Mobile Security Fall 2012

Transcription

1 Mobile Security Fall 2012 Patrick Tague Class #9 The Internet of Things Partial slide credit to L. Zoia and Y. Zhang

2 Announcements If you haven't signed up for a Survey presentation (two teams, you know who you are), please sign up ASAP Very few slots remain, and I'm starting to fill them! I'll be in Pgh on October 3-4 me if you want to schedule a meeting while I'm there HW #2 will be posted by October 3

3 The Internet of Things What is the IoT? Agenda Technologies enabling the IoT Risks, issues, and challenges

4 Internet of Things What is the Internet of Things (IoT)? Originally: IoT = Internet-wide identification of objects using RFID tags, allowing all things to be indexed via the Internet More recently: IoT = Global interconnection of physical and virtual things IoT = Internet-enabled smart control systems IoT = Network of identifiable things with virtual personalities, allowing for smart spaces IoT = Internet-wide connection of objects to the internet using unique IPv6 addresses, allowing all things to be accessed on the Internet

5 PAN + Internet = IoT?

6 Tethered PANs Tethering PAN devices to the Internet via some sort of gateway device allows a broader scale of device-to-device communications Ex: Sensor gateways Ex: UbiPAN [Albert et al., 2010] Extends Bluetooth networks using IP and SIP services But is this the IoT? To quote L. Zoia, this is more like the Internet with Things

7 PAN + Internet IoT?

8 Gateways / Proxies: IoT Enablers Gateway device provides extended connectivity (similar to 3G/4G core gateway for mobile Internet) Gateway devices serve as translators between PAN devices and Internet ZigBee UWB WiFi / ZigBee / UWB Bluetooth / WiFi Internet RFID / NFC ZigBee

9 IoT Enablers Control point / mediator Alternatively, a control point can act simultaneously as a gateway, a switch, and an interaction device Internet

10 IoT Enablers 4G (not 4G ) networking Ubiquitous IPv6-based access using 4G allows arbitrary (permitted) devices to access Internet using numerous access media Internet

11 So, what else is the IoT? PAN, 4G, and IPv6 provide the basic network building blocks, but the IoT requires services

12 Things Need Services In the IoT, every physical object has a virtual component that can produce and consume services

13 Defining the IoT Convergence of computing, communication, and control of physical (not only virtual) processes Translated: Even something as simple as a light bulb could be connected to the Internet [Scientific American, October 2004] Consequence: security infringement can cause safety infringement

14 So, Basically... The IoT is a few order of magnitude expansion of the Internet to include user-less, UI-less, automated, possibly embedded, devices What could go wrong?

15 Scenario Imagine a world where every object is connected to the Internet, most through embedded interfaces, using IPv6 What happens if a malicious/infected device can arbitrarily contact other devices? Does my refrigerator in California really need to communicate with a heating system in Tokyo? How do we impose limitations on access and information leakage?

16 IoT Security Goals Malfunctions, misconfiguration, malicious behavior, etc. in the IoT will outweigh any of the potential benefits Needed: Analysis of current security protocols and mechanisms Decision of whether such approaches are worth integrating into the IoT as is or if modifications or new designs are more beneficial

17 Old and New Threats Billions of intelligent things cooperate with other real and virtual entities in potentially random and unpredictable ways New avenues to exploitation: Easily accessible objects in unprotected zones, such as city streets, are vulnerable to physical harm Lowest barrier to entry just got lower

18 Info & Net Sec Protocols Improving security of easily accessible channels requires re-thought of basic crypto algorithms, key management techniques, and security protocols for secure interconnection and service

19 IoT Security & Privacy In addition to standard IP / web security issues: Device-to-device communication security Secure neighbor and service discovery Addition/deletion of devices and services Usable key management (think WiFi only more) Control signal verification / integrity Privacy of user information in context-aware services and applications...

20 Elements of IoT Security Cryptography is the cornerstone for network and service infrastructure protection Although standards such as AES might work for some IoT devices, others such as passive RFID tags are limited by strict constraints Also... Continually rekeying devices for strong long-term protection is an issue

21 Data and Privacy Along with the IoT comes a massive amount of data, sparking serious privacy concerns

22 Privacy by Design

23 Transparency Transparency is essential Which entities are managing their data? How and when those entities are using their data? Stakeholders such as service providers must be part of this equation, which might eliminate take-it-orleave-it license agreements. Businesses will adjust their services according to the amount of personal data the user provides.

24 Data Management Who manages the secrets? Which crypto mechanisms and protocols are used to protect data throughout the service's life cycle? Data management policy will not fit all situations Policy enforcement mechanisms are essential Data management is not trivial Requirement: service-dependent, userdependent, context-dependent interpretation, translation, and reconciliation of rules

25 Identity Management Staggering variety of identity and relationship types An object s identity is not the same as the identity of its underlying mechanisms. An object can have one core identity and several temporary identities that change according to its role. An object can identify itself using its identity or its specific features. Objects know the identity of their owners.

26 ID Example The refrigerator can lock itself after midnight to children or visitors, but remain open for adult residents.

27 ID Issues Must provide an infrastructure that allows mutual object authentication Must balance between centralized management and a distributed, hierarchical approach

28 ID Approaches A promising approach is to combine diverse authentication methods for humans and machines Combining authentication methods can prevent any loss of overall system security. Such combinations typically take the form of What I am + what I know, or What I have + what I know

29 Trust and Governance To define trust in a dynamic, collaborative environment and understand what it means to provide trust throughout an interaction. A governance framework can also help reduce liability. If someone can attribute a malicious action to a particular user or agent On the other hand, it can easily become excessive, fostering an environment in which people are continuously monitored

30 Fault Tolerance The first is to make all objects secure by default. Aside from designing secure protocols and mechanisms, researchers must work on improving software implementation quality, since it might not be feasible to provide a software patch for billions of devices The second effort is to give all IoT objects the ability to know the state of the network and its services. Objects should be able to defend themselves against network failures and attacks. Be able to act quickly to recover from any damage. Such elements can use feedback from other mechanisms.

31 Past and Future Standards

32 There is a lot of active research in progress to address the various aspects of security and privacy in the Internet of Things.

33 Crypto & Protocols ISO/IEC (standards aim to provide light-weight cryptography for constrained devices, including block and stream ciphers and asymmetric mechanisms) Sony s CLEFIA is a novel block cipher that supports 128-bit keys SHA-3 competition (should lay the foundation for more work on a new class of hash functions for long-term security) Another optimization is algorithm management in a crosslayer architecture, where various security mechanisms share one algorithm

34 Identity and Ownership In certain IoT contexts, single-sign-on (SSO) mechanisms can be useful Another approach to verifying device ownership and owner identity is digital shadowing

35 Privacy Protection The delegation mechanism is one privacy preservation proposal Users will want to provide information without revealing too much about themselves Other schemes let users maintain their location privacy even when making location-dependent queries

36 Bottom Line on IoT The IoT offers huge opportunity to integrate systems, mobile devices, etc. into the Internet architecture All of the opportunity comes with a huge risk Standards developers, service providers, application/service developers, manufacturers, and policymakers all have a role in shaping the future of the IoT

37 Next Time NFC and Mobile Payment Survey Presentation by team Gorgeous Grizzly Bears