security in the distributed internet of … in the distributed internet of things 3. ... security in...
Post on 24-Apr-2018
224 Views
Preview:
TRANSCRIPT
SECURITY IN THE DISTRIBUTED INTERNET OF THINGS
JAVIER LOPEZ NICS LAB
UNIVERSITY OF MALAGA
InTrust 2012 Royal Holloway, December 17th
Foundations of the IoT
• IPv6, 100 addresses for every atom on face of the Earth • Microcontrollers which fit in one cubic millimeter • IP traffic exceeding half a trillion gigabytes next year • Nature of the data we collect and analyze is changing
– 10000 IP connected security cameras in London, 1000 connected sensors in bridge in Hong Kong
– … millions of roads, buildings, …
• Extract valuable knowledge from data – Analytic tools, data aggregation techniques, multi-node cooperation
• Companies and governments excited about smart infrastructures – smart grids, smart rail, smart buildings, smart sewers… – they see competitive, environmental and economic advantages
Security in the Distributed Internet of Things
3
The rising of the “Things”: numbers don’t lie …
• Today, 7 billion persons – … and more than 9 billion connected devices!
– connected devices exceeding people on the Earth!
• By 2020, ‘things’ connected to the Internet – GSMA: 24 billion connected devices by 2020
– Ericsson and Cisco: 50 billion
– IBM: 1 trillion connected devices by 2015
4
The rising of the “Things”: … neither do facts
• More than half of the devices at CES in 2012 connected – 60% of them non-traditional computing devices: TVs, cars, refrigerators and
washing machines
• Trees in Paris avenues equipped with an RFID tag • China’s inland and maritime rivers ubiquitously connected:
– 134000 ships enabled with Automated Identification System
• Algeciras’ port, first semiautomatic terminal in the Mediterranean sea
• Juniper Research forecast: M2M will support industry revenues of over $35 billion in 2016
• …intelligence in appliances, roadways, rail lines, power grids, clothes, supply chains, waterways and agriculture.
Security in the Distributed Internet of Things
5
Public/Private sectors interest (EU FP7) 6
Project Acronym Project Name Project Cost
CASAGRAS2 Coordination and Support Action for Global RFID-related Activities and Standardisation - 2 1.040.176 EUR
IoT-I Internet Of Things Initiative 1.337.923 EUR IoT-A Internet of Things Architecture 18.678.983 EUR Ebbits Enabling the Business-Based Internet of Things and Services 12.022.392 EUR
ELLIOT Experiential Living Labs for the Internet Of Things 3.303.060 EUR SPRINT Software Platform For Integration Of Engineering And Things 3.462.477 EUR
NEFFICS Networked Enterprise transFormation and resource management in Future internet enabled Innovation CloudS 4.146.686 EUR
SmartAgriFood Smart Food and Agribusiness 7.364.923 EUR OpenIoT Open Source Solution for the Internet of Things into the Cloud 4.182.038 EUR GAMBAS Generic Adaptive Middleware for Behavior-driven Autonomous Services 3.105.024 EUR
iCore Internet Connected Objects for Reconfigurable Ecosystems 13.425.584 EUR IoT@Work Internet of Things at Work 5.890.830 EUR BUTLER Secure and Context Awareness in the IoT 14.666.520 EUR
PROBE-IT Pursuing ROadmaps and BEnchmarks for the Internet of Things 1.393.375 EUR
IoT.est Internet of Things Environment for Service Creation and Testing 3.833.769 EUR
IoT6 Universal Integration of the Internet of Things through an IPv6-based Service Oriented Architecture enabling heterogeneous components interoperability 4.144.648 EUR
Specific Private sector interest (I)
• “Enormous computational power […] is being put into things no one would recognize as computers”
• “reduce cost and waste, improve efficiency and productivity and raise quality of everything from our products, to our companies, to our cities”
• “We have committed the resources of the IBM company to making smarter systems a reality in every part of the world” Ø Samuel J. Palmisano, IBM President and CEO
• “You will look at a room and ask: what will be connected? How would it be
