The SA4P Framework: Sensing and Actuation as a Privilege
Pages 873 - 885
Abstract
Popular consumer Internet of Things (IoT) devices provide increasingly diverse sensing and actuation capabilities. Despite their benefits, such devices prompt numerous security concerns. Typically, security is attained at device-level granularity, which relies upon device trustworthiness. However, if a device is compromised (e.g., via remote exploits), this approach fails. To this end, we construct SA4P: Sensing and Actuation as a Privilege, a framework that decouples IoT devices from their physical environment. In SA4P, whenever any software on a device wants to access a sensing or actuation peripheral, it must be authorized to do so. This is achieved by the inclusion of an on-board component, Peripheral Guard (PEG), that physically guards peripherals. Besides providing strong security guarantees, SA4P motivates developers to consider sensing and actuation as valuable resources. SA4P' design is modular, lightweight, and formally verified. It also does not require any hardware modifications for trusted execution environment (TEE)-equipped devices, while imposing only modest changes for other devices.
References
[1]
Tigist Abera, N. Asokan, Lucas Davi, Jan-Erik Ekberg, Thomas Nyman, Andrew Paverd, Ahmad-Reza Sadeghi, and Gene Tsudik. 2016. C-FLAT: Control-Flow Attestation for Embedded Systems Software. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM.
[2]
Abbas Acar, Hossein Fereidooni, Tigist Abera, Amit Kumar Sikder, Markus Miettinen, Hidayet Aksu, Mauro Conti, Ahmad-Reza Sadeghi, and Selcuk Uluagac. 2020. Peek-a-boo: I see your smart home activities, even encrypted!. In Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM.
[3]
Mahmoud Ammar and Bruno Crispo. 2020. Verify&Revive: Secure Detection and Recovery of Compromised Low-end Embedded Devices. In Annual Computer Security Applications Conference. ACM.
[4]
Mahmoud Ammar, Bruno Crispo, and Gene Tsudik. 2020. SIMPLE: A Remote Attestation Approach for Resource-constrained IoT devices. In 2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS). IEEE.
[5]
Analog Devices. [n. d.]. The Fundamentals of Secure Boot and Secure Download: How to Protect Firmware and Data within Embedded Devices. Technical Report.
[6]
Noah Apthorpe, Dillon Reisman, Srikanth Sundaresan, Arvind Narayanan, and Nick Feamster. 2017. Spying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic.
[7]
Ionut Arghire. 2022. Nuki Smart Lock Vulnerabilities Allow Hackers to Open Doors. https://www.securityweek.com/nuki-smart-lock-vulnerabilities-allow-hackers-open-doors/.
[8]
ARM. 2009. ARM Security Technology: Building a Secure System using TrustZone Technology. Technical Report.
[9]
SA4P Authors. 2023. GitHub repositories accompanying this paper. https://github.com/SA4P.
[10]
Carsten Bormann, Mehmet Ersue, and Ari Keränen. 2014. Terminology for Constrained-Node Networks. RFC 7228.
[11]
Ferdinand Brasser, Daeyoung Kim, Christopher Liebchen, Vinod Ganapathy, Liviu Iftode, and Ahmad-Reza Sadeghi. 2016. Regulating ARM TrustZone Devices in Restricted Spaces. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services. ACM.
[12]
Ankur Chattopadhyay and T.E. Boult. 2007. PrivacyCam: a Privacy Preserving Camera Using uCLinux on the Blackfin DSP. In 2007 IEEE Conference on Computer Vision and Pattern Recognition. IEEE.
[13]
Connectivity Standards Alliance, Inc. 2022. Matter Specification Version 1.0. Technical Report.
[14]
Andrei Costin, Jonas Zaddach, Aurélien Francillon, and Davide Balzarotti. 2014. A Large-Scale Analysis of the Security of Embedded Firmwares. In Proceedings of the 23rd USENIX Security Symposium.
[15]
Anupam Das, Martin Degeling, Daniel Smullen, and Norman Sadeh. 2018. Personalized Privacy Assistants for the Internet of Things: Providing Users with Notice and Choice. IEEE Pervasive Computing 17, 3 (July 2018).
[16]
Ghada Dessouky, Shaza Zeitouni, Thomas Nyman, Andrew Paverd, Lucas Davi, Patrick Koeberl, N. Asokan, and Ahmad-Reza Sadeghi. 2017. LO-FAT: Low-Overhead Control Flow ATtestation in Hardware. In Proceedings of the 54th Annual Design Automation Conference 2017. ACM.
