iotdi slides final for pdf - Ptolemy Project...•E.g., WSN, MANET or swarm devices •Assume...

32
TerraSwarm TerraSwarm Sponsored by the TerraSwarm Research Center, one of six centers administered by the STARnet phase of the Focus Center Research Program (FCRP) a Semiconductor Research Corporation program sponsored by MARCO and DARPA. A Toolkit for Construction of Authorization Service Infrastructure for the Internet of Things (IoT) Hokeun Kim 1 , Eunsuk Kang 1 , Edward A. Lee 1 , David Broman 2 IoTDI 2017, Pittsburgh, PA April 19, 2017 1 University of California, Berkeley 2 KTH Royal Institute of Technology

Transcript of iotdi slides final for pdf - Ptolemy Project...•E.g., WSN, MANET or swarm devices •Assume...

  • TerraSwarmTerraSwarm

    SponsoredbytheTerraSwarmResearchCenter,oneofsixcentersadministeredbytheSTARnetphaseoftheFocusCenterResearchProgram(FCRP)aSemiconductorResearchCorporationprogramsponsoredbyMARCOandDARPA.

    AToolkitforConstructionofAuthorizationServiceInfrastructurefor

    theInternetofThings(IoT)HokeunKim1,Eunsuk Kang1,EdwardA.Lee1,DavidBroman2

    IoTDI 2017,Pittsburgh,PAApril19,2017

    1UniversityofCalifornia,Berkeley2KTHRoyalInstituteofTechnology

  • Overview– IoT &Authorization

    TerraSwarm Research Center 2

    Privatedata

    Control

    • InternetofThings • Authorization(accesscontrol)– Criticalforcomputersecurity

    Benefits,butalsochallenges

    • Existingsecuritysolutions?– Mayworkwellforsomepartsof

    theIoT,butnotfortheentireIoT!

    • Proposedapproach– SST– SST:SecureSwarmToolkit– Anopen-sourcetoolkitforbuilding

    authorizationinfrastructurefortheIoT– ToaddressIoT securitychallenges

  • Motivation• ChallengesinIoT security[1]

    TerraSwarm Research Center 3[1] Singhetal., 2016."TwentySecurityConsiderationsfor Cloud-SupportedInternetofThings"

    Heterogeneity• Securityrequirements&resourceavailability• Connectivity(wiredconnectionsvs.mobiledevices)• Systemmanagement

  • Motivation(cont'd)

    TerraSwarm Research Center 4

    • ChallengesinIoT security[1]

    [1] Singhetal., 2016."TwentySecurityConsiderationsfor Cloud-SupportedInternetofThings"

    Operationinanopen(orhostile)Environment• Physicalaccess & wirelessaccesstoIoT devices• Higherriskofbeingcompromised• MustbeabletorevokeaccessofcompromisedIoT devices

  • Motivation(cont'd)

    TerraSwarm Research Center 5

    • ChallengesinIoTsecurity[1]

    [1] Singhetal., 2016."TwentySecurityConsiderationsfor Cloud-SupportedInternetofThings"

    Sources:"Ericsson MobilityReport",June2016/"CiscoGlobalCloudIndex:ForecastandMethodology,2015–2020",Publishedin2016

    Scalability• 28billionconnecteddevicesin2021• 15.3ZBdatatrafficin2020

    – 1ZB(Zetta byte)=109 TB(Terrabytes)

  • Background:Authorization&IoT

    • Authorization– Accesscontrol• "CanIentertheEECSbuilding?"

    – Allowing/denyingaccesstoresources– Revokingaccess(e.g.,lostIDcard)

    TerraSwarm Research Center 6

    • Authentication– Identifyingsomeone/something• "MemberofEECS?"

    – Essentialforauthorization

  • Background(cont'd)

    • ManyIoT platformsuseTLS(orDTLS[2])forauthentication/authorization– E.g.,AmazonAWSIoT,OpenIoT[3],OSCAR[4],etc.