different if all those things were connected? There will be more M2M connection points than you can shake a stick at”. Ø Bobby Morrison, president of Verizon Pacific Northwest region
• Most operators investing significant resources in M2M: Vodafone, O2, Telefonica, AT&T, Sprint … Ø Juniper Research Whitepaper
Security in the Distributed Internet of Things
7
Specific Private sector interest (II)
• Google X Lab: – “Secret” Lab, >100 projects on future technologies, many related to
connection of devices to the Internet
– Sergey Brin, Google's co-founder, deeply involved in Google X • “Every time anyone uses the Web, it benefits Google, so it could be good for Google if
home accessories and wearable objects, not just computers, were connected”
• Intel investing in IoT: – The China Intel IoT Joint Labs
– £20 million invested; research and development of the core technologies for powering the Internet of Things
Security in the Distributed Internet of Things
8
The Concept
• The concept of Internet of Things has evolved over time, but the core idea is:
“A worldwide network of interconnected entities”
• Each of the Things: o has a locatable, addressable and readable
counterpart on the Internet
o can open a communication channel with any
other entity, providing a receiving services
at any time and place, and in any way
9
Security in the Distributed Internet of Things
• Many technologies serve as the building blocks of this new paradigm WSN, RFID, cloud services, M2M, …
• It has a multitude of application domains
– automotive
– healthcare
– logistics
– environmental monitoring
– etc.
Security in the Distributed Internet of Things
10
• There are different architectures that have been considered to make IoT a reality: – Centralized
– Collaborative – Connected (Intranets)
– Distributed
• And there are two design principles that help to compare these architectures with the aim of selecting which one is best suited for achieving a full IoT: o edge intelligence: location of the intelligence and provisioning of services
at the edge of the network o collaboration: interconnection among diverse type of entities in order to
achieve a common goal
Security in the Distributed Internet of Things
11
IoT architectures vs design criteria
Security in the Distributed Internet of Things
13
Edge Intelligence
Collabora1on
Centralized IoT
? ?
Collabora1ve IoT ? ?
Connected Intranet of Things
? ?
Distributed IoT ? ?
Centralized IoT
• Data acquisition networks are passive
• All data is retrieved by a single central entity
• Consequently, users must connect through the Internet to the interfaces provided by this central entity
Edge intelligence
Collaboration
Security in the Distributed Internet of Things
14
CENTRALIZED IOT
Collaborative IoT
• The intelligence of the network is still located within central entities
• However, various central entities can exchange data and/or information, thus generating new services or enriching existing ones
Edge intelligence
Collaboration
Security in the Distributed Internet of Things
15
COLLABORATIVE IOT
Connected Intranets of Things
• Data acquisition networks (Intranets of Things) can process local information
• Can also provide it not only to central entities but also to local and remote users
• However, no underlying mechanisms that facilitate the collaboration among the entities – Information mainly flows from intranets to central entity
Edge intelligence Collaboration
Security in the Distributed Internet of Things
16
CONNECTED INTRANETS OF THINGS
(MANUAL CONFIG)
Distributed IoT
• All entities have the ability to retrieve, process, combine, and provide information and services to other entities
• Provision of services at local level but also collaborating with each other
• It is possible to integrate high level services or other centralized entities within the architecture
Edge intelligence Collaboration
Security in the Distributed Internet of Things
17
DISTRIBUTED IOT
IoT architectures vs design criteria - Summary
Security in the Distributed Internet of Things
18
Edge Intelligence
Collabora1on
Centralized IoT
Collabora1ve IoT
Connected Intranet of Things
