Loading...

Implementation of Remote Attestation Mechanism on Internet of Things End-Nodes using TPM

Daghlavi, Khaled | 2019

0 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 52039 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Bayat Sarmadi, Siavash
  7. Abstract:
  8. Today Internet of Things (IoT) applications are growing rapidly around us and alongside this trend, the topics of security and trust in this field are getting more serious. A big part of this field is composed of embedded systems. Remote attestation is a prominent security option in regards of attesting to the integrity of these type of systems and consequently establishing trust remotely. Remote attestation has been an active field of research to attest different type of systems against various types of threats. A noteworthy security hardware, enabling this type of process, is the Trusted Platform Module (TPM). Incorporating this chip in traditional personal computers for security purposes are common today, offering features such as attestation reporting, platform integrity measurement, authorization, and secure key storage. In this research we aim to present an attestation scheme specialized towards Internet of Things end-nodes using TPM. By Internet of Things end-node, we are referring to resource-constrained embedded systems, traditionally deployed in hostile environments without monitoring, where unauthorized access is possible, and controlled remotely. On top of consideration for this type of platform’s limitations, our proposed scheme is platform independent, makes very few assumptions, and requires no modification to platform’s architecture. Using a TPM, we utilize a specialized security hardware, equipped with various secure tools and e-commerce level cryptography. Our proposed scheme introduces a new approach in regards of measuring configurations and a new method of implementing a root of trust. Combined, these two distinct features contribute lower required resources and lower operational overhead for measuring, which makes this scheme suitable for real-time systems. Also, while remaining a static attestation method, this scheme can attest against a wide range of threats, including a level of physical access and tampering
  9. Keywords:
  10. Internet of Things ; Remote Attestation ; Trusted Platform Module (TPM) ; Security ; Trust ; Resource Constrained Embedded System

 Digital Object List

 Bookmark

No TOC