Workshop on Decentralized IoT Systems and Security (DISS) 2019

Recent developments in blockchains and edge computing allow deployment of decentralized shared economy platforms with utility token support, where tokens (in the form of altcoins) secure and reward useful work. However, the majority of the systems being developed, does not provide mechanisms to pair those who offer services (workers) and those who request them (clients), or rely on manual and insecure resolution. AStERISK bridges this gap allowing to perform sealed-bid auctions on blockchains, automatically determine the most optimal price for services, and assign clients to the most suitable workers. AStERISK allows workers to specify a minimal price for their work, and hide submitted bids as well the identity of the bidders without relying on any centralized party at any point. We provide a smart contract implementation of AStERISK and show how to deploy it within the Filecoin network, and perform an initial benchmark on Chainspace, an efficient, new smart contract platform.

We address the limitations of existing information security solutions when applied to the cyber-physical world. In particular, we consider the case of Internet of Things (IoT) actuation and we argue that it is hard to secure such a process. To this end, we propose a “damage control” approach, where service time is divided into slots and users perform microservice transactions, paying essentially in advance for each one, corresponding to one service slot. Under these circumstances, in the case of service disruption, a user, in the worst case, may lose the amount of money that corresponds to a single micro-service transaction in a single time slot. We implement our solution by leveraging blockchain-based smart contracts, off-chain payments, and one-time Hash-based Message Authentication Code (HMAC) passwords. Our solution supports IoT devices with limited processing capabilities and which are not necessarily connected to the Internet. Moreover, with our solution, IoT devices do not interact directly with the blockchain. In fact, they are oblivious to the use of blockchain technology. They do not store any usersensitive information, neither are payments made to or is value stored on the devices.

Over the last few years, blockchain-based technologies have flourished in many application areas. One of them is the creation of distributed ledgers where records of immutable objects are widely replicated for both transparency and availability. However, the Proof-of-Work (PoW) approach, a popular gating control that determines who can add new records into a ledger, is deemed infeasible for IoT devices with resource constraints.

In this paper, we present the design of DLedger, a private distributed ledger system designed for an experimental solar network developed by Operant Networks. DLedger records both individual customers’ solar energy production/consumption as well as all other noteworthy system events, such as certificate issuance and revocations. Compared to today’s centralized record keeping solutions, DLedger brings the benefits of information transparency and availability to both customers and the system vendor. Operant’s solar network uses the Named Data Networking (NDN) protocol, based on which DLedger controls the addition of new records using a lightweight Proof-of-Authentication (PoA). PoA leverages the properties of NDN where (i) every entity in the system possesses a name and a digital certificate, and (ii) they share the same trust anchor and thus can authenticate each other. DLedger further leverages NDN’s data-centric design to keep the ledger synchronized in a truly distributed and efficient manner.

Medical Body Area Networks (MBAN) are created when Wireless Sensor Nodes are either embedded into the patient’s body or strapped onto it. MBANs are used to monitor the health of patients in real-time in their homes. Many cyber protection mechanisms exist for the infrastructure that interfaces with MBANs; however, not many effective cyber security mechanisms exist for MBANs. We introduce a low-overhead security mechanism for MBANs based on having nodes infer anomalous power dissipation in their neighbors to detect compromised nodes. Nodes will infer anomalous power dissipation in their neighbors by detecting a change in their packet send rate. After two consecutive violations, the node will “Tattle” on its neighbor to the gateway, which will alert the Telemedicine administrator and notify all other nodes to ignore the compromised node.

Decentralised identifiers (DIDs) and verifiable credentials (VCs) are upcoming standards for self-sovereign privacy preserving identifiers and authorisation, respectively. This focus on privacy can help improve many services and open up new business models, but using DIDs and VCs directly on constrained IoT devices can be problematic due to the management and resource overhead. This paper presents an OAuth-based method to delegate the processing and access policy management to the Authorisation Server thus allowing also systems with constrained IoT devices to benefit from DIDs and VCs.

IoT systems are increasingly composed out of flexible, programmable, virtualised, and arbitrarily chained IoT elements and services using portable code. Moreover, they might be sliced, i.e. allowing multiple logical IoT systems (network + application) to run on top of a shared physical network and compute infrastructure. However, implementing and designing particularly security mechanisms for such IoT systems is challenging since a) promising technologies are still maturing, and b) the relationships among the many requirements, technologies and components are difficult to model a-priori.

The aim of the paper is to define design cues for the security architecture and mechanisms of future, virtualised, arbitrarily chained, and eventually sliced IoT systems. Hereby, our focus is laid on the authorisation and authentication of user and host, as well as on code integrity in these virtualised systems. The design cues are derived from the design and implementation of a secure virtual environment for distributed and collaborative AI system engineering using so called AI pipelines. The pipelines apply chained virtual elements and services and facilitate the slicing of the system. The virtual environment is denoted for short as the virtual premise (VP). The use-case of the VP for AI design provides insight into the complex interactions in the architecture, leading us to believe that the VP concept can be generalised to the IoT systems mentioned above. In addition, the use-case permits to derive, implement, and test solutions. This paper describes the flexible architecture of the VP and the design and implementation of access and execution control in virtual and containerised environments.

By 2018, it is no secret to the global networking community: Internet of Things (IoT) devices, usually controlled by IoT applications and applets, have dominated human lives. It has been shown that popular applet platforms (including If This Then That (IFTTT)) are susceptible to attacks that try to exfiltrate private photos, leak user location, etc. As new attacks might show up very frequently, tracking them fast and in an efficient and scalable manner is a daunting task due to the limited (e.g., memory, energy) resources at the IoT/mobile device and the large network size. Towards that direction, in this paper we propose a decentralized Dynamic Information Flow Tracking (DDIFT) framework that overcomes these challenges, better adapts to the IoT context, and further, is able to illuminate IoT applet attacks. In doing so, we leverage the synergy between: (i) a dynamic information flow tracking module that considers the application of tags with different types along with provenance information and runs in the mobile device at a fast timescale, (ii) a forensics analysis module running in the cloud at a slow timescale, (iii) distributed optimization to optimize various functionalities of the above modules as well as their interaction. We show that our framework is able to detect IoT applet attacks with higher accuracy (on average 81% improvement for different URL upload attack scenarios) and decreases resource wastage (on average 71% less memory usage under different integrity attack scenarios) compared to traditional DIFT, opening new horizons for IoT privacy and security.