    TerraSwarm Research Center 7

    • TLS(TransportLayerSecurity,alsocalledSSL/TLS)– UnderlyingsecurityprotocolforHTTPS–Widelyused,verysuccessfulforweb

    [1]VariantofTLSoverUDP,2012"DatagramTransportLayerSecurityVersion1.2.RFC6347"[2]JohnSoldatos etal.,2015."OpenIoT:OpenSourceInternet-of-ThingsintheCloud"[3]Vucinic etal.,2015."OSCAR:ObjectsecurityarchitecturefortheInternetofThings"

  • Background(cont'd)

    TerraSwarm Research Center 8[1]Mutton,"Certificaterevocation:WhybrowsersremainaffectedbyHeartbleed",Netcraft,April,2014[2]Duncan,"How certificate revocation (doesn’t)work inpractice",Netcraft,May,2013

    • ChallengeswithusingTLSfortheentireIoT– Energyoverheadofpublic-keycrypto&certificates– Scalability(managingcertificatesfor~28billiondevices)– Revocationofcertificatescanbeproblematic[1,2]

    – Limitedsupportforone-to-manycommunication

    • TLSbasedonadigitalcertificate

    EncryptedSecurechannel

    CertificateissuedbyCA

    BrowserWebServer

    CertificateAuthority(CA)

    Certificate Public-keycryptography

  • Background(cont'd)

    TerraSwarm Research Center 9

    – Kerberos[1]• Advantagesforaccessrevocation• Requiresstableconnection• Centralizedarchitecture

    – Securitysolutionsfor"Things"• E.g.,WSN,MANETorswarmdevices• Assumehomogeneousenvironments• NotdesignedforInternetscale[2]

    [1]C.Neuman etal.,2005."TheKerberosNetworkAuthenticationService(V5)".RFC4120[2]Alcaraz etal.,2010."Wirelesssensornetworksandtheinternetofthings:Doweneedacompleteintegration?"

    • ChallengeswithapplyingothersecuritysolutionsKerberos

    AuthenticationServer

    ServiceServerClient

    *Ticket:temporarytokenforaccessingservice

    *

    *

    Source:http://www.yuden.co.jp/ut/solutions/wsn/

  • ProposedApproach• SST– SecureSwarmToolkit

    TerraSwarm Research Center 10

    – Anopen-sourcetoolkitforauthentication/authorizationoftheIoT (availableonhttps://github.com/iotauth)

  • ProposedApproach(Cont'd)

    • SpecificgoalsofSST

    TerraSwarm Research Center 11

    Heterogeneity

    OpenEnvironment(AccessRevocation)

    Scalability

    Integrationofexistingsecuritysolutions(notinventingnewones)

    Locallycentralizedandgloballydistributedarchitecture

    Easeofdeploymentbylocaldomainexpertsatalargescale

  • SST’sDesignandImplementation

    • Auth[1]– Locallycentralized,globallydistributedauthentication/authorizationentity(software)

    – Javaprogramtobedeployedonedgedevices[2] (e.g.,IntelIoT gateways)

    TerraSwarm Research Center 12

    [1]AprototypeofAuth hasbeenproposedinKimetal.,2016."ASecureNetworkArchitecturefortheInternetofThingsBasedonLocalAuthorizationEntities"[2]Lopezetal.,2015."Edge-centricComputing:VisionandChallenges”

    AuthAuth

    Auth

    Auth

    Auth

    Auth

    ElectricVehicle

    SmartHome

    Auth

    Auth

    Auth

    Auth

    MedicalCenter

    SmartPowerGrid

    Auth

    Internet

    ConferenceRoom

    Factory

    PersonalArea

    Network

  • DesignandImplementation(cont'd)

    • Securecommunicationaccessors

    TerraSwarm Research Center 13

    – Softwarebuildingblocks forsecurelyaccessingAuth andtheIoT services

    – Encapsulatecryptokeys&operations– HelpIoT developerswhoarenot

    securityexperts

    – Formoreinformation,seehttps://accessors.org– We'restillatastartingpointandworkingonmoreaccessors!

    IoT Application(Actor-orientedProgramModel)

    Secure Comm Accessor

    IoT ServiceAuth

    CryptoKey

    Encrypt&authenticate

    Decrypt&verify

    Message

    Message

    GenerateMessage

    ProcessMessage

    Message

    – Currentlyavailableaccessors(inJavaScript)

  • DesignandImplementation(cont'd)

    TerraSwarm Research Center 14

    Client

    SecureCommClient

    AccessResponse

    FromService

    RequestToSend

    ProcessClient

    Message

    RespondToClient

    SecureCommServer

    IoT Service

    AuthSessionKeyIwanttouse

    IoT Service!

