Remote attestation is a security technique through which a remote trusted party (i.e., Verifier) checks the trust-worthiness of a potentially untrusted device (i.e., Prover). In the Internet of Things (IoT) systems, the existing remote attestation protocols propose various approaches to detect the modified software and physical tampering attacks. However, in an inter-operable IoT system, in which IoT devices interact autonomously among themselves, an additional problem arises: a compromised IoT service can influence the genuine operation of other invoked service, without changing the software of the latter. In this paper, we propose a protocol for Remote Attestation of Distributed IoT Services (RADIS), which verifies the trust-worthiness of distributed IoT services. Instead of attesting the complete memory content of the entire interoperable IoT devices, RADIS attests only the services involved in performing a certain functionality. RADIS relies on a control-flow attestation technique to detect IoT services that perform an unexpected operation due to their interactions with a malicious remote service. Our experiments show the effectiveness of our protocol in validating the integrity status of a distributed IoT service.

RADIS: remote attestation of distributed IoT services / Conti, M.; Dushku, E.; Mancini, L. V.. - (2019), pp. 25-32. (Intervento presentato al convegno 6th International Conference on Software Defined Systems, SDS 2019 tenutosi a Rome; Italy) [10.1109/SDS.2019.8768670].

RADIS: remote attestation of distributed IoT services

Dushku E.
Secondo
Membro del Collaboration Group
;
Mancini L. V.
Ultimo
Supervision
2019

Abstract

Remote attestation is a security technique through which a remote trusted party (i.e., Verifier) checks the trust-worthiness of a potentially untrusted device (i.e., Prover). In the Internet of Things (IoT) systems, the existing remote attestation protocols propose various approaches to detect the modified software and physical tampering attacks. However, in an inter-operable IoT system, in which IoT devices interact autonomously among themselves, an additional problem arises: a compromised IoT service can influence the genuine operation of other invoked service, without changing the software of the latter. In this paper, we propose a protocol for Remote Attestation of Distributed IoT Services (RADIS), which verifies the trust-worthiness of distributed IoT services. Instead of attesting the complete memory content of the entire interoperable IoT devices, RADIS attests only the services involved in performing a certain functionality. RADIS relies on a control-flow attestation technique to detect IoT services that perform an unexpected operation due to their interactions with a malicious remote service. Our experiments show the effectiveness of our protocol in validating the integrity status of a distributed IoT service.
2019
6th International Conference on Software Defined Systems, SDS 2019
distributed IoT Services; interoperable IoT; remote attestation; service flow
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
RADIS: remote attestation of distributed IoT services / Conti, M.; Dushku, E.; Mancini, L. V.. - (2019), pp. 25-32. (Intervento presentato al convegno 6th International Conference on Software Defined Systems, SDS 2019 tenutosi a Rome; Italy) [10.1109/SDS.2019.8768670].
File allegati a questo prodotto
File Dimensione Formato  
Dushku_RADIS_2019.pdf

accesso aperto

Tipologia: Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 941.12 kB
Formato Adobe PDF
941.12 kB Adobe PDF

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1386973
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 25
  • ???jsp.display-item.citation.isi??? 19
social impact