SECURITY IN THE DISTRIBUTED INTERNET OF … in the Distributed Internet of Things 3. ... Security in...

SECURITY IN THE DISTRIBUTED INTERNET OF THINGS

JAVIER LOPEZ NICS LAB

UNIVERSITY OF MALAGA

InTrust 2012 Royal Holloway, December 17th

INTRODUCTION

Security in the Distributed Internet of Things

2

Foundations of the IoT

•  IPv6, 100 addresses for every atom on face of the Earth •  Microcontrollers which fit in one cubic millimeter •  IP traffic exceeding half a trillion gigabytes next year •  Nature of the data we collect and analyze is changing

–  10000 IP connected security cameras in London, 1000 connected sensors in bridge in Hong Kong

–  … millions of roads, buildings, …

•  Extract valuable knowledge from data –  Analytic tools, data aggregation techniques, multi-node cooperation

•  Companies and governments excited about smart infrastructures –  smart grids, smart rail, smart buildings, smart sewers… –  they see competitive, environmental and economic advantages


3

The rising of the “Things”: numbers don’t lie …

•  Today, 7 billion persons –  … and more than 9 billion connected devices!

–  connected devices exceeding people on the Earth!

•  By 2020, ‘things’ connected to the Internet –  GSMA: 24 billion connected devices by 2020

–  Ericsson and Cisco: 50 billion

–  IBM: 1 trillion connected devices by 2015

4

The rising of the “Things”: … neither do facts

•  More than half of the devices at CES in 2012 connected –  60% of them non-traditional computing devices: TVs, cars, refrigerators and

washing machines

•  Trees in Paris avenues equipped with an RFID tag •  China’s inland and maritime rivers ubiquitously connected:

–  134000 ships enabled with Automated Identification System

•  Algeciras’ port, first semiautomatic terminal in the Mediterranean sea

•  Juniper Research forecast: M2M will support industry revenues of over $35 billion in 2016

•  …intelligence in appliances, roadways, rail lines, power grids, clothes, supply chains, waterways and agriculture.


5

Public/Private sectors interest (EU FP7) 6

Project Acronym Project Name Project Cost

CASAGRAS2 Coordination and Support Action for Global RFID-related Activities and Standardisation - 2 1.040.176 EUR

IoT-I Internet Of Things Initiative 1.337.923 EUR IoT-A Internet of Things Architecture 18.678.983 EUR Ebbits Enabling the Business-Based Internet of Things and Services 12.022.392 EUR

ELLIOT Experiential Living Labs for the Internet Of Things 3.303.060 EUR SPRINT Software Platform For Integration Of Engineering And Things 3.462.477 EUR

NEFFICS Networked Enterprise transFormation and resource management in Future internet enabled Innovation CloudS 4.146.686 EUR

SmartAgriFood Smart Food and Agribusiness 7.364.923 EUR OpenIoT Open Source Solution for the Internet of Things into the Cloud 4.182.038 EUR GAMBAS Generic Adaptive Middleware for Behavior-driven Autonomous Services 3.105.024 EUR

iCore Internet Connected Objects for Reconfigurable Ecosystems 13.425.584 EUR IoT@Work Internet of Things at Work 5.890.830 EUR BUTLER Secure and Context Awareness in the IoT 14.666.520 EUR

PROBE-IT Pursuing ROadmaps and BEnchmarks for the Internet of Things 1.393.375 EUR

IoT.est Internet of Things Environment for Service Creation and Testing 3.833.769 EUR

IoT6 Universal Integration of the Internet of Things through an IPv6-based Service Oriented Architecture enabling heterogeneous components interoperability 4.144.648 EUR

Specific Private sector interest (I)

•  “Enormous computational power […] is being put into things no one would recognize as computers”

•  “reduce cost and waste, improve efficiency and productivity and raise quality of everything from our products, to our companies, to our cities”

•  “We have committed the resources of the IBM company to making smarter systems a reality in every part of the world” Ø  Samuel J. Palmisano, IBM President and CEO

