Abstract
Contemporary IoT environments, such as smart buildings, require end-users to trust data-capturing rules published by the systems. There are several reasons why such a trust is misplaced—IoT systems may violate the rules deliberately or IoT devices may transfer user data to a malicious third-party due to cyberattacks, leading to the loss of individuals’ privacy or service integrity. To address such concerns, we propose IoT Notary, a framework to ensure trust in IoT systems and applications. IoT Notary provides secure log sealing on live sensor data to produce a verifiable “proof-of-integrity,” based on which a verifier can attest that captured sensor data adhere to the published data-capturing rules. IoT Notary is an integral part of TIPPERS, a smart space system that has been deployed at the University of California, Irvine to provide various real-time location-based services on the campus. We present extensive experiments over real-time WiFi connectivity data to evaluate IoT Notary, and the results show that IoT Notary imposes nominal overheads. The secure logs only take 21% more storage, while users can verify their one day’s data in less than 2 s even using a resource-limited device.
- [1] [n.d.]. Retrieved from https://newsroom.intel.com/newsroom/wp-content/uploads/sites/11/2017/09/8th-gen-intel-core-product-brief.pdf.Google Scholar
- [2] [n.d.]. Filecoin: A Decentralized Storage Network by Protocol Labs. Retrieved from https://filecoin.io/filecoin.pdf.Google Scholar
- [3] . 2016. I-Pic: A platform for privacy-compliant image capture. In MobiSys. 235–248. Google ScholarDigital Library
- [4] . 2016. Connectivity of smart devices: Addressing the security challenges of the Internet of Things. In Connectivity Frameworks for Smart Devices: The Internet of Things from a Distributed Computing Perspective.Google Scholar
- [5] . 2016. SANA: Secure and scalable aggregate network attestation. In CCS. 731–742. Google ScholarDigital Library
- [6] . 2015. SEDA: Scalable embedded device attestation. In CCS. 964–975. Google ScholarDigital Library
- [7] . 2013. SNARKs for C: Verifying program executions succinctly and in zero knowledge. In CRYPTO, Vol. 8043.Google Scholar
- [8] . 2004. Mix zones: User privacy in location-aware services. In PerCom. 127–131. Google ScholarDigital Library
- [9] . 2019. Privacy-preserving aware data transmission for IoT-based e-health. Comput. Netw. 162 (2019).Google Scholar
- [10] . 2015. Function secret sharing. In EUROCRYPT. 337–367.Google Scholar
- [11] . 2018. Remote attestation of IoT devices via SMARM: Shuffled measurements against roving malware. In HOST. 9–16.Google Scholar
- [12] . 2014. ipShield: A framework for enforcing context-aware privacy. In NSDI. 143–156. Google ScholarDigital Library
- [13] . 2019. RADIS: Remote attestation of distributed IoT services. In SDS. 25–32.Google Scholar
- [14] . 2016. Intel SGX explained. IACR Cryptology ePrint Archive 2016 (2016), 86.Google Scholar
- [15] . 2018. Building accountability into the Internet of Things: the IoT Databox model. J. Reliab. Intell. Environ. 4, 1 (2018), 39–55.Google ScholarCross Ref
- [16] . 2009. Efficient data structures for tamper-evident logging. In USENIX. 317–334. Google ScholarDigital Library
- [17] . 2016. Privacy mediators: Helping IoT cross the chasm. In HotMobile. 39–44. Google ScholarDigital Library
- [18] . 2014. openpds: Protecting the privacy of metadata through safeanswers. PLoS One 9, 7 (2014), e98790.Google Scholar
- [19] . 1976. New directions in cryptography. IEEE Trans. Inf. Theory 22, 6 (1976), 644–654. Google ScholarDigital Library
- [20] . 2021. Enabling secure and efficient decentralized storage auditing with blockchain. IEEE Trans. Depend. Sec. Comput. (2021).Google Scholar
- [21] . 2017. Certificate transparency with privacy. Proc. Priv. Enhanc. Technol 2017, 4 (2017), 329–344.Google ScholarCross Ref
- [22] . 2017. Security implications of permission models in smart-home application frameworks. IEEE Secur. Priv. 15, 2 (2017), 24–30. Google ScholarDigital Library
- [23] . 2018. Practical accountability of secret processes. In USENIX. 657–674. Google ScholarDigital Library
- [24] . 2013. Internet of Things (IoT): A vision, architectural elements, and future directions. Fut. Gen. Compu. Syst.7 (2013), 1645–1660. Google ScholarDigital Library
- [25] . 2016. DARPA: Device attestation resilient to physical attacks. In WiSec. 171–182. Google ScholarDigital Library
- [26] . 2018. AID: Autonomous attestation of IoT devices. In SRDS. 21–30.Google Scholar
