Papers
Topics
Authors
Recent
2000 character limit reached

Building Trust in Data for IoT Systems (2403.02225v2)

Published 4 Mar 2024 in cs.CR

Abstract: Nowadays, Internet of Things platforms are being deployed in a wide range of application domains. Some of these include use cases with security requirements, where the data generated by an IoT node is the basis for making safety-critical or liability-critical decisions at system level. The challenge is to develop a solution for data exchange while proving and verifying the authenticity of the data from end-to-end. In line with this objective, this paper proposes a novel solution with the proper protocols to provide Trust in Data, making use of two Roots of Trust that are the IOTA Distributed Ledger Technology and the Trusted Platform Module. The paper presents the design of the proposed solution and discusses the key design aspects and relevant trade-offs. The paper concludes with a Proof-of-Concept implementation and an experimental evaluation to confirm its feasibility and to assess the achievable performance.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (25)
  1. M. A. Amanullah, S. W. Loke, M. Baruwal Chhetri, and R. Doss, “A taxonomy and analysis of misbehaviour detection in cooperative intelligent transport systems: A systematic review,” ACM Computing Surveys, vol. 56, no. 1, August 2023.
  2. S. Sisinni, D. Margaria, I. Pedone, A. Lioy, and A. Vesco, “Integrity verification of distributed nodes in critical infrastructures,” Sensors, vol. 22, no. 18, 2022.
  3. J. Guo, H. Wang, W. Liu, G. Huang, J. Gui, and S. Zhang, “A lightweight verifiable trust based data collection approach for sensor–cloud systems,” Journal of Systems Architecture, vol. 119, p. 102219, 2021.
  4. Y. Ren, W. Liu, A. Liu, T. Wang, and A. Li, “A privacy-protected intelligent crowdsourcing application of IoT based on the reinforcement learning,” Future Generation Computer Systems, vol. 127, pp. 56–69, 2022.
  5. W. Mo, T. Wang, S. Zhang, and J. Zhang, “An active and verifiable trust evaluation approach for edge computing,” Journal of Cloud Computing, vol. 9, no. 1, p. 51, Sep 2020.
  6. N. Kannengießer, S. Lins, T. Dehling, and A. Sunyaev, “Trade-offs between distributed ledger technology characteristics,” ACM Computing Surveys, vol. 53, no. 2, pp. 1–37, May 2020.
  7. T. Alam, “Blockchain-based internet of things: Review, current trends, applications, and future challenges,” Computers, vol. 12, no. 1, 2023.
  8. R. Alajlan, N. Alhumam, and M. Frikha, “Cybersecurity for blockchain-based IoT systems: A review,” Applied Sciences, vol. 13, no. 13, 2023.
  9. A. N. Bikos and S. A. P. Kumar, “Securing digital ledger technologies-enabled IoT devices: Taxonomy, challenges, and solutions,” IEEE Access, vol. 10, pp. 46 238–46 254, 2022.
  10. T. Montanaro, I. Sergi, A. Quarta, E. Manrique, N. Bedoya, D. L. de Ipiña, G. de Artaza, and L. Patrono, “The combined use of IoT and blockchain in logistics: a comparative experiment,” in International Conference on Smart and Sustainable Technologies, 2023, pp. 1–6.
  11. H. Khelifi, S. Luo, B. Nour, H. Moungla, and S. Hassan Ahmed, “Reputation-based blockchain for secure NDN caching in vehicular networks,” in IEEE Conference on Standards for Communications and Networking, 2018, pp. 1–6.
  12. J. Wang, L. Wu, K.-K. R. Choo, and D. He, “Blockchain-based anonymous authentication with key management for smart grid edge computing infrastructure,” IEEE Transactions on Industrial Informatics, vol. 16, no. 3, pp. 1984–1992, 2020.
  13. E. Rescorla, “The transport layer security (TLS) protocol,” Version 1.3, RFC 8446, August 2018. [Online]. Available: https://www.rfc-editor.org/info/rfc8446
  14. D. Margaria and A. Vesco, “Trusted GNSS-based time synchronization for industry 4.0 applications,” Applied Sciences, vol. 11, no. 18, 2021.
  15. S. Popov, “The Tangle,” Version 1.4.3, April 2018. [Online]. Available: https://assets.ctfassets.net/r1dr6vzfxhev/2t4uxvsIqk0EUau6g2sw0g/45eae33637ca92f85dd9f4a3a218e1ec/iota1_4_3.pdf
  16. TCG, “Trusted platform module library specification,” November 2019. [Online]. Available: https://trustedcomputinggroup.org/resource/tpm-library-specification/
  17. Infineon Technologies AG, “OPTIGA™ TPM Application Note. Integration of an OPTIGA™ TPM SLx 9670 TPM2.0 with SPI Interface in a Raspberry Pi® 4 Linux environment,” July 2019. [Online]. Available: https://www.infineon.com/
  18. LINKS Foundation, “Wrapped Authenticated Messages – Library to interface with IOTA Tangle based on the Chrysalis protocol,” 2023. [Online]. Available: https://github.com/Cybersecurity-LINKS/WAM
  19. TCG, “TCG trusted attestation protocol (TAP) information model for TPM families 1.2 and 2.0 and DICE family 1.0,” September 2019. [Online]. Available: https://trustedcomputinggroup.org/wp-content/uploads/TNC_TAP_Information_Model_v1.00_r0.36-FINAL.pdf
  20. H. Birkholz, D. Thaler, M. Richardson, N. Smith, and W. Pan, “Remote ATtestation procedureS (RATS) Architecture,” RFC 9334, January 2023. [Online]. Available: https://www.rfc-editor.org/info/rfc9334
  21. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn, “Design and Implementation of a TCG-based Integrity Measurement Architecture,” in USENIX Security Symposium, San Diego, CA, August 2004.
  22. D. G. Berbecaru, S. Sisinni, A. Lioy, B. Rat, D. Margaria, and A. Vesco, “Mitigating software integrity attacks with trusted computing in a time distribution network,” IEEE Access, vol. 11, pp. 50 510–50 527, 2023.
  23. TCG, “TCG algorithm registry,” Family 2.0, Level 00, Revision 01.33, March 2023. [Online]. Available: https://trustedcomputinggroup.org/wp-content/uploads/TCG-Algorithm-Registry_R1.33_Pub.pdf
  24. Raspberry Pi® Trading Ltd, “Raspberry Pi® 4 Computer Model B, Product brief,” January 2021. [Online]. Available: https://datasheets.raspberrypi.org/rpi4/raspberry-pi-4-product-brief.pdf
  25. IOTA Foundation, “HORNET: IOTA fullnode software,” 2023. [Online]. Available: https://github.com/iotaledger/hornet

