Software-Based Security Approach for Networked Embedded Devices-Reference-Cited by-同舟云学术

Software-Based Security Approach for Networked Embedded Devices

Published:2023-10-30 Issue:1 Volume:43 Page:73-77
ISSN:1094-3641
Container-title:ACM SIGAda Ada Letters
language:en
Short-container-title:Ada Lett.

Author:

Ferreira José¹,Oliveira Alan¹,Souto André¹,Cecílio José¹

Affiliation:

1. LASIGE, Departamento de Informática, Faculdade de Ciências da Universidade Lisboa,

Abstract

As the Internet of Things (IoT) continues to expand, data security has become increasingly important for ensuring privacy and safety, especially given the sensitive and, sometimes, critical nature of the data handled by IoT devices. There exist hardware-based trusted execution environments used to protect data, but they are not compatible with low-cost devices that lack hardware-assisted security features. The research in this paper presents software-based protection and encryption mechanisms explicitly designed for embedded devices. The proposed architecture consists of two parts: the Agent, which is designed to work with low-cost, low-end devices without requiring modifications to the underlying hardware, and the Computing Module, which is designed for slightly more computationally powerful devices. The Computing Module enables devices to write data in protected memory and continuously verifies its integrity to provide protection. Additionally, it utilizes the Agents located on the device to safeguard device applications against attacks by requesting the Agent to generate an application code signature and validating it. The proposed solution is an alternative data security approach for low-cost IoT devices without compromising performance or functionality. Our work underscores the importance of developing secure and cost-effective solutions for protecting data in the context of IoT.

Publisher

Association for Computing Machinery (ACM)

Subject

General Medicine

Link

https://dl.acm.org/doi/pdf/10.1145/3631483.3631495

Reference14 articles.

1. M. Ammar and B. Crispo , Verify&revive: Secure detection and recovery of compromised low-end embedded devices," in Annual Computer Security Applications Conference, (New York, NY), p. 717--732 , ACM , 2020 . M. Ammar and B. Crispo, Verify&revive: Secure detection and recovery of compromised low-end embedded devices," in Annual Computer Security Applications Conference, (New York, NY), p. 717--732, ACM, 2020.

2. S The Security MicroVisor: A Formally-Verified Software-Based Security Architecture for the Internet of Things

3. M. Grisafi , M. Ammar , M. Roveri , and B. Crispo , PISTIS: Trusted computing architecture for low-end embedded systems," in 31st USENIX Security Symposium, (Boston , MA) , pp. 3843 -- 3860 , Aug. 2022 . M. Grisafi, M. Ammar, M. Roveri, and B. Crispo, PISTIS: Trusted computing architecture for low-end embedded systems," in 31st USENIX Security Symposium, (Boston, MA), pp. 3843--3860, Aug. 2022.

4. T. C. Group , TCG specification architecture overview." https://trustedcomputinggroup. org/wp-content/uploads/TCG\_1\_4\ _Architecture\_Overview.pdf , 2007 . [Online - Accessed on 11--11--2022]. T. C. Group, TCG specification architecture overview." https://trustedcomputinggroup. org/wp-content/uploads/TCG\_1\_4\ _Architecture\_Overview.pdf, 2007. [Online - Accessed on 11--11--2022].

5. V. Costan and S. Devadas , Intel sgx explained." Cryptology ePrint Archive , Paper 2016/086 , 2016 . https: //eprint.iacr.org/2016/086. V. Costan and S. Devadas, Intel sgx explained." Cryptology ePrint Archive, Paper 2016/086, 2016. https: //eprint.iacr.org/2016/086.