[17]
Sebastian Echeverria, Grace A. Lewis, Dan Klinedinst, and Ludwig Seitz. 2019. Authentication and Authorization for IoT Devices in Disadvantaged Environments. In 2019 IEEE 5th World Forum on Internet of Things (WF-IoT). IEEE.
[18]
Geovane Fedrecheski, Laisa Caroline Costa De Biase, Pablo C. Calcina-Ccori, Roseli de Deus Lopes, and Marcelo Knorich Zuffo. 2022. SmartABAC: Enabling Constrained IoT Devices to Make Complex Policy-Based Access Control Decisions. IEEE Internet of Things Journal 9, 7 (apr 2022), 5040--5050.
[19]
Eileen Guo. 2023. Roomba testers feel misled after intimate images ended up on Facebook. https://www.technologyreview.com/2023/01/10/1066500/.
[20]
Jun Han, Abhishek Jain, Mark Luk, and Adrian Perrig. 2007. Don't Sweat Your Privacy: Using Humidity to Detect Human Presence. In Proceedings of the International Workshop on Privacy in UbiComp (UbiPriv). /publications/papers/han_jain_luk_perrig_privacy.pdf
[21]
Manuel Huber, Stefan Hristozov, Simon Ott, Vasil Sarafov, and Marcus Peinado. 2020. The Lazarus Effect: Healing Compromised Devices in the Internet of Small Things. In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security. ACM.
[22]
Umar Iqbal, Pouneh Nikkhah Bahrami, Rahmadi Trimananda, Hao Cui, Alexander Gamero-Garrido, Daniel Dubois, David Choffnes, Athina Markopoulou, Franziska Roesner, and Zubair Shafiq. 2022. Your Echos are Heard: Tracking, Profiling, and Ad Targeting in the Amazon Smart Speaker Ecosystem.
[23]
Jim Karki. 2021. Application Report: Understanding Operational Amplifier Specifications. Technical Report. Texas Instruments.
[24]
Arslan Khan, Hyungsub Kim, Byoungyoung Lee, Dongyan Xu, Antonio Bianchi, and Dave (Jing) Tian. 2021. M2MON: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 285--302. https://www.usenix.org/conference/usenixsecurity21/presentation/khan-arslan
[25]
Jun Young Kim, Wen Hu, Dilip Sarkar, and Sanjay Jha. 2017. ESIoT: enabling secure management of the internet of things. In Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM.
[26]
Dr. Hugo Krawczyk and Pasi Eronen. 2010. HMAC-based Extract-and-Expand Key Derivation Function (HKDF). RFC 5869.
[27]
Davy Landman. 2022. compact25519: A compact portable X25519 + Ed25519 implementation. https://github.com/DavyLandman/compact25519.
[28]
Marc Langheinrich. 2002. A Privacy Awareness System for Ubiquitous Computing Environments. In ACM Conference on Ubiquitous Computing.
[29]
Ralph Langner. 2011. Stuxnet: Dissecting a Cyberwarfare Weapon. IEEE Security & Privacy Magazine 9, 3 (may 2011), 49--51.
[30]
Matthew Lentz, Rijurekha Sen, Peter Druschel, and Bobby Bhattacharjee. 2018. SeCloak: ARM Trustzone-based Mobile Peripheral Control. In Proceedings of the 16th Annual International Conference on Mobile Systems, Applications, and Services. ACM.
[31]
ARM Ltd. 2020. ARM Cortex-M33 Devices Generic User Guide. https://developer.arm.com/documentation/100235/0100. Version r1p0.
[32]
Stephen McLaughlin. 2013. CPS: Stateful Policy Enforcement for Control System Device Usage. In Proceedings of the 29th Annual Computer Security Applications Conference (New Orleans, Louisiana, USA) (ACSAC '13). Association for Computing Machinery, New York, NY, USA, 109--118.
[33]
Simon Meier, Benedikt Schmidt, Cas Cremers, and David Basin. 2013. The TAMARIN Prover for the Symbolic Analysis of Security Protocols. In Computer Aided Verification. Springer Berlin Heidelberg, 696--701.
