Visible to the public RADIS: Remote Attestation of Distributed IoT Services

TitleRADIS: Remote Attestation of Distributed IoT Services
Publication TypeConference Paper
Year of Publication2019
AuthorsConti, Mauro, Dushku, Edlira, Mancini, Luigi V.
Conference Name2019 Sixth International Conference on Software Defined Systems (SDS)
Date Publishedjun
Keywordsattestation, Cameras, composability, computer network security, control-flow attestation technique, distributed IoT service, Distributed IoT Services, Human Behavior, inter-operable IoT system, Internet of Things, Internet of Things systems, Interoperable IoT, interoperable IoT devices, IoT devices, malicious remote service, modified software detection, Monitoring, open systems, performance evaluation, physical tampering attacks, Protocols, pubcrawl, RADIS, remote attestation, remote attestation of distributed IoT services, remote attestation protocols, remote trusted party, Resiliency, security, security technique, Service Flow, Software, trust-worthiness, Trusted Computing
AbstractRemote attestation is a security technique through which a remote trusted party (i.e., Verifier) checks the trust-worthiness of a potentially untrusted device (i.e., Prover). In the Internet of Things (IoT) systems, the existing remote attestation protocols propose various approaches to detect the modified software and physical tampering attacks. However, in an inter-operable IoT system, in which IoT devices interact autonomously among themselves, an additional problem arises: a compromised IoT service can influence the genuine operation of other invoked service, without changing the software of the latter. In this paper, we propose a protocol for Remote Attestation of Distributed IoT Services (RADIS), which verifies the trust-worthiness of distributed IoT services. Instead of attesting the complete memory content of the entire interoperable IoT devices, RADIS attests only the services involved in performing a certain functionality. RADIS relies on a control-flow attestation technique to detect IoT services that perform an unexpected operation due to their interactions with a malicious remote service. Our experiments show the effectiveness of our protocol in validating the integrity status of a distributed IoT service.
Citation Keyconti_radis_2019