Summary

  • The paper introduces an end-to-end trust framework that integrates IOTA Tangle with TPM-based remote attestation to secure IoT data.
  • The paper details a proof-of-concept demonstrating TDT's feasibility with performance metrics on data writing and reading times.
  • The paper outlines future research directions for scaling security in IoT systems and integrating with AI-driven analytics for enhanced reliability.

Overview of "Building Trust in Data for IoT Systems"

This paper addresses the pressing issue of data trustworthiness in Internet of Things (IoT) systems, which is particularly critical in contexts where data authenticity affects safety and liability-critical decision-making. Traditional approaches to secure communications and data integrity, such as Distributed Ledger Technology (DLT) and Transport Layer Security (TLS), are not sufficient to cover the end-to-end trust requirements, especially considering the integrity of software (SW) at the data source. The authors propose a comprehensive solution named Trusted Data over the Tangle (TDT) that leverages both IOTA's Tangle—a specific type of DLT—and trusted computing principles through hardware mechanisms like the Trusted Platform Module (TPM).

Key Contributions

  1. End-to-End Trust Framework: The paper introduces a novel integration of DLT and trusted computing principles to achieve a more comprehensive trust model for IoT data. This involves remote attestation protocols to verify the integrity of IoT node software and DLTs that ensure data immutability.
  2. Implementation and Evaluation: A Proof-of-Concept (PoC) is detailed to demonstrate the feasibility of the proposed system. The TDT combines IOTA Tangle's data anchoring capabilities with TPM-backed software integrity checks, thus ensuring not only data integrity from the moment of data generation to consumption but also the authenticity of data-producing nodes.
  3. Performance Metrics: The authors conduct experiments to evaluate the performance of both the Remote Attestation (RA) and the Data Exchange protocols over the Tangle. Key performance indicators, such as data writing and reading times, highlight the limitations and potential optimizations of the proposed system. The results illustrate a realistic guidepost for practical implementation in scenarios where low latency and high throughput are critical.

Technical Implications

The proposed method offers robust measures against compromising attacks targeting IoT data authenticity and integrity. By utilizing TPM for software integrity and a highly secure network layer via the IOTA Tangle, the solution sidesteps common vulnerabilities faced by IoT systems.

The paper also opens up pathways for deeper integration between blockchain technologies and hardware-based security modules in IoT contexts. This fusion is pivotal for sectors that prioritize real-time data processing from heterogeneous IoT devices, such as autonomous transportation and critical infrastructure monitoring.

Future Trajectories in AI and IoT

While the paper's proof of concept establishes technical viability, future work should focus on scaling the TDT solution for larger IoT ecosystems involving diverse node capabilities. Additionally, investigating the trade-offs between performance and security in varying network conditions and devices constraints would be beneficial. Exploring how such systems might integrate with AI applications that demand high trust and reliability in data could significantly impact domains like AI-driven analytics and decision-making processes.

In summation, the research represents a meaningful step in ensuring data authenticity and integrity within the IoT field, using state-of-the-art cryptographic and distributed ledger technologies to provide a holistic security solution.

File Document Download Save Streamline Icon: https://streamlinehq.com PDF File Document Download Save Streamline Icon: https://streamlinehq.com Markdown
Slide Deck Streamline Icon: https://streamlinehq.com

Whiteboard

Dice Question Streamline Icon: https://streamlinehq.com

Open Problems

We found no open problems mentioned in this paper.

Lightbulb Streamline Icon: https://streamlinehq.com

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
List To Do Tasks Checklist Streamline Icon: https://streamlinehq.com

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets

Sign up for free to view the 1 tweet with 149 likes about this paper.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up for Free