[34]
Saeed Mirzamohammadi, Justin A. Chen, Ardalan Amiri Sani, Sharad Mehrotra, and Gene Tsudik. 2017. Ditio: Trustworthy Auditing of Sensor Activities in Mobile & IoT Devices. In Proceedings of the 15th ACM Conference on Embedded Network Sensor Systems. ACM.
[35]
Saeed Mirzamohammadi and Ardalan Amiri Sani. 2016. Viola: Trustworthy Sensor Notifications for Enhanced Privacy on Mobile Systems. In Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services. ACM.
[36]
National Institute of Standards and Technology. 2020. Security and Privacy Controls for Information Systems and Organizations. Technical Report.
[37]
Timothy Nelson, Christopher Barratt, Daniel Dougherty, Kathi Fisler, and Shriram Krishnamurthi. 2012. The Margrave Tool for Firewall Analysis. (05 2012).
[38]
Antonio L. Maia Neto, Artur L. F. Souza, Italo Cunha, Michele Nogueira, Ivan Oliveira Nunes, Leonardo Cotta, Nicolas Gentille, Antonio A. F. Loureiro, Diego F. Aranha, Harsh Kupwade Patil, and Leonardo B. Oliveira. 2016. AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle. In Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems CD-ROM. ACM.
[39]
Jakob Nielsen. 1993. Usability Engineering. AP Professional.
[40]
Job Noorman, Jo Van Bulck, Jan Tobias Mühlberg, Frank Piessens, Pieter Maene, Bart Preneel, Ingrid Verbauwhede, Johannes Götzfried, Tilo Müller, and Felix Freiling. 2017. Sancus 2.0: A Low-Cost Security Architecture for IoT Devices. ACM Transactions on Privacy and Security 20, 3 (jul 2017), 1--33.
[41]
Ivan De Oliveira Nunes, Seoyeon Hwang, Sashidhar Jakkamsetti, and Gene Tsudik. 2022. Privacy-from-Birth: Protecting Sensed Data from Malicious Sensors with VERSA. In 2022 IEEE Symposium on Security and Privacy (SP). IEEE.
[42]
NXP Semiconductors. 2021. UM10204: I2C-bus specification and user manual. Technical Report.
[43]
Se-Ra Oh, Young-Gab Kim, and Sanghyun Cho. 2019. An Interoperable Access Control Framework for Diverse IoT Platforms Based on OAuth and Role. Sensors 19, 8 (apr 2019), 1884.
[44]
ON Semiconductor. 2011. 2N7000G: Small Signal MOSFET 200 mApms, 60 Volts. Technical Report.
[45]
ON Semiconductor. 2014. MC74VHC541: Octal Bus Buffer. Technical Report.
[46]
Trevor Perrin. 2018. The Noise Protocol Framework. https://noiseprotocol.org/noise.pdf. Revision 34.
[47]
Francesco Pittaluga and Sanjeev Jagannatha Koppal. 2017. Pre-Capture Privacy for Small Vision Sensors. IEEE Transactions on Pattern Analysis and Machine Intelligence 39, 11 (nov 2017), 2215--2226.
[48]
Jing Qiu, Zhihong Tian, Chunlai Du, Qi Zuo, Shen Su, and Binxing Fang. 2020. A Survey on Access Control in the Age of Internet of Things. IEEE Internet of Things Journal 7, 6 (jun 2020), 4682--4696.
[49]
D. Quarta, M. Pogliani, M. Polino, F. Maggi, A. M. Zanchettin, and S. Zanero. 2017. An Experimental Security Analysis of an Industrial Robot Controller. In IEEE Symposium on Security and Privacy.
[50]
L. Seitz, G. Selander, E. Wahlstroem, S. Erdtman, and H. Tschofenig. 2022. Authentication and Authorization for Constrained Environments Using the OAuth 2.0 Framework (ACE-OAuth). Technical Report.
[51]
Arvid Seshadri, Mark Luk, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla. 2004. Using FIRE and ICE for Detectin and Recovering Compromised Nodes in Sensor Networks. Technical Report. Carnegie Mellon University.
[52]
Amit Kumar Sikder, Hidayet Aksu, and A. Selcuk Uluagac. 2017. 6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 397--414. https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/sikder
[53]
Dimitrios Slamaris. 2022. Embedded Systems Security and TrustZone. https://embeddedsecurity.io. Accessed: 2023-02-07.
