Secure Edge Computing with Lightweight Control-Flow Property-based Attestation

Nikos Koutroumpouchos, Christoforos Ntantogian, Sofia-Anna Menesidou, Kaitai Liang, Panagiotis Gouvas, Christos Xenakis, Athanasios Giannetsos

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

244 Downloads (Pure)

Abstract

The Internet of Things (IoT) is rapidly evolving, while introducing several new challenges regarding security, resilience and operational assurance. In the face of an increasing attack landscape, it is necessary to cater for the provision of efficient mechanisms to collectively verify software- and deviceintegrity in order to detect run-time modifications. Towards this direction, remote attestation has been proposed as a promising defense mechanism. It allows a third party, the verifier, to
ensure the integrity of a remote device, the prover. However, this family of solutions do not capture the real-time requirements of industrial IoT applications and suffer from scalability and efficiency issues. In this paper, we present a lightweight dynamic control-flow property-based attestation architecture (CFPA) that can be applied on both resource-constrained edge and cloud devices and services. It is a first step towards a new line of security mechanisms that enables the provision of control-flow attestation of only those specific, critical software components that are comparatively small, simple and limited in function, thus, allowing for a much more efficient verication. Our goal is to enhance run-time software integrity and trustworthiness with a scalable and decentralized solution eliminating the need for
federated infrastructure trust. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that security do not hinder the deployment of intelligent edge computing systems.
Original languageEnglish
Title of host publicationProceedings of 1st International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures
Number of pages9
PublisherIEEE
Publication date2019
ISBN (Print)978-1-5386-9376-6
DOIs
Publication statusPublished - 2019
Event1st International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures - Orange Gardens, Paris, France
Duration: 24 Jun 201924 Jun 2019
https://www.astrid-project.eu/secsoft/

Conference

Conference1st International Workshop on Cyber-Security Threats, Trust and Privacy Management in Software-defined and Virtualized Infrastructures
LocationOrange Gardens
Country/TerritoryFrance
CityParis
Period24/06/201924/06/2019
Internet address

Keywords

  • Control-Flow Property-based Attestation
  • Software-based Attacks
  • Trusted Component

Fingerprint

Dive into the research topics of 'Secure Edge Computing with Lightweight Control-Flow Property-based Attestation'. Together they form a unique fingerprint.

Cite this