Embedded Policing and Policy Enforcement Approach for Future Secure IoT Technologies
Embedded Policing and Policy Enforcement Approach for Future Secure IoT Technologies
- Author(s): F. Siddiqui ; M. Hagan ; S. Sezer
- DOI: 10.1049/cp.2018.0010
For access to this article, please select a purchase option:
Buy conference paper PDF
Buy Knowledge Pack
IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.
Living in the Internet of Things: Cybersecurity of the IoT - 2018 — Recommend this title to your library
Thank you
Your recommendation has been sent to your librarian.
- Author(s): F. Siddiqui ; M. Hagan ; S. Sezer Source: Living in the Internet of Things: Cybersecurity of the IoT - 2018, 2018 page (10 pp.)
- Conference: Living in the Internet of Things: Cybersecurity of the IoT - 2018
- DOI: 10.1049/cp.2018.0010
- ISBN: 978-1-78561-843-7
- Location: London, UK
- Conference date: 28-29 March 2018
- Format: PDF
The Internet of Things (IoT) holds great potential for productivity, quality control, supply chain efficiencies and overall business operations. However, with this broader connectivity, new vulnerabilities and attack vectors are being introduced, increasing opportunities for systems to be compromised by hackers and targeted attacks. These vulnerabilities pose severe threats to a myriad of IoT applications within areas such as manufacturing, healthcare, power and energy grids, transportation and commercial building management. While embedded OEMs offer technologies, such as hardware Trusted Platform Module (TPM), that deploy strong chain-of-trust and authentication mechanisms, still they struggle to protect against vulnerabilities introduced by vendors and end users, as well as additional threats posed by potential technical vulnerabilities and zero-day attacks. This paper proposes a pro-active policy-based approach, enforcing the principle of least privilege, through hardware Security Policy Engine (SPE) that actively monitors communication of applications and system resources on the system communication bus (ARM AMBA-AXI4). Upon detecting a policy violation, for example, a malicious application accessing protected storage, it counteracts with predefined mitigations to limit the attack. The proposed SPE approach widely complements existing embedded hardware and software security technologies, targeting the mitigation of risks imposed by unknown vulnerabilities of embedded applications and protocols.
Inspec keywords: embedded systems; computer network security; authorisation; Internet of Things
Subjects: Computer networks and techniques; Data security; Computer communications
Related content
content/conferences/10.1049/cp.2018.0010
pub_keyword,iet_inspecKeyword,pub_concept
6
6