    EncryptedwithDistributionKeybetweenAuth andClient

    • Example:HowSST(Auth andaccessors)works

  • DesignandImplementation(cont'd)

    TerraSwarm Research Center 15

    Client

    SecureCommClient

    AccessResponse

    FromService

    RequestToSend

    ProcessClient

    Message

    RespondToClient

    SecureCommServer

    IoT Service

    Auth

    Initiatechallenge-response

    Challenge-response[1] tocheckwhetherIoT ServerhasthesameSessionKey

    [1]SimilartoTLSPSKextensionbyEronen andTschofenig.2005.Pre-SharedKeyCiphersuites forTLS.RFC4279.

    • Example:HowSST(Auth andaccessors)works

  • DesignandImplementation(cont'd)

    TerraSwarm Research Center 16

    Client

    SecureCommClient

    AccessResponse

    FromService

    RequestToSend

    ProcessClient

    Message

    RespondToClient

    SecureCommServer

    IoT Service

    Auth

    Initiatechallenge-response

    SessionKey

    EncryptedwithDistributionKeybetweenAuth andIoT Server

    • Example:HowSST(Auth andaccessors)worksOK,Clientcanaccess

    thisIoT Service.

  • DesignandImplementation(cont'd)

    TerraSwarm Research Center 17

    Client

    SecureCommClient

    AccessResponse

    FromService

    RequestToSend

    ProcessClient

    Message

    RespondToClient

    SecureCommServer

    IoT Service

    Auth

    Initiatechallenge-responseFinishchallenge-response

    Protectedcommunicationchannelusingsessionkeyandstandardcryptography[2]

    • Example:HowSST(Auth andaccessors)works

    Securecommunication

    [2]FollowedTLS1.2’sstandard,includingsequencenumber,encrypt-then-MAC

  • Updatedusingpublickey

    Permanent

    Nodirectkeydistribution

    EphemeralDiffie-Hellman

    Encryption

    Authenticationonly

    Strong&shortLightweight&long

    Distribution key

    Cryptostrength&keylifetimes

    SessionkeyusageNumberof

    sessionkeysharers

    Cachedsessionkeys

    Underlyingprotocol

    TCP

    UDP

    One

    Two(server-client)

    Morethantwo(broadcasting)

    Unlimited

    Unlimited Multiple

    D-3

    D-1

    D-2P-1

    P-2

    C-1 C-2 C-3K-1K-2K-3

    O-1

    O-2

    O-3

    S-1

    S-2

    S-3

    SSTforHeterogeneity

    • SST’sconfigurationalternatives

    TerraSwarm Research Center 18

    Heterogeneity

    OpenEnv.

    Scalability

    Moresecurityguarantees

    Lessenergyoverhead

    Effectofknobswillbeshownthroughexperiments!

  • SSTforOpenEnvironment

    TerraSwarm Research Center 19

    – SST'sdesigntotimelyrevoke keys(session&distributionkeys)• MustalwaysbeauthorizedbyAuth• Revocationtakeseffectimmediately

    • Limitingdamagefromcompromisedentities

    Heterogeneity

    OpenEnv.

    Scalability

    – EvenwhenClientwithavalidsessionkeyiscompromised,Auth canpreventitsaccesstoIoT Server!

    Client

    SecureCommClient

    AccessReceivedMessage

    MessageToSend

    Auth SessionKey

    ProcessReceivedMessage

    RespondToClient

    SecureCommServer

    IoT Service

    Initiatechallenge-response

    Client

  • SSTforScalability

    • Sharedkeysupportforone-to-manycommunication(fordatascalability)

    TerraSwarm Research Center 20

    SecurePublisher

    Auth

    MessageToPublish

    AccessPublishedMessage

    SecureSubscriber

    Sender

    Receiver1

    AccessPublishedMessage

    SecureSubscriber

    Receiver2

    AccessPublishedMessage

    SecureSubscriber

    ReceiverN

    Heterogeneity

    OpenEnv.

    Scalability

  • SSTforScalability

    • Sharedkeysupportforone-to-manycommunication(fordatascalability)

    TerraSwarm Research Center 21

    SecurePublisher

    Auth

    MessageToPublish

    AccessPublishedMessage

    SecureSubscriber

    Sender

    Receiver1

    AccessPublishedMessage

    SecureSubscriber

    Receiver2

    AccessPublishedMessage

    SecureSubscriber

    ReceiverN

    Heterogeneity

    OpenEnv.

    Scalability

  • SSTforScalability

    • Sharedkeysupportforone-to-manycommunication(fordatascalability)

    TerraSwarm Research Center 22

    SecurePublisherMessageToPublish

    AccessPublishedMessage

    SecureSubscriber

    Sender

    Receiver1

    AccessPublishedMessage

    SecureSubscriber

    Receiver2

    AccessPublishedMessage

    SecureSubscriber

    ReceiverN

    MessageBroker

    Message

    Message

    Message Message

    ThroughMQTT(publish-subscribeprotocol)

    Heterogeneity

    OpenEnv.