- [27] . 2008. Transforming semi-honest protocols to ensure accountability. Data Knowl. Eng. 65, 1 (2008), 57–74. Google ScholarDigital Library
- [28] . 2014. Securing the Internet of Things: A standardization perspective. IoT J. 1, 3 (2014), 265–275.Google Scholar
- [29] . 2003. SIGMA: The ‘SIGn-and-MAc’ approach to authenticated diffie-hellman and its use in the IKE protocols. In CRYPTO. 400–425.Google Scholar
- [30] . 2016. Security mechanisms for connectivity of smart devices in the Internet of Things. In Connectivity Frameworks for Smart Devices. 23–41.Google Scholar
- [31] . 2016. TIPPERS: A privacy cognizant IoT environment. In PerCom Workshops. 1–6.Google Scholar
- [32] . 2010. Personal data vaults: A locus of control for personal data streams. In CoNEXT. 17. Google ScholarDigital Library
- [33] . 2003. Preserving privacy in environments with location-based applications. IEEE Perv. Comput. 2, 1 (2003), 56–64. Google ScholarDigital Library
- [34] . 2018. zkLedger: Privacy-preserving auditing for distributed ledgers. In NSDI. 65–80. Google ScholarDigital Library
- [35] . [n.d.]. Pinocchio: Nearly practical verifiable computation. In IEEE SP. 238–252. Google ScholarDigital Library
- [36] . 2016. Expecting the unexpected: Understanding mismatched privacy expectations online. In SOUPS. 77–96. Google ScholarDigital Library
- [37] . [n.d.]. “You don’t want to be the next meme”: College Students’ workarounds to manage privacy in the era of pervasive photography. In SOUPS. 143–157. Google ScholarDigital Library
- [38] . 2014. World-driven access control for continuous sensing. In CCS. 1169–1181. Google ScholarDigital Library
- [39] . 2018. Cardea: Context-aware visual privacy protection for photo taking and sharing. In MMSys. 304–315. Google ScholarDigital Library
- [40] . 2019. Secure data aggregation of lightweight E-healthcare IoT devices with fair incentives. IEEE IoT J. 6, 5 (2019), 8714–8726.Google Scholar
- [41] . 2014. SIA: Simple decentralized storage. Retrieved May (2014), 2018.Google Scholar
- [42] . 2017. A scalable and privacy-aware IoT service for live video analytics. In MMSys. ACM, 38–49. Google ScholarDigital Library
- [43] . 2018. Enabling security-enhanced attestation with Intel SGX for remote terminal and IoT. TCDICS 37, 1 (2018), 88–96.Google Scholar
- [44] . 2017. Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX. In CCS. 2421–2434. Google ScholarDigital Library
- [45] . 2004. Building an encrypted and searchable audit log. In NDSS, Vol. 4. 5–6.Google Scholar
- [46] . 2015. SemaDroid: A privacy-aware sensor management framework for smartphones. In CODASPY. 61–72. Google ScholarDigital Library
- [47] . 2018. Privacy-preserving fusion of IoT and big data for e-health. Fut. Gener. Comput. Syst. 86 (2018), 1437–1455.Google ScholarDigital Library
- [48] . 2016. A context-based privacy preserving framework for wearable visual lifeloggers. In PerCom Workshops. IEEE Computer Society, 1–4.Google Scholar
- [49] . 2016. Towards building forensics enabled cloud through secure logging-as-a-service. IEEE Trans. Depend. Sec. Comput. 13 (2016), 148–162. Google ScholarDigital Library
- [50] . 2017. vSQL: Verifying arbitrary SQL queries over dynamic outsourced databases. In IEEE SP. 863–880.Google Scholar
Index Terms
- IoT Notary: Attestable Sensor Data Capture in IoT Environments
Recommendations
Verifiable Round-Robin Scheme for Smart Homes
CODASPY '19: Proceedings of the Ninth ACM Conference on Data and Application Security and PrivacyAdvances in sensing, networking, and actuation technologies have resulted in the IoT wave that is expected to revolutionize all aspects of modern society. This paper focuses on the new challenges of privacy that arise in IoT in the context of smart ...
Customized blockchain-based architecture for secure smart home for lightweight IoT
Highlights- A novel Blockchain-based solution for secure smart home systems, using a combined hyperledger fabric and hyperledger composer.
AbstractSafeguarding security and privacy remains a major challenge with regards to the Internet of Things (IoT) primarily due to the large scale and distribution of IoT networks. The information systems in Smart Homes are mainly based on ...
Managing Context Information for Adaptive Security in IoT Environments
WAINA '15: Proceedings of the 2015 IEEE 29th International Conference on Advanced Information Networking and Applications WorkshopsPervasive computing is becoming a reality due to the rise of the so-called Internet of Things (IoT). In this paradigm, everyday and physical objects are being equipped with capabilities to detect and communicate information they receive from their ...
Comments