•  “You will look at a room and ask: what will be connected? How would it be

different if all those things were connected? There will be more M2M connection points than you can shake a stick at”. Ø  Bobby Morrison, president of Verizon Pacific Northwest region

•  Most operators investing significant resources in M2M: Vodafone, O2, Telefonica, AT&T, Sprint … Ø  Juniper Research Whitepaper


7

Specific Private sector interest (II)

•  Google X Lab: –  “Secret” Lab, >100 projects on future technologies, many related to

connection of devices to the Internet

–  Sergey Brin, Google's co-founder, deeply involved in Google X •  “Every time anyone uses the Web, it benefits Google, so it could be good for Google if

home accessories and wearable objects, not just computers, were connected”

•  Intel investing in IoT: –  The China Intel IoT Joint Labs

–  £20 million invested; research and development of the core technologies for powering the Internet of Things


8

The Concept

•  The concept of Internet of Things has evolved over time, but the core idea is:

“A worldwide network of interconnected entities”

•  Each of the Things: o  has a locatable, addressable and readable

counterpart on the Internet

o  can open a communication channel with any

other entity, providing a receiving services

at any time and place, and in any way

9


•  Many technologies serve as the building blocks of this new paradigm   WSN, RFID, cloud services, M2M, …

•  It has a multitude of application domains

–  automotive

–  healthcare

–  logistics

–  environmental monitoring

–  etc.


10

•  There are different architectures that have been considered to make IoT a reality: –  Centralized

–  Collaborative –  Connected (Intranets)

–  Distributed

•  And there are two design principles that help to compare these architectures with the aim of selecting which one is best suited for achieving a full IoT: o  edge intelligence: location of the intelligence and provisioning of services

at the edge of the network o  collaboration: interconnection among diverse type of entities in order to

achieve a common goal


11

SUITABILITY OF IOT ARCHITECTURES


12

IoT architectures vs design criteria


13

Edge Intelligence

Collabora1on

Centralized IoT

? ?

Collabora1ve IoT ? ?

Connected Intranet of Things

? ?

Distributed IoT ? ?

Centralized IoT

•  Data acquisition networks are passive

•  All data is retrieved by a single central entity

•  Consequently, users must connect through the Internet to the interfaces provided by this central entity

Edge intelligence

Collaboration


14

CENTRALIZED IOT

Collaborative IoT

•  The intelligence of the network is still located within central entities

•  However, various central entities can exchange data and/or information, thus generating new services or enriching existing ones

Edge intelligence

Collaboration


15

COLLABORATIVE IOT

Connected Intranets of Things

•  Data acquisition networks (Intranets of Things) can process local information

•  Can also provide it not only to central entities but also to local and remote users

•  However, no underlying mechanisms that facilitate the collaboration among the entities –  Information mainly flows from intranets to central entity

Edge intelligence Collaboration


16

CONNECTED INTRANETS OF THINGS

(MANUAL CONFIG)

Distributed IoT

•  All entities have the ability to retrieve, process, combine, and provide information and services to other entities

•  Provision of services at local level but also collaborating with each other

•  It is possible to integrate high level services or other centralized entities within the architecture

Edge intelligence Collaboration


17

DISTRIBUTED IOT

IoT architectures vs design criteria - Summary


18

Edge Intelligence

Collabora1on

Centralized IoT

Collabora1ve IoT

Connected Intranet of Things

Distributed IoT

PROP./REQ. CENTRALIZED IoTPRINCIPLES

(Collaboration) (Edge Intelligence)Openness High (Simple) High (Multiple APIs)

ViabilityBusiness Model Already in market Similar to hybrid cloudsVendor Lock-in Possible More choices Access to data sources

ReliabilityAvailability Zero if failure Partial if failure Local data if failurePerformance Service level + Latency Distr. bandwidth Limited latency (local)

Scalability Limited to cloud resources Scalable Scalable at edgeInteroperability Simple Complex (global) Complex (raw)

