Archivio Istituzionale della RicercaIoT devices are becoming widely used in several contexts, and nowadays billions of devices are deployed in different scenarios, some of which are very critical to people’s privacy and safety. For these reasons, it is very important to provide capabilities for guaranteeing the correct behaviour of the devices. Remote attestation is a technique traditionally used to monitor the integrity status of nodes and to determine if they are behaving as expected. This technique requires that the device is equipped with Roots of Trust, that are the set of hardware and software features that make the platform capable of providing reliable integrity reports even when it has been compromised. This paper proposes a solution that permits to identify and attest devices in a dynamic context, such as Smart Cities or Smart Homes, where unknown devices can connect to the network and perform several actions. The proposed security schema is based on the Device Identity Composition Engine (DICE), which represents a set of specifications designed by the Trusted Computing Group (TCG) to enhance security and privacy of devices with minimal silicon requirements.
Exploiting the DICE specification to ensure strong identity and integrity of IoT devices / Bravi, Enrico; Sisinni, Silvia; Lioy, Antonio. - STAMPA. - (2023), pp. 1-6. (Intervento presentato al convegno SpliTech-2023: 8th International Conference on Smart and Sustainable Technologies tenutosi a Split-Bol (Croatia) nel 20-23 June 2023) [10.23919/SpliTech58164.2023.10193517].
Exploiting the DICE specification to ensure strong identity and integrity of IoT devices
Bravi, Enrico;Sisinni, Silvia;Lioy, Antonio
2023
Abstract
IoT devices are becoming widely used in several contexts, and nowadays billions of devices are deployed in different scenarios, some of which are very critical to people’s privacy and safety. For these reasons, it is very important to provide capabilities for guaranteeing the correct behaviour of the devices. Remote attestation is a technique traditionally used to monitor the integrity status of nodes and to determine if they are behaving as expected. This technique requires that the device is equipped with Roots of Trust, that are the set of hardware and software features that make the platform capable of providing reliable integrity reports even when it has been compromised. This paper proposes a solution that permits to identify and attest devices in a dynamic context, such as Smart Cities or Smart Homes, where unknown devices can connect to the network and perform several actions. The proposed security schema is based on the Device Identity Composition Engine (DICE), which represents a set of specifications designed by the Trusted Computing Group (TCG) to enhance security and privacy of devices with minimal silicon requirements.
| File | Dimensione | Formato | |
|---|---|---|---|
|
1570890828.pdf
accesso aperto
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Pubblico - Tutti i diritti riservati
Dimensione
908.84 kB
Formato
Adobe PDF
|
908.84 kB | Adobe PDF | Visualizza/Apri |
|
Exploiting_the_DICE_specification_to_ensure_strong_identity_and_integrity_of_IoT_devices.pdf
accesso riservato
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
916.15 kB
Formato
Adobe PDF
|
916.15 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2982173