    Scalability

    Auth

  • SSTforScalability

    • Sharedkeysupportforone-to-manycommunication(fordatascalability)

    TerraSwarm Research Center 23

    SecurePublisher

    Auth

    MessageToPublish

    AccessPublishedMessage

    SecureSubscriber

    Sender

    Receiver1

    AccessPublishedMessage

    SecureSubscriber

    Receiver2

    AccessPublishedMessage

    SecureSubscriber

    ReceiverN

    UDPbroadcastoveralocalnetworkMessage

    Heterogeneity

    OpenEnv.

    Scalability

    Object(data)security(e.g.,forinformation-centricnetworks)

  • SSTforScalability(cont'd)

    • GloballydistributedAuths (toscalewith#IoT devices)– Trustrelationshipswithoutacentralizedauthority

    TerraSwarm Research Center 24

    Auth Auth

    Client IoT Service

    Heterogeneity

    OpenEnv.

    Scalability

    Auth

    Auth Auth

    Auth

    AuthAuth

    Auth

    AuthAuthTrustrelationshipbetweenAuths

    Secure communication

  • Evaluation:SecurityAnalysis

    TerraSwarm Research Center 25

    DesiredSecurityProperties• Confidentiality(ofdata)• Messageauthenticity• Dataintegrity

    ThreatModel• Networkattackers

    • Eavesdroporinjectpackets• CompromisedIoT Entities

    • Trytobreaksecurityofothers• NocompromisedAuths

    FormalSecurityModelofSST[1]• ModeledinAlloy[2] (Modelcheckingtool&language)• IncludesmodelsforAuths,entitiesandcommunicationmessages

    Result:Formallyproventosatisfythesecurityproperties![1]https://github.com/iotauth/security_analysis[2]http://alloy.mit.edu/alloy/

  • Evaluation:ScalabilityAnalysis• Auth’s authorizationtasksinclude– CommunicationwithIoT entities andAuths– Cryptographicoperations– AccessingAuth’s database (keys,accesspolicy,etc.)

    TerraSwarm Research Center 26

    Accessactivityperentity↑

    AuthAuth

    AuthAuth

    AuthAuth AuthAuth

    AuthAuth

    AuthAuth

    NumberofIoT entities↑

    Authorizationworkload↑

    • Scalabilityanalysisresult:– EachAuth’s workloadisalinearfunctionof“numberofentitiesperAuth”, not

    “totalnumberofentitiesinthesystem”,assumingaccessactivityperentityisfixed– Intheory,wecanalwaysscalewithincreasingentitiesbyaddingAuths accordingly

  • Experiments&Results

    • Effectofvariousconfigurationalternatives– Estimatedenergyconsumptionforsettingupsecureconnections betweenIoT clients&IoT servers• Loggedcryptooperationsandcapturedpackets• UsedenergynumbersfromUAB[1]andSICS[2]

    TerraSwarm Research Center 27

    [1]UAB(UniversitatAutònomadeBarcelona),Rifà-PousandHerrera-Joancomartí.2011[2]SICS(SwedishInstituteofComputerScience),FeeneyandNilsson.2001

    Client

    IoT Server

    Client

    Client

    ClientClient

    Energyoverhead?

  • 495

    417

    312

    259

    227

    225

    120

    67 35985

    642

    424

    327

    259 451

    232

    135

    671967

    1093

    650

    461

    324

    901

    458

    270

    133

    0200400600800

    100012001400160018002000

    1 ∞ 1 ∞ 1 ∞ 1 ∞ 1 ∞ 1 ∞ 1 ∞ 1 ∞ 1 ∞ 1 ∞ 1 ∞ 1 ∞

    TCP UDP TCP UDP TCP UDP TCP UDP TCP UDP TCP UDP

    Updated Permanent Updated Permanent Updated Permanent

    TLS SST TLS SST TLS SST

    16Clients 32Clients 64Clients

    Energy(m

    J)

    Estimatedenergyconsumptionofresource-constrainedserver

    Public-keycryptoSym.crypto&MACNetworkcomm.