Data Management Pull, Data at cloud Pull, Push (partial)

Table 1: Analysis of properties and requirements of the di↵erent distributed IoT principles

Table 1 presents an overview of the features (minus the Security issues) ofthe centralized IoT approach, together with the features of approaches thatfollow the collaboration and edge intelligence principles. From the resultsof this table, it is possible to infer why the centralized approach was thefirst to enter the market. In terms of openness, a centralized solution usuallyprovides a small set of (mostly) proprietary APIs for acquiring and providingdata. This way, application developers can use these APIs to develop richand complex IoT applications. Regarding availability, most companies buildtheir infrastructures through cloud companies, which usually have a verygood service uptime: in 2012 [20] it was 99.99% with a standard deviation of0.00215%. As for interoperability, it is easy to achieve: all data sources willinteract with the data acquisition API provided by the centralized system,thus it is only necessary to create one adaptor per data source. Finally, theviability of the business model has been proved by the existence of profitableventures and companies.

Although the centralized approach has a great potential to bring the IoTinto life, the other distributed approaches also provide interesting advantages.In the collaborative IoT approach (which follows the collaboration prin-ciple), the risk of vendor lock-in becomes smaller, as customers can combinedi↵erent service providers to obtain a particular service. Availability is im-proved too: if one of the service providers fails, customers can not only try tosearch another entity that manages a similar data set, but also use the otherproviders to retrieve a partial view of the information. In addition, the scal-ability feature is greatly improved by the distribution of the computationaland data management resources. Finally, it is important to note that theperformance of this approach can be slightly worse due to the information

9

•  Besides the previously mentioned design principles, there are properties that are worth to explore:

•  This analysis reveals that a distributed IoT architecture provides the necessary features to make the full IoT a reality –  however, it is a type of architecture that has not received much attention yet


19

Work in EU Projects

•  There are projects that have elaborated on some specific issues of IoT distributed architecture: o  IoT-A: aims to provide an architectural reference model for the

interoperability of IoT systems

o  HYDRA: provides building blocks which can help to build a distributed IoT, developing an open source middleware for web services

o  SENSEI: provides a consistent interface to access WSN islands

o  CUBIQ: has studied and developed various P2P-based distributed mechanisms

•  And what’s about Security? …

20


SECURITY CHALLENGES IN THE DISTRIBUTED IOT


21

And what’s about Security?


22

FAULT TOLERANCE

TRUST / GOVERNANCE PROPERTIES / APP-SPECIFIC

-‐ Iden'fica'on Technology -‐  Hardware -‐  Security and Privacy Tech. -‐  IoT Architecture Tech. -‐  Communica'on Tech. -‐  Network Tech. -‐  So@ware and Algorithms -‐  Discovery and Search Engine Tech. -‐  Standarisa'on

-‐ Cyber-‐Security -‐  Architecture -‐  E-‐Iden'ty -‐  Usability -‐  Privacy -‐  Management and Governance -‐  Protec'on -‐  Accountability -‐  Trust Engineering -‐  Socio-‐Economics

IDENT

ITY ?

ARCHITECTURE

Identity and Authentication

•  Billions of things are going to be interconnected, so it is necessary to manage their identities in a scalable way

•  Interactions will be highly dynamic, so entities of the IoT might not even know in advance which partners can be interacted to create a certain service

•  Aspects such as owners and groups must be considered –  clustering entities in local groups and using strategies like delegating

authentication tasks

•  Due to the edge intelligence principle, users can directly query to local information providers –  some kind of authentication logic must be present even in tiniest objects

•  Authentication may be based on attributes

23

Communication protocols

•  There is a need to analyze the number of security protocols that can be implemented within the device

•  When opening a secure channel, devices should be able to negotiate the actual parameters of the channel (algorithms, strength, protection mechanisms, …) –  Because constrained devices might not be able

to implement certain configurations –  Things that can be accessed directly need to be

careful about the overhead caused by incoming connections

•  Any entity can connect with any other at anytime, hence key management becomes a significant problem

