IoT security - essay

oquinones
07763373.pdf
Home>Computer Science homework help>IoT security - essay

On-demand security configuration for IoT devices

Boheung Chung, Jeongyeo Kim, and Youngsung Jeon Cyber Security Research Department

Electronics and Telecommunications Research Institute Daejeon, Korea

{bhjung, jnkim, ysjeon}@etri.re.kr

Abstract— IoT, as one of the main focuses, links various kinds of devices to the Internet and even exchanges its data. The advent of IoT which has vast amount of connected devices enables us to monitor and control of real world and changes our daily lifestyle never available before. With such a massive amount of devices, if we don’t set and organize security features on them properly, we will face unexperienced challenges on security issues. In this paper we propose the on-demand security configuration technique that we can configure required security functions and reorganize them without recreating device image. With the help of this approach, if there is a change on this security service, we can substitute the old modules for new ones without regenerating device image.

Keywords— configuruation management for security, security function reconfiguration, on-demand security configuration, IoT

I. INTRODUCTION

Nowadays tremendous number of devices connected to the Internet and we can easily access and utilize one of them from personal gadgets to home appliances and even public services. According to estimation of surveys, by the year of 2020, we would be connected between 20 and 50 billion devices[1, 2]. In this environment, we will encounter unexperienced security challenge if we don’t prepare and configure proper security features in a robust way. Therefore, there are some research efforts to leverage these challenges on OS for IoT[7, 8], configuration management[5, 6] and security updates[3]. According to surveys, lacking of security concern, many of them are very vulnerable and easily exploitable and even some are connectable through the Internet having several vulnerabilities[3]. For example, peeping at sleeping babies without authentication mechanisms is possible.

In this paper we propose the on-demand security configuration technique that we can configure required security functions and reorganize them without recreating device image. We suggest security profile for constructing security functions and configuration map of them for reorganizing theirs combination of the device map without regenerating the device image. As we determine the security modules analyzing requests from the device’s security profile, we can select appropriate these modules required for device’s security service and create configuration map used for re-configuring them. With the help of this approach, if there is a change on this security service, we can substitute the old modules for new ones without regenerating device image.

II. RELATED WORKS

A. IoT OSs and Development Environments

With highly constrained hardware resources, as IoT Devices are evolved to handle from simple sensing data to supporting service, there are several low-end IoT devices such as Arduino Due, Zolertial Re-Mote, IoT-LAB-M3, and Atmel SAM R21[7]. As traditional OSs such as Linux or BSD is not suitable for those devices, several OSs for IoT have been introduced such as RIOT, Contiki, FreeRTOS, and TinyOS[8]. In this environment, in order to support security function, We should determine the device and OS, develop security module with cross-compiler, generate device image, and finally transmit this image to the device which we call it as “fuzing”. Therefore, if we want to change security functions, we must follow this routine repeatedly.

B. Configuration management for security

System or Device should be configured beforehand when anyone who want to use it and it is obvious in service and security aspect. Therefore, configuration management and security is essential to a system administrator and a user who just use a service of the system[3]. As the devices involved in IoT are increased, that is emphasized and important more than before. Configuration management for security is that we should select security function for the device and apply it effectively. Therefore, we can generate or regenerate configuration and enforce this on the device on demand.

C. Device Image Update

Enforcing a new configuration, generally, we should make a new device image and transferred to it through serial cable directly connected or through update process from a remote site. As the number of the device is increased, remote updating is more effective than the other and the size of the transferred image is a crucial factor for updating. To minimize this size, delta image through binary comparison between a old and a new image is used in general. However, we should consider the cost for regenerating the new image in recompilation as well as the delta image.

III. ON-DEMAND SECURITY CONFIGURATION

On-demand security configuration is that we can easily set or change security functionality of a device when it is needed. In this paper, we propose the on-demand security configuration method for IoT device. Generally, if we want to configure some security functionality on the device, we should determine beforehand required security functions to apply on it. After that,

1082978-1-5090-1325-8/16/$31.00 ©2016 IEEE ICTC 2016

we can make a device image with these functions through source code compilation and this image will be transferred to the device through fuzing or update process. Finally, to enable the security functions, we must reboot the device. If we need to adjust some security functions on that device, we must follow the whole steps described above thoroughly and it takes great efforts to accomplish. Due to this difficulty, we can not easily apply security functions on a device.

Figure 1. The concept of on-demand security configuration of device.

A. Security Functional Module(SFM) and Security Profile(SP)

The hardness of applying security on a small device is that we should implement and identify whole required functions before making its device image. In order to easily configure security functionality, we need to separate implementation and enforcement of security function. Because there are many kinds of devices with multiple hardware option, we should implement various kinds of SFMs for the device and we call them as candidate SFMs. For example, we make a SFM for with hardware encryption chip and without it. For enforcing security functions, we should specify which functions required and manifest it as SP. As shown in Figure 1, SP has four type of files: Security Module Spec.(SMS), Interface Spec.(IS), Device Profile(DP) and Security Service Profile(SSP). These files contain specifications for security service and restrictions of device’s HW performance.