Distributed IoT
PROP./REQ. CENTRALIZED IoTPRINCIPLES
(Collaboration) (Edge Intelligence)Openness High (Simple) High (Multiple APIs)
ViabilityBusiness Model Already in market Similar to hybrid cloudsVendor Lock-in Possible More choices Access to data sources
ReliabilityAvailability Zero if failure Partial if failure Local data if failurePerformance Service level + Latency Distr. bandwidth Limited latency (local)
Scalability Limited to cloud resources Scalable Scalable at edgeInteroperability Simple Complex (global) Complex (raw)
Data Management Pull, Data at cloud Pull, Push (partial)
Table 1: Analysis of properties and requirements of the di↵erent distributed IoT principles
Table 1 presents an overview of the features (minus the Security issues) ofthe centralized IoT approach, together with the features of approaches thatfollow the collaboration and edge intelligence principles. From the resultsof this table, it is possible to infer why the centralized approach was thefirst to enter the market. In terms of openness, a centralized solution usuallyprovides a small set of (mostly) proprietary APIs for acquiring and providingdata. This way, application developers can use these APIs to develop richand complex IoT applications. Regarding availability, most companies buildtheir infrastructures through cloud companies, which usually have a verygood service uptime: in 2012 [20] it was 99.99% with a standard deviation of0.00215%. As for interoperability, it is easy to achieve: all data sources willinteract with the data acquisition API provided by the centralized system,thus it is only necessary to create one adaptor per data source. Finally, theviability of the business model has been proved by the existence of profitableventures and companies.
Although the centralized approach has a great potential to bring the IoTinto life, the other distributed approaches also provide interesting advantages.In the collaborative IoT approach (which follows the collaboration prin-ciple), the risk of vendor lock-in becomes smaller, as customers can combinedi↵erent service providers to obtain a particular service. Availability is im-proved too: if one of the service providers fails, customers can not only try tosearch another entity that manages a similar data set, but also use the otherproviders to retrieve a partial view of the information. In addition, the scal-ability feature is greatly improved by the distribution of the computationaland data management resources. Finally, it is important to note that theperformance of this approach can be slightly worse due to the information
9
• Besides the previously mentioned design principles, there are properties that are worth to explore:
• This analysis reveals that a distributed IoT architecture provides the necessary features to make the full IoT a reality – however, it is a type of architecture that has not received much attention yet
Security in the Distributed Internet of Things
19
Work in EU Projects
• There are projects that have elaborated on some specific issues of IoT distributed architecture: o IoT-A: aims to provide an architectural reference model for the
interoperability of IoT systems
o HYDRA: provides building blocks which can help to build a distributed IoT, developing an open source middleware for web services
o SENSEI: provides a consistent interface to access WSN islands
o CUBIQ: has studied and developed various P2P-based distributed mechanisms
• And what’s about Security? …
20
Security in the Distributed Internet of Things
And what’s about Security?
Security in the Distributed Internet of Things
22
FAULT TOLERANCE
TRUST / GOVERNANCE PROPERTIES / APP-SPECIFIC
-‐ Iden'fica'on Technology -‐ Hardware -‐ Security and Privacy Tech. -‐ IoT Architecture Tech. -‐ Communica'on Tech. -‐ Network Tech. -‐ So@ware and Algorithms -‐ Discovery and Search Engine Tech. -‐ Standarisa'on
-‐ Cyber-‐Security -‐ Architecture -‐ E-‐Iden'ty -‐ Usability -‐ Privacy -‐ Management and Governance -‐ Protec'on -‐ Accountability -‐ Trust Engineering -‐ Socio-‐Economics
IDENT
ITY ?
