RFC9031: Constrained Join Protocol (CoJP) for 6TiSCH

International audienceThis document describes the minimal framework required for a new device, called a "pledge", to securely join a 6TiSCH (IPv6 over the Time-Slotted Channel Hopping mode of IEEE 802.15.4) network. The framework requires that the pledge and the JRC (Join Registrar/Coordinator, a central entity), share a symmetric key. How this key is provisioned is out of scope of this document. Through a single CoAP (Constrained Application Protocol) request-response exchange secured by OSCORE (Object Security for Constrained RESTful Environments), the pledge requests admission into the network, and the JRC configures it with link-layer keying material and other parameters. The JRC may at any time update the parameters through another request-response exchange secured by OSCORE. This specification defines the Constrained Join Protocol and its CBOR (Concise Binary Object Representation) data structures, and it describes how to configure the rest of the 6TiSCH communication stack for this join process to occur in a secure manner. Additional security mechanisms may be added on top of this minimal framework

Recolha de informação de estado para análise forense digital

Dissertação de Mestrado em Engenharia InformáticaNo contexto de uma análise forense a um computador, é usual que o técnico queira obter o máximo de informacão possível. Em particular, sempre que um técnico se depara com um computador ligado, este deverá tentar recolher o máximo de informação de estado possível. Dispositivos USB apresentam-se como veículos interessantes para construir mecanismos automatizados para esta recolha de informa c~ao, pois permitem armazenar as aplica c~oes necess arias para a recolha da informacão, o resultado da recolha da informacão e facilitar a recolha de forma automática após a sua inserção no PC. Este trabalho tece uma proposta de solução USB para facilitar a recolha de informacão de estado com garantia de integridade e multi-plataforma.In the context of a digital forensic analysis, the technician usually wants to get as much information as possible. In particular, whenever a technician encounters a computer that is turned on, it should try to collect as much status information as possible. USB devices present themselves as interesting vehicles for the automated collection of such information, as it can store the applications required for the collection of the information, can store the results of the information collection and can also facilitate the information collection by enabling its automatic operation, where available. This paper proposes a USB solution to facilitate the collection of state information with integrity guarantees and multi-platform operation