Abstract
Security is a serious, and often neglected, issue in the Internet of Things (IoT). In order to improve IoT security, researchers proposed to use Security-by-Contract (S×C), a paradigm originally designed for mobile application platforms. However, S×C assumes that manufacturers equip their devices with security contracts, which makes hard to integrate legacy devices with S×C. In this paper, we explore a method to extract S×C contracts from legacy devices' Manufacturer Usage Descriptions (MUDs). We tested our solution on 28 different MUD files, and we show that it is possible to create basic S×C contracts, paving the way to complete extraction tools.
Original language | English |
---|---|
Title of host publication | Proceedings of 2020 Open Identity Summit |
Volume | P-305 |
Publisher | Gesellschaft fur Informatik (GI) |
Publication date | 2020 |
Pages | 143-154 |
ISBN (Print) | 9783885796992 |
Publication status | Published - 2020 |
Event | Open Identity Summit 2020 - OID 2020 is publication only. Duration: 26 May 2020 → 27 May 2020 https://oid2020.compute.dtu.dk/ |
Conference
Conference | Open Identity Summit 2020 |
---|---|
Location | OID 2020 is publication only. |
Period | 26/05/2020 → 27/05/2020 |
Internet address |
Series | Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI) |
---|---|
Volume | P-305 |
ISSN | 1617-5468 |
Keywords
- Internet of Things
- S×C
- Security-by-Contract
- MUD
- Manufacturer Usage Description
- Device proĄling