Blockchain-enhanced Roots-of-Trust

Establishing a root-of-trust is a key early step in establishing trust throughout the lifecycle of a device, notably by attesting the running software. A key technique is to use hardware security in the form of specialised modules or hardware functions such as TPMs. However, even if a device supports such features, other steps exist that can compromise the overall trust model between devices being manufactured until decommissioning. In this paper, we discuss how blockchains, and smart contracts in particular, can be used to harden the overall security management both in the case of existing hardware enhanced security or when only software attestation is possible

BootBandit: A macOS bootloader attack

Historically, the boot phase on personal computers left systems in a relatively vulnerable state. Because traditional antivirus software runs within the operating system, the boot environment is difficult to protect from malware. Examples of attacks against bootloaders include so‐called “evil maid” attacks, in which an intruder physically obtains a boot disk to install malicious software for obtaining the password used to encrypt a disk. The password then must be stored and retrieved again through physical access. In this paper, we discuss an attack that borrows concepts from the evil maid. We assume exploitation can be used to infect a bootloader on a system running macOS remotely to install code to steal the user\u27s password. We explore the ability to create a communication channel between the bootloader and the operating system to remotely steal the password for a disk protected by FileVault 2. On a macOS system, this attack has additional implications due to “password forwarding” technology, in which a user\u27s account password also serves as the FileVault password, enabling an additional attack surface through privilege escalation

Access controls on IP based cameras in IoT ecosystem

A thesis submitted in partial fulfilment of the requirements for the Degree of Master of Science in Information Systems Security (MSc.ISS) at Strathmore UniversityInternet of things (IoT) is a concept of connected things that allows embedded devices, sensors and actuators to interconnect and share data thus bridging the gap between physical devices and virtual objects. The concept of IoT started gaining popularity in 2010, with its popularity impressively outgrowing other concepts up to date. The growth of IoT has seen more than 30% companies globally initiating the process of deploying IoT. IoT security has been a challenge due to its nascent market where manufacturers focus much on getting the product to the market rather than building security from start. Internet Protocol (IP) based cameras are among the most popular IoT devices. Governments, corporations to small business and homeowners are using cameras for surveillance among other activities, with their popularity growing due to their ability to collect and transmit data remotely. As cameras are expected to perform sophisticated tasks, it is important to protect the cameras and data they handle.The focus of this dissertation is to come up with an access control solution for IP based cameras, in efforts to reduce vulnerabilities associated with identity and access management. This dissertation adopted Rapid Application Development (RAD) methodology to develop the proposed solution. The methodology provided flexibility in changing requirements and testing the prototype at an early stage to continuously improve the system. Must, Should, Could, Would Not (MoSCoW) method was used to identify and rank requirements in evaluating the gaps that existed in the market, as this dissertation could not address all the vulnerabilities the method helped in picking the vulnerabilities to be handled first.The tested and validated prototype provides a mechanism to restrict factory set authentication credentials, system access lockouts and sending of alerts in cases of suspicious login attempts. The prototype demonstrate how Integrity of camera feeds can be maintained by using a combination of interplanetary file system (IPFS) and Blockchain. The solution also records and stores system logs in immutable format to support forensic investigation

Recommendations for securing Internet of Things devices using commodity hardware.

The Internet of Things (IoT) describes a world where ubiquitous devices such as sensors are all capable of communicating with the Internet. The concept of Internet enabling devices is not new, however the popularity of IoT promises to increase the number of connected devices considerably. Ubiquitous IoT devices have serious security implications as they occur in large numbers, are geographically distributed and can be difficult to physically secure. These devices may contain sensitive or commercially valuable data making them attractive to various forms of attack.</span