B. Structuring Security Functions

To identify and construct adequate security functions for the device, we need to carefully comprise them considering theirs hardware specifications and security requirements. For this purpose, we use four types of SP files. As shown in Figure 1, we firstly collect security service requirements of the device from SSP and choose a proper SFM from candidate SFMs from these requirements. When choosing the SFM, we reference DP which manifests its hardware specialties. For example, if the device has no encryption chip, we should select the SFM with no support for that chip from candidate SFMs. When selecting the SFM, another consideration is the dependancy between SFMs. Therefore, we cannot use some security functions alone if they have strong dependancy for other security functions. In

this situation, we should lookup IS whether the SFM has dependancy with others or not.

C. Configuration map of SFM

Finally, in order to accomplish on-demand security configuration, we need to freely re-organize the sequence of SFMs in the disk image. For this reason, we reserve separate section for the layout information of SFMs within the disk image when generating it. As shown in Figure 2, configuration map of SFM is memory address space layout of security functions in the device image. According to this map, we can easily determine the sequence of structured SFMs and allocate them into the appropriate address space. For example, if we have a SFM for AES and want to have a new SFM for ECC, we can configure these modules and modify theirs layout in the disk image whenever we want according to the configuration map in Figure 2. However, if we want to arrange a new SFM not included in the map, we should make a new disk image and a new configuration map.

IV. SCENARIO OF OPERATIONS

In this section, we describe the scenario of operations to re- organize security functionality of the device easily. To accomplish on-demand security configuration for IoT device, as shown in Figure 2, we explain the work flow how to configure the security functions, generate a device mage, reconfigure them through updating process, and regenerate the

device image.

Figure 2. Operational scenario of on-demand security configuration of devices

A. Configuring security function and generating device image

Generating a device image, we gather multiple set of SP for the device from other devices which have similar hardware features to configure security functional modules. Analyzing those profiles, we should identify and collect SFMs considering functional dependancy among them. After that, as shown in Figure 2, we calculate configuration map for the whole SFMs considering the total address space of memory of the device. Therefore, determining configuration map is building a layout within the device’s memory size. After that, the device image

1083

is transferred through update process or directly sent through fuzing process.

B. Reconfiguration and updating security function

We should reconfigure and update security functionalities to handle the requests such as acquiring for a new SFM or removing a obsolete SFM. As shown in Figure 2, if we need to a new SFM(Security Module B) at device 1, the system in Figure 2 will send the requested SFM through update process because the SFM is included in the configuration map of the device. Removing a obsolete SFM is different from the request for a new SFM since the system doesn’t need to send any SFM to the device. To remove the SFM, the device eliminates the module from its configuration map and send a simple notification of this deleted module to the system.

C. Regenerating device image

When the device requests a new SFM not included in the configuration map, the system should regenerate a new device image which contains a new configuration map. If we can expand the map to hold the new SFM, we simply recreate the map and transfer to the device. However, if not, we should perform the whole process for the device image as described above sections.

V. CONCLUSIONS

In this paper we proposed the on-demand security configuration technique that we can easily set or change security functionality of a device. The proposed technique suggested to use security profile and configuration map to generate and reconfigure a device image for just-in-time security configuration. Through configuring appropriate security modules, we use the security profile to gather information and analyze its dependancy and then the determined modules are contained in the map. Since the map contains information of available security modules in the

device, we can easily append or substitute them according to the map without regenerating device image.

ACKNOWLEDGMENT

This work was supported by Institute for Information & communications Technology Promotion(IITP) grant funded by the Korea government(MSIP) (B0190-16-2032, Development of Operating System Security Core Technology for the Smart Lightweight IoT Devices)

REFERENCES

[1] E. Dave. "The Internet of Things How the Next Evolution of the Internet Is Changing Everything." April 2011. http://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0 411FINAL.pdf (accessed June 24, 2016).

[2] Gartner. "Gartner Says 6.4 Billion Conncected “Things” Will Be in Use in 2016, Up 30 Percent From 2015." November 10, 2015. http://www.gartner.com/newsroom/id/3165317 (accessed June 24, 2016).

[3] J. Sonnerup, J. Karlsson. "Robust Security Updates for Connected Devices." Master's Thesis. Lund University, Sweden 105 pages., March 14, 2016.

[4] M. Patton, E. Gross, R. Chinn, S. Forbis, L. Walker, and H. Chen (2014, September). Uninvited connections: a study of vulnerable devices on the internet of things (IoT). In Intelligence and Security Informatics Conference (JISIC), 2014 IEEE Joint (pp. 232-235). IEEE.

[5] I. Chatzigiannakis, H. Hasemann, M. Karnstedt, O. Kleine, A. Kröller, M. Leggieri, and C. Truong(2012, October). True self-configuration for the IoT. In Internet of Things (IOT), 2012 3rd International Conference on the (pp. 9-15). IEEE.

[6] S. M. Bellovin and R. Bush(2009). Configuration management and security. IEEE Journal on Selected Areas in Communications, 27(3), 268-274.

[7] T. BORGOHAIN, U. KUMAR: SANYAL, Sugata. Survey of Operating Systems for the IoT Environment. arXiv preprint arXiv:1504.02517, 2015.

[8] BACCELLI, Emmanuel, et al. OS for the IoT-Goals, Challenges, and Solutions. In: Workshop Interdisciplinaire sur la Sécurité Globale (WISG2013). 2013.

1084