Security for Internet-connected devicesJohn Lyle, University of Oxford

Welcome!

John Lyle

Research Assistant at the University of Oxford

Member of the webinos project

Email: me@johnlyle.com

Twitter: @jplyle

What I’m going to say

1. Internet of Things security is hard!

2. There are some good reasons for this.

3. There are new (ish) threats.

4. There are some new technologies to play with.

The Insecurity of Things

What I’m not going to say

1. Security is really important.

2. This is how to exploit [ insert popular technology product ]

3. I have the following silver bullets…

4. Anything about privacy

Why is IOT security difficult?And is there anything we can do about it?

Because…

1. Wireless communication

2. Physical insecurity

3. Constrained devices

4. Potentially sensitive data

5. Lack of standards

6. Heterogeneity: weakest link problem

7. A systems, not software problem

8. Classic web / internet threats

9. Identity management & dynamism

10. Inconvenience and cost

But really…It’s because we don’t know how to

do it.

Yet.

Threats to IOT systemsAdapted from "Security Considerations in the IP-based Internet of Things“ - Garcia-Morchon et al.

http://tools.ietf.org/html/draft-garcia-core-security-05

The physical devices

Can be stolen

Can be modified

Can be replaced

Can be cloned

The software

Can be modified (firmware / OS / middleware)

Can be decompiled to extract credentials

Can be exhausted (denial of service)

The network

Eavesdropping

Man-in-the-middle attacks

Rerouting traffic

Theft of bandwidth

Securing the wholelifecycle

Design

Production

Bootstrapping

Monitoring

Reconfiguration and recovery

Decommission

Who are the attackers?And what do they want?

We don’t know, but…

Make assumptions to make progress

Use Attacker Personas for consistency

Realistic attacker models

Organised crime?

Curious end users? Modders?

Service providers?

The state of the artSome of it, at least.

The webinos approach

TLS and a device PKI

Attribute-based access control

Web identity and authentication

“Personal zone” model

Protocols and identifiers for constrained devices

CoAP: The Constrained Application Protocol

DTLS: Datagram Transport Layer Security

IPsec

Sizzle – SSL with Elliptic Curve Cryptography[1]

HIPS: Host Identity Protocol

HIPS-DEX

ucode

[1] Gupta, V.; Millard, M.; Fung, S.; Zhu, Yu; Gura, N.; Eberle, H.; Shantz, S.C."Sizzle: a standards-based end-to-end security architecture for the embedded Internet,"  Third IEEE International Conference on Pervasive Computing and Communications. pp.247,256, 8-12 March 2005

Thoughts to leave you with.

Many new technologies and protocols are being developed

IOT requires systems security

Share your results!

Any questions?

John Lyle / me@johnlyle.com