[54]
Zhichuang Sun, Bo Feng, Long Lu, and Somesh Jha. 2020. OAT: Attesting Operation Integrity of Embedded Devices. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE.
[55]
Texas Instruments. 1999. LMV3xx Low-Voltage Rail-to-Rail Output Operational Amplifier. Technical Report.
[56]
Piet De Vaere and Adrian Perrig. 2019. Liam: An Architectural Framework for Decentralized IoT Networks. In 2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). IEEE.
[57]
Yinxin Wan, Kuai Xu, Feng Wang, and Guoliang Xue. 2022. IoTAthena: Unveiling IoT Device Activities From Network Traffic. IEEE Transactions on Wireless Communications 21, 1 (jan 2022), 651--664.
[58]
Zhiwei Wang, Yihui Yan, Yueli Yan, Huangxun Chen, and Zhice Yang. 2022. CamShield: Securing Smart Cameras through Physical Replication and Isolation. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA, 3467--3484. https://www.usenix.org/conference/usenixsecurity22/presentation/wang-zhiwei
[59]
Thomas Winkler, Adam Erdelyi, and Bernhard Rinner. 2014. TrustEYE.M4: Protecting the sensor --- Not the camera. In 2014 11th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS). IEEE.
[60]
Thomas Winkler and Bernhard Rinner. 2010. TrustCAM: Security and Privacy-Protection for an Embedded Smart Camera Based on Trusted Computing. In 2010 7th IEEE International Conference on Advanced Video and Signal Based Surveillance. IEEE.
[61]
Thomas Winkler and Bernhard Rinner. 2014. Security and Privacy Protection in Visual Sensor Networks. Comput. Surveys 47, 1 (may 2014), 1--42.
[62]
Meng Xu, Manuel Huber, Zhichuang Sun, Paul England, Marcus Peinado, Sangho Lee, Andrey Marochko, Dennis Mattoon, Rob Spiger, and Stefan Thom. 2019. Dominance as a New Trusted Computing Primitive for the Internet of Things. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE.
[63]
Yupeng Zhang, Yuheng Lu, Hajime Nagahara, and Rin ichiro Taniguchi. 2014. Anonymous Camera for Privacy Protection. In 2014 22nd International Conference on Pattern Recognition. IEEE.
[64]
Binbin Zhao, Shouling Ji, Jiacheng Xu, Yuan Tian, Qiuyang Wei, Qinying Wang, Chenyang Lyu, Xuhong Zhang, Changting Lin, Jingzheng Wu, and Raheem Beyah. 2022. One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware.
Index Terms
- The SA4P Framework: Sensing and Actuation as a Privilege
Recommendations
Secure IoT framework and 2D architecture for End-To-End security
In this paper, we proposed an secure IoT framework to ensure an End-To-End security from an IoT application to IoT devices. The proposed IoT framework consists of the IoT application, an IoT broker and the IoT devices. The IoT devices can be deployed ...
On the Effectiveness of End-to-End Security for Internet-Integrated Sensing Applications
GREENCOM '12: Proceedings of the 2012 IEEE International Conference on Green Computing and CommunicationsWhile realizing that most of the applications currently envisioned for the Internet of Things (IoT) are critical in respect to security, we may expect that such sensing applications may benefit from the availability of end-to-end IPv6 communications ...
Adaptable End-To-End Security For Mobile IoT Sensing Applications
SafeThings'17: Proceedings of the 1st ACM Workshop on the Internet of Safe ThingsWe address the limitations the current solutions for end-to-end security in the context of IoT (Internet of Things) applications. Such limitations are related to a few important aspects that may, in practice, be crucial to support most IoT applications, ...
Comments
Information & Contributors
Information
Published In
July 2024
1987 pages
ISBN:9798400704826
DOI:10.1145/3634737
- Chair:
- Jianying Zhou,
- Co-chair:
- Tony Q. S. Quek,
- Program Chairs:
- Debin Gao,
- Alvaro Cardenas
Copyright © 2024 Copyright is held by the owner/author(s). Publication rights licensed to ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 01 July 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
ASIA CCS '24
Sponsor:
ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security
July 1 - 5, 2024
Singapore, Singapore
Acceptance Rates
Overall Acceptance Rate 418 of 2,322 submissions, 18%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 100Total Downloads
- Downloads (Last 12 months)100
- Downloads (Last 6 weeks)19
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
Cited By
View allView Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in