the Hello Accepted Message

S-Obj M-Hub SDDL-C GW

OT P OT P

  • CheckSignForHelloAcceptedMessage(M-Hub_ID, OTP,

HelloAcceptedMessage)

  • Kauth_m-hub=Generate_M-Hub_Auth_Key(OTP)
  • Hello_Message_HMAC=GenerateHMAC(M-Hub_ID,

timestamp, Kauth_m-hub, HelloAcceptedMessage)

  • If (CheckSignature(HMAC, New_HMAC) Then
  • Return

Security_Association_Established_With_S-Obj

  • Else Return

Hello_Accepted_Message_Signature_Error HASH HMA C

OT P

= ?

slide-45
SLIDE 45

45

Conclusion

Requirements to apply our security architecture to IoT Systems:

  • Smart Things shall provide the necessary processing capability to

execute, at least, basic cryptographic algorithms, such as, HMAC and RC4.

  • Smart Things shall provide minimum amount of memory to store the

session cipher key (Ksession) and the M-Hub authentication key (OTP).

  • M-Hub shall support some kind of VPN protocol based on IPsec or TLS.
  • M-Hub shall provide the necessary processing capability to execute the

smart thing control service (ex: SNMP-based) and the access control service (Ex: local or remote, such as LDAP or Radius).

slide-46
SLIDE 46

46

Conclusion

Advantages of the ContextNet and our security architecture to IoT Systems:

  • The Smart Object may be stationary or mobile (IoMT).
  • The IoT gateway (M-Hub) may also be stationary or mobile and may

communicate to any Smart Object within wireless range.

  • The Smart Object handover between gateways is also possible.
  • A Smart Object can be handled by more than one M-Hub at the same time.
  • The SSDL Core generates different cryptographic and authentication

session keys on the fly for each pair of Smart Object and M-Hub.

slide-47
SLIDE 47

47

Thank you!
 


Markus Endler, Anderson O. da Silva and Rafael A.M.S. Cruz
 {endler, anderson}@inf.puc-rio.br and ramscrz@gmail.com
 


Laboratory for Advanced Collaboration Departament of Informatics PUC-Rio


slide-48
SLIDE 48

48

Related Work

Discussed in the paper:

  • M. Nawir, A. Amir, N. Yaakob, and O.B. Lyn. Internet of Things: Taxonomy
  • f Security Attacks. In 3rd International Conference on Electronic Design

(ICED 2016), Phuket, Thailand, 2016.

  • Focus on smart things and study the IoT network security issues in the

smart home, health care and transportation domain, and then present a taxonomy of security attacks.

  • S. Kulkarni et al. Internet of Things (IoT) Security. In 3rd IEEE Conference
  • n Computing for Sustainable Global Development (INDIACom), March

2016.

  • Also addresses security of smart things but focuses on how data

about/from smart things can be made secure using cryptography.

slide-49
SLIDE 49

49

Related Work

Discussed in the paper:

  • J. Pacheco and S. Hariri. IoT Security Framework for Smart Cyber
  • Infrastructures. In 1st IEEE International Workshops on Foundations and

Applications of Self* Systems (FAS*W), 2016.

  • The paper presents a general threat model that can be used to develop

a security protection methodology for IoT services against cyber- attacks and shows that an Anomaly Behavior Analysis (ABA) Intrusion Detection System (ABA-IDS) can detect and classify a wide range of attacks against IoT sensors.

slide-50
SLIDE 50

50

Related Work

Discussed in the paper:

  • R. Mahmoud, T. Yousuf, F. Aloul, and I. Zualkernan. Internet of things (IoT)

security: Current status, challenges and prospective measures. In 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), pages 336–341, Dec 2015.

  • The paper presents an analysis on the current status and concerns of

IoT security, and proposes some countermeasures such as authentication measure, trust establishment, federated architecture and security awareness to reinforce security.

  • K. Holbrook. IoT Security in the Real World Part 1: Securing the Edge, April
  • 2016. (Last access: January 14th, 2017).
  • The vulnerabilities of Gateways and Edge networks are presented, and

in this scope the author discusses three specific security threats: Network exposure of the Smart Objects, Man-in-the-Middle (MitM) and Impostor Attacks.