ARCHITECTURE
Identity and Authentication
• Billions of things are going to be interconnected, so it is necessary to manage their identities in a scalable way
• Interactions will be highly dynamic, so entities of the IoT might not even know in advance which partners can be interacted to create a certain service
• Aspects such as owners and groups must be considered – clustering entities in local groups and using strategies like delegating
authentication tasks
• Due to the edge intelligence principle, users can directly query to local information providers – some kind of authentication logic must be present even in tiniest objects
• Authentication may be based on attributes
23
Communication protocols
• There is a need to analyze the number of security protocols that can be implemented within the device
• When opening a secure channel, devices should be able to negotiate the actual parameters of the channel (algorithms, strength, protection mechanisms, …) – Because constrained devices might not be able
to implement certain configurations – Things that can be accessed directly need to be
careful about the overhead caused by incoming connections
• Any entity can connect with any other at anytime, hence key management becomes a significant problem
• Management of credentials and ability of embedded devices to support complex key exchange protocols based on PKC
Security in the Distributed Internet of Things
24
Data management and privacy
• Due to edge intelligence principle, every entity has more control over the data it generates and processes – Entities can control the granularity of the data they produce
– Entities can define their own access policies
• They do not need to provide all the data they produce, but only the data that is needed by the external entities for a particular service – Closely related to privacy, as it will be more difficult to create a profile of a
certain entity if not all the information is available
– However, because of the edge intelligence principle, entities may be able to adapt their behaviour and track users more effectively
Security in the Distributed Internet of Things
25
Trust management and Governance
• Two dimensions of trust can be considered: a) Trust in the interactions among entities
b) Trust in the system from the users’ perspective
• There is uncertainty in both the interactions with data providers and service providers – How can reputation and trust be calculated and shared?
– Which ontology should be used?
– Can reports from other systems be trusted?
• However, better use of second-hand information sources
Security in the Distributed Internet of Things
26
Trust management and Governance
• Policies can be defined at the edge of the network, so it is possible to implement certain rules
• It is necessary to implement various distributed mechanisms to control and enforce those policies
• As logging subsystems will be distributed throughout the network, it will be more difficult to retrieve all the relevant information that might be needed for forensic analysis
Security in the Distributed Internet of Things
27
Fault tolerance
• ‘Things’ can become faulty and stop working, but they also can send bogus or even manipulated data
• It is necessary to discover another ‘thing’ that can provide a similar set of data – Discovery mechanism that is able to pinpoint related
data flows • Local clusters can help
– Additional mechanisms are needed to assure survivability of the network in case a part of the infrastructure fails
• For bogus data, information can be retrieved at a local level or in the interactions with other entities to apply advanced intrusion detection systems
Security in the Distributed Internet of Things
28
WHAT’S THE STARTING POINT AND WHAT’S IS ENVISIONED
Security in the Distributed Internet of Things
29
• SENSEI project: provides support for interdomain collaboraCon through federated idenCty, management and access tokens translaCon.
• Minimal En'ty: stores the digital idenCty of the user
(acts as his representaCve in the virtual world). It allows the implementaCon of pseudonyms through semanCcally secure encrypCon.
• Digital shadow: users can delegate their access control
credenCals and other informaCon to mulCple objects or virtual enCCes.
• Social Access Controller: smart gateway infrastructure
that allows users to retrieve data from local sensors using social network credenCals.
• Context: considered as another factor in a RBAC model. Owners of the assets can define, manage and enforce their own context-‐based policies.
31
• Commercial implementaCons of DTLS and already some work on providing them in sensor environments. IPsec can be applicable to constrained environments if certain tradeoffs are accepted.
• Constrained devices behaving as clients can make use of PKC-‐based key exchange protocols without major problems
• Security architecture, its deployment model and general security needs in the context of the lifecycle of a thing.
32
• Some theoreCcal studies that analyze the suitability of trust management systems for the IoT. Other, more pragmaCc approaches focus on the interacCons between users and IoT enCCes.
• EU Digital Agenda: Commission consults on rules for wirelessly connected devices -‐ the "Internet of Things"
33
• Clustering-‐based mechanisms and other data mining techniques to detect outliers and intrusions
• Intrusion detecCon mechanisms and rules focus on internal adversaries that try to a_ack the specific protocols of data acquisiCon networks
34
• As for PETs, secure mulC-‐party computaCons have been explicitly studied for the IoT.
Another interesCng perspecCve of privacy in a distributed IoT considers a local environment as an operaCng system.
35
top related