755 research outputs found
RADIS: Remote Attestation of Distributed IoT Services
Remote attestation is a security technique through which a remote trusted
party (i.e., Verifier) checks the trustworthiness of a potentially untrusted
device (i.e., Prover). In the Internet of Things (IoT) systems, the existing
remote attestation protocols propose various approaches to detect the modified
software and physical tampering attacks. However, in an interoperable IoT
system, in which IoT devices interact autonomously among themselves, an
additional problem arises: a compromised IoT service can influence the genuine
operation of other invoked service, without changing the software of the
latter. In this paper, we propose a protocol for Remote Attestation of
Distributed IoT Services (RADIS), which verifies the trustworthiness of
distributed IoT services. Instead of attesting the complete memory content of
the entire interoperable IoT devices, RADIS attests only the services involved
in performing a certain functionality. RADIS relies on a control-flow
attestation technique to detect IoT services that perform an unexpected
operation due to their interactions with a malicious remote service. Our
experiments show the effectiveness of our protocol in validating the integrity
status of a distributed IoT service.Comment: 21 pages, 10 figures, 2 table
ScaRR: Scalable Runtime Remote Attestation for Complex Systems
The introduction of remote attestation (RA) schemes has allowed academia and
industry to enhance the security of their systems. The commercial products
currently available enable only the validation of static properties, such as
applications fingerprint, and do not handle runtime properties, such as
control-flow correctness. This limitation pushed researchers towards the
identification of new approaches, called runtime RA. However, those mainly work
on embedded devices, which share very few common features with complex systems,
such as virtual machines in a cloud. A naive deployment of runtime RA schemes
for embedded devices on complex systems faces scalability problems, such as the
representation of complex control-flows or slow verification phase.
In this work, we present ScaRR: the first Scalable Runtime Remote attestation
schema for complex systems. Thanks to its novel control-flow model, ScaRR
enables the deployment of runtime RA on any application regardless of its
complexity, by also achieving good performance. We implemented ScaRR and tested
it on the benchmark suite SPEC CPU 2017. We show that ScaRR can validate on
average 2M control-flow events per second, definitely outperforming existing
solutions.Comment: 14 page
PADS: Practical Attestation for Highly Dynamic Swarm Topologies
Remote attestation protocols are widely used to detect device configuration
(e.g., software and/or data) compromise in Internet of Things (IoT) scenarios.
Unfortunately, the performances of such protocols are unsatisfactory when
dealing with thousands of smart devices. Recently, researchers are focusing on
addressing this limitation. The approach is to run attestation in a collective
way, with the goal of reducing computation and communication. Despite these
advances, current solutions for attestation are still unsatisfactory because of
their complex management and strict assumptions concerning the topology (e.g.,
being time invariant or maintaining a fixed topology). In this paper, we
propose PADS, a secure, efficient, and practical protocol for attesting
potentially large networks of smart devices with unstructured or dynamic
topologies. PADS builds upon the recent concept of non-interactive attestation,
by reducing the collective attestation problem into a minimum consensus one. We
compare PADS with a state-of-the art collective attestation protocol and
validate it by using realistic simulations that show practicality and
efficiency. The results confirm the suitability of PADS for low-end devices,
and highly unstructured networks.Comment: Submitted to ESORICS 201
LIRA-V:Lightweight Remote Attestation for Constrained RISC-V Devices
This paper presents LIRA-V, a lightweight system for performing remote
attestation between constrained devices using the RISC-V architecture. We
propose using read-only memory and the RISC-V Physical Memory Protection (PMP)
primitive to build a trust anchor for remote attestation and secure channel
creation. Moreover, we propose a bi-directional attestation protocol for
trusted device-to-device communication, which is subjected to formal symbolic
verification using Scyther. We present the design, implementation and
evaluation of LIRA-V using an off-the-shelf {RISC-V} microcontroller and
present performance results to demonstrate its suitability. To our knowledge,
we present the first remote attestation mechanism suitable for constrained
RISC-V devices, with applications to the Internet of Things (IoT) and Cyber
Physical Systems (CPS).Comment: Accepted at IEEE SafeThings (in conjunction with IEEE Security &
Privacy '21
Trusted Launch of Virtual Machine Instances in Public IaaS Environments
Cloud computing and Infrastructure-as-a-Service (IaaS) are emerging
and promising technologies, however their adoption is hampered by data security
concerns. At the same time, Trusted Computing (TC) is experiencing an increasing
interest as a security mechanism for IaaS. In this paper we present a protocol
to ensure the launch of a virtual machine (VM) instance on a trusted remote
compute host. Relying on Trusted Platform Module operations such as binding
and sealing to provide integrity guarantees for clients that require a trusted VM
launch, we have designed a trusted launch protocol for VM instances in public IaaS
environments. We also present a proof-of-concept implementation of the protocol
based on OpenStack, an open-source IaaS platform. The results provide a basis
for the use of TC mechanisms within IaaS platforms and pave the way for a wider
applicability of TC to IaaS security
C-FLAT: Control-FLow ATtestation for Embedded Systems Software
Remote attestation is a crucial security service particularly relevant to
increasingly popular IoT (and other embedded) devices. It allows a trusted
party (verifier) to learn the state of a remote, and potentially
malware-infected, device (prover). Most existing approaches are static in
nature and only check whether benign software is initially loaded on the
prover. However, they are vulnerable to run-time attacks that hijack the
application's control or data flow, e.g., via return-oriented programming or
data-oriented exploits. As a concrete step towards more comprehensive run-time
remote attestation, we present the design and implementation of Control- FLow
ATtestation (C-FLAT) that enables remote attestation of an application's
control-flow path, without requiring the source code. We describe a full
prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone
hardware security extensions. We evaluate C-FLAT's performance using a
real-world embedded (cyber-physical) application, and demonstrate its efficacy
against control-flow hijacking attacks.Comment: Extended version of article to appear in CCS '16 Proceedings of the
23rd ACM Conference on Computer and Communications Securit
- …