2021
DOI: 10.3390/s21051598
|View full text |Cite
|
Sign up to set email alerts
|

State-of-the-Art Software-Based Remote Attestation: Opportunities and Open Issues for Internet of Things

Abstract: The Internet of Things (IoT) ecosystem comprises billions of heterogeneous Internet-connected devices which are revolutionizing many domains, such as healthcare, transportation, smart cities, to mention only a few. Along with the unprecedented new opportunities, the IoT revolution is creating an enormous attack surface for potential sophisticated cyber attacks. In this context, Remote Attestation (RA) has gained wide interest as an important security technique to remotely detect adversarial presence and assure… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
9
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
3
3
3

Relationship

3
6

Authors

Journals

citations
Cited by 33 publications
(9 citation statements)
references
References 47 publications
(83 reference statements)
0
9
0
Order By: Relevance
“…Software-based schemes (e.g., SWATT [13], Pioneer [14]) do not make any hardware assumption and purely rely on the strict execution time of the RA protocol. Despite their advantages, software-based RA schemes do not provide strong security guarantees [15,16]. Hardware-based schemes (e.g., [17,18]) use a tamper-resistance hardware module as a Trusted Execution Environment (TEE).…”
Section: Remote Attestation Overviewmentioning
confidence: 99%
“…Software-based schemes (e.g., SWATT [13], Pioneer [14]) do not make any hardware assumption and purely rely on the strict execution time of the RA protocol. Despite their advantages, software-based RA schemes do not provide strong security guarantees [15,16]. Hardware-based schemes (e.g., [17,18]) use a tamper-resistance hardware module as a Trusted Execution Environment (TEE).…”
Section: Remote Attestation Overviewmentioning
confidence: 99%
“…In general RA is classified into three categories: software-based, hardware-based and hybrid RA. Software RA [29], [6] does not require specialized hardware components but instead uses timing requirements to ensure the attestation code has not been tampered with. However, software-based RA schemes rely on strong adversarial assumptions and do not provide secure storage for protecting device's keys and the attestation code.…”
Section: Related Workmentioning
confidence: 99%
“…There are also software based RA solutions, and hybrid versions with limited requirements on protected memory areas. There is active research in the area [15] as well as large ongoing IETF standardisation efforts [16].…”
Section: Preparations For Operator Changementioning
confidence: 99%