RADIS: Remote Attestation of Distributed IoT Services

Conti, Mauro; Dushku, Edlira; Mancini, Luigi V.

doi:10.1109/sds.2019.8768670

Cited by 22 publications

(18 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, as acknowledged by the authors, MTRA works only for static networks. [35], a CRA scheme that turns the CRA problem into a distributed service attestation problem. RADIS aims to detect compromised devices in a distributed IoT service and the legitimate IoT devices that are performing a malicious operation due to corrupted communication data exchanged with the compromised devices.…”

Section: Salad Kohnhauser Et Al Proposed Secure and Lightweightmentioning

confidence: 99%

“…SALAD [28], for example, trades security for higher overhead, making the proposal potentially impractical for very large node deployments. Similarly, HEALED [43] introduces a healing phase for compromised devices, incurring in additional overhead; it is thus more suitable for small to medium sized deployments: from Table II we can see it takes approximately 1.8 seconds to attest (and heal) 20 devices, an order of magnitude larger than the time taken by RADIS [35] or LISAα, LISAs [26] for a comparable network size.…”

Section: B Summarymentioning

confidence: 99%

“…Moreover, we sum up a few open challenges associated with CRA that the research community is currently working on, but that still need practical and complete solutions. SEDA [7] LISA [26] DARPA [9] SeED [24] SCAPI [27] ERASMUS [13] SALAD [28] PADS [25] WISE [29] slimIoT [30] SAP [32] MTRA [33] RADIS [35] ESDRA [39] US-AID [40] EAPA [41] SHeLA [42] HEALED [43] SARA [44] Key Management. Choosing the most appropriate key mechanism is critical.…”

Section: Open Issues For Collective Remote Attestationmentioning

confidence: 99%

See 2 more Smart Citations

Collective Remote Attestation at the Internet of Things Scale: State-of-the-Art and Future Challenges

Ambrosin

Conti

Lazzeretti

et al. 2020

IEEE Commun. Surv. Tutorials

Self Cite

View full text Add to dashboard Cite

In recent years, the booming of Internet of Things (IoT) has populated the world with billions of smart devices that implement novel services and applications. The potential for cyberattacks on IoT systems have called for new solutions from the research community. Remote attestation is a widely used technique that allows a verifier to identify software compromise on a remote platform (called prover). Traditional challengeresponse remote attestation protocols between the verifier and a single prover face a severe scalability challenge when they are applied to large scale IoT systems. To tackle this issue, recently researchers have started developing attestation schemes, which we refer to as Collective Remote Attestation (CRA) schemes, that are capable of remotely performing attestation of large networks of IoT devices.In this paper, after providing the reader with a background on remote attestation, we survey and analyze existing CRA schemes. We present an analysis of their advantages and disadvantages, as well as of their effectiveness against a reference attacker model. We focus our attention on CRA schemes' characteristics and adversarial mitigation capabilities. We finally highlight open research issues and give possible directions for mitigating both the limitations of existing schemes, and new emerging challenges. We believe this work can help guiding the design of current and future proposals for CRA.

show abstract

Section: Salad Kohnhauser Et Al Proposed Secure and Lightweightmentioning

confidence: 99%

Section: B Summarymentioning

confidence: 99%

Section: Open Issues For Collective Remote Attestationmentioning

confidence: 99%

See 1 more Smart Citation

Collective Remote Attestation at the Internet of Things Scale: State-of-the-Art and Future Challenges

Ambrosin

Conti

Lazzeretti

et al. 2020

IEEE Commun. Surv. Tutorials

Self Cite

View full text Add to dashboard Cite

show abstract

“…In this section, we list the goals that we aim to achieve through the SHeLA mechanism. Note that some of these goals are also reached in existing swarm attestation protocols [5], [6], [20], [21].…”

Section: Security Goalsmentioning

confidence: 97%

SHeLA: Scalable Heterogeneous Layered Attestation

Rabbani

Vliegen

Winderickx

et al. 2019

IEEE Internet Things J.

Self Cite

View full text Add to dashboard Cite

This paper proposes a novel mechanism for swarm attestation, i.e., the remote attestation of a multitude of interconnected devices, also called a swarm of devices. Classical remote attestation protocols work with one prover and one verifier. Swarm attestation protocols assume that the devices in the swarm act both as verifier and prover in order to attest the software integrity of all the devices to a root verifier, typically in a spanning-tree topology. We propose "SHeLA: Scalable Heterogeneous Layered Attestation", a novel remote attestation technique for swarms. Our approach consists of introducing an additional edge layer in between the root verifier and the swarm devices. The edge layer consists of geographically spread devices with a larger computational power and storage capacity than the swarm devices. The main challenges we address are related to the scalability of the swarm, the availability or visibility of the nodes (especially when they are mobile), the heterogeneity of the devices with respect to the wireless communication protocol and interface, and the granularity of the attestation in terms of detecting the sanity of individual swarm devices. We build a proof-of-concept network that allows us to evaluate the computational delay and the resource overhead of the edge and swarm devices, and to perform a thorough security analysis.

show abstract

“…Typically, in these approaches, autonomous devices act also as verifiers to attest other devices they interact with. In addition, the RA schemes of distributed IoT services, RADIS [ 25 ] and SARA [ 26 ], aim to attest, respectively synchronous and asynchronous distributed services of IoT systems. All the aforementioned collective RA schemes rely on hybrid architecture.…”

Section: Related Workmentioning

confidence: 99%

State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things

Ankergård

Dushku

Dragoni

2021

Sensors

Self Cite

View full text Add to dashboard Cite

The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure the legitimate state of an IoT device. While many RA approaches proposed in the literature make different assumptions regarding the architecture of IoT devices and adversary capabilities, most typical RA schemes rely on minimal Root of Trust by leveraging hardware that guarantees code and memory isolation. However, the presence of a specialized hardware is not always a realistic assumption, for instance, in the context of legacy IoT devices and resource-constrained IoT devices. In this paper, we survey and analyze existing software-based RA schemes (i.e., RA schemes not relying on specialized hardware components) through the lens of IoT. In particular, we provide a comprehensive overview of their design characteristics and security capabilities, analyzing their advantages and disadvantages. Finally, we discuss the opportunities that these RA schemes bring in attesting legacy and resource-constrained IoT devices, along with open research issues.

show abstract

RADIS: Remote Attestation of Distributed IoT Services

Cited by 22 publications

References 21 publications

Collective Remote Attestation at the Internet of Things Scale: State-of-the-Art and Future Challenges

Collective Remote Attestation at the Internet of Things Scale: State-of-the-Art and Future Challenges

SHeLA: Scalable Heterogeneous Layered Attestation

State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things

Contact Info

Product

Resources

About