•  Management of credentials and ability of embedded devices to support complex key exchange protocols based on PKC


24

Data management and privacy

•  Due to edge intelligence principle, every entity has more control over the data it generates and processes –  Entities can control the granularity of the data they produce

–  Entities can define their own access policies

•  They do not need to provide all the data they produce, but only the data that is needed by the external entities for a particular service –  Closely related to privacy, as it will be more difficult to create a profile of a

certain entity if not all the information is available

–  However, because of the edge intelligence principle, entities may be able to adapt their behaviour and track users more effectively


25

Trust management and Governance

•  Two dimensions of trust can be considered: a)  Trust in the interactions among entities

b)  Trust in the system from the users’ perspective

•  There is uncertainty in both the interactions with data providers and service providers –  How can reputation and trust be calculated and shared?

–  Which ontology should be used?

–  Can reports from other systems be trusted?

•  However, better use of second-hand information sources


26

Trust management and Governance

•  Policies can be defined at the edge of the network, so it is possible to implement certain rules

•  It is necessary to implement various distributed mechanisms to control and enforce those policies

•  As logging subsystems will be distributed throughout the network, it will be more difficult to retrieve all the relevant information that might be needed for forensic analysis


27

Fault tolerance

•  ‘Things’ can become faulty and stop working, but they also can send bogus or even manipulated data

•  It is necessary to discover another ‘thing’ that can provide a similar set of data –  Discovery mechanism that is able to pinpoint related

data flows •  Local clusters can help

–  Additional mechanisms are needed to assure survivability of the network in case a part of the infrastructure fails

•  For bogus data, information can be retrieved at a local level or in the interactions with other entities to apply advanced intrusion detection systems


28

WHAT’S THE STARTING POINT AND WHAT’S IS ENVISIONED


29

Research on track

30

•  SENSEI project: provides support for interdomain collaboraCon through federated idenCty, management and access tokens translaCon.

•  Minimal En'ty: stores the digital idenCty of the user

(acts as his representaCve in the virtual world). It allows the implementaCon of pseudonyms through semanCcally secure encrypCon.

•  Digital shadow: users can delegate their access control

credenCals and other informaCon to mulCple objects or virtual enCCes.

•  Social Access Controller: smart gateway infrastructure

that allows users to retrieve data from local sensors using social network credenCals.

•  Context: considered as another factor in a RBAC model. Owners of the assets can define, manage and enforce their own context-‐based policies.

31

•  Commercial implementaCons of DTLS and already some work on providing them in sensor environments. IPsec can be applicable to constrained environments if certain tradeoffs are accepted.

•  Constrained devices behaving as clients can make use of PKC-‐based key exchange protocols without major problems

•  Security architecture, its deployment model and general security needs in the context of the lifecycle of a thing.

32

•  Some theoreCcal studies that analyze the suitability of trust management systems for the IoT. Other, more pragmaCc approaches focus on the interacCons between users and IoT enCCes.

•  EU Digital Agenda: Commission consults on rules for wirelessly connected devices -‐ the "Internet of Things"

33

•  Clustering-‐based mechanisms and other data mining techniques to detect outliers and intrusions

•  Intrusion detecCon mechanisms and rules focus on internal adversaries that try to a_ack the specific protocols of data acquisiCon networks

34

•  As for PETs, secure mulC-‐party computaCons have been explicitly studied for the IoT.

Another interesCng perspecCve of privacy in a distributed IoT considers a local environment as an operaCng system.

35


36 Research on track


37 But lagging behind …

Thanks for your attention!

Javier Lopez < [email protected] >

NICS Lab University of Malaga

joint research work with Rodrigo Roman and Jianying Zhou

I2R, Singapore

38


Date post:	24-Apr-2018
Category:	Documents
Upload:	nguyenkhue
View:	222 times
Download:	2 times

SECURITY IN THE DISTRIBUTED INTERNET OF … in the Distributed Internet of Things 3. ... Security in...

Documents