    Numberofallowedcachedsessionkeys

    UnderlyingProtocolDistribution keymanagement

    Numberofclients

    Updatedusingpublickey

    Permanent

    Nodirectkeydistribution

    EphemeralDiffie-Hellman

    Encryption

    Authenticationonly

    Strong&shortLightweight&long

    Distribution key

    Cryptostrength&keylifetimes

    SessionkeyusageNumberof

    sessionkeysharers

    Cachedsessionkeys

    Underlyingprotocol

    TCP

    UDP

    One

    Two(server-client)

    Morethantwo(broadcasting)

    Unlimited

    Unlimited Multiple

    D-3

    D-1

    D-2P-1

    P-2

    C-1 C-2 C-3K-1K-2K-3

    O-1

    O-2

    O-3

    S-1

    S-2

    S-3

    Experiments&Results(cont'd)

    TerraSwarm Research Center 28

    • Moreresultsinourpaper!(forIoT clients)

    EstimatedenergyforanIoT serverconnectedby16,32,and64clients

    Moresecurityguarantees

    Lessenergyoverhead

    Tradeoffsforheterogeneity!

    Note:TLSwasusedasareferenceandwedonotclaimthatSSTisbetterthanTLS

    32

    1

    1

    23

  • Experiments&Results(cont'd)

    • Asenderandmultiplereceiverswithdifferentsettings

    TerraSwarm Research Center 29

    (1)ConnectionswithSSL/TLS (2)SharedKey+secureconnectionsbySST

    (3)Sharedkey+MQTTmessagebroker

    Sender

    ReceiverReceiver

    ReceiverSSL/TLS

    Sender

    ReceiverReceiver

    ReceiverUDPbroadcast

    ReceiverReceiver

    ReceiverBrokerSender TCPTCP

    Sender

    ReceiverReceiver

    ReceiverSSTsecureconnection

    (4)Sharedkey+UDPbroadcast

    :SharedsessionkeydistributedbyAuth

    Updatedusingpublickey

    Permanent

    Nodirectkeydistribution

    EphemeralDiffie-Hellman

    Encryption

    Authenticationonly

    Strong&shortLightweight&long

    Distribution key

    Cryptostrength&keylifetimes

    SessionkeyusageNumberof

    sessionkeysharers

    Cachedsessionkeys

    Underlyingprotocol

    TCP

    UDP

    One

    Two(server-client)

    Morethantwo(broadcasting)

    Unlimited

    Unlimited Multiple

    D-3

    D-1

    D-2P-1

    P-2

    C-1 C-2 C-3K-1K-2K-3

    O-1

    O-2

    O-3

    S-1

    S-2

    S-3

  • 54.0

    48.6

    3.4

    3.0

    108.1

    96.9

    3.4

    3.0

    216.2

    193.5

    3.4

    3.0

    0

    50

    100

    150

    200

    250

    TLS ISC MB UB TLS ISC MB UB TLS ISC MB UB

    16Receivers 32Receivers 64Receivers

    Energy(m

    J)

    Estimatedenergyforsending1KBmessage

    Sym.crypto&MACNetworkcomm.

    Net.Setting

    #receivers

    Experiments&Results(cont'd)

    TerraSwarm Research Center 30

    Estimatedenergyforasendertosenda1KB-messagetoreceivers

    TLS: (1)SSL/TLSISC:(2)IndividualSSTConnections+sharedkeyMB:(3)MQTTMessagebrokerUB:(4)UDPbroadcast

    TradeoffexampleAsensornode(500mAh/1.5Vbattery)sending1KBperminuteto64receivers

    Expectedbatterylife

  • Conclusions

    • BenefitsofSST:SecureSwarmToolkit– AuthorizationforawiderangeofIoT fromsensornodestosafety-critical systems

    – EnableInternet-scaledeployment withincreasingconnecteddevicesandtraffic

    – HelpdeploymentofIoT securitysolutionsbysystemdesignerswithmoderateknowledgeinsecurity

    – Possibleintegration withotherIoT-relatedefforts(e.g.,securingCoAP[1])

    TerraSwarm Research Center 31[1]Shelbyetal.,2014."TheConstrainedApplicationProtocol(CoAP)".RFC6347

  • Conclusions(cont'd)

    • Futurework–Mitigationagainstavailabilityattacks (e.g.,Denial-of-Serviceattacks)

    – DetectionofmaliciousbehaviorofcompromisedIoT entitiesorAuth

    – FurtherstudiesonusabilityofSST– EfficientinitialsetupofSST(e.g.,registeringIoTdeviceswithAuth)

    • Forfurtherinformation– https://github.com/iotauth

    TerraSwarm Research Center 32