Don't Talk Unless I Say So! Securing the Internet of Things with Default-Off Networking

The Internet of Things (IoT) is changing the way we interact with everyday objects. "Smart" devices will reduce energy use, keep our homes safe, and improve our health. However, as recent attacks have shown, these devices also create tremendous security vulnerabilities in our computing networks. Securing all of these devices is a daunting task. In this paper, we argue that IoT device communications should be default-off and desired network communications must be explicitly enabled. Unlike traditional networked applications or devices like a web browser or PC, IoT applications and devices serve narrowly defined purposes and do not require access to all services in the network. Our proposal, Bark, a policy language and runtime for specifying and enforcing minimal access permissions in IoT networks, exploits this fact. Bark phrases access control policies in terms of natural questions (who, what, where, when, and how) and transforms them into transparently enforceable rules for IoT application protocols. Bark can express detailed rules such as "Let the lights see the luminosity of the bedroom sensor at any time" and "Let a device at my front door, if I approve it, unlock my smart lock for 30 seconds" in a way that is presentable and explainable to users. We implement Bark for Wi-Fi/IP and Bluetooth Low Energy (BLE) networks and evaluate its efficacy on several example applications and attacks.

[1]  Philip Levis,et al.  Beetle: Flexible Communication for Bluetooth Low Energy , 2016, MobiSys.

[2]  David R. Kuhn,et al.  Role-Based Access Control (RBAC): Features and Motivations | NIST , 1995 .

[3]  Mauro Conti,et al.  CRêPE: A System for Enforcing Fine-Grained Context-Related Policies on Android , 2012, IEEE Transactions on Information Forensics and Security.

[4]  Adi Shamir,et al.  IoT Goes Nuclear: Creating a ZigBee Chain Reaction , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[5]  Eddie Kohler,et al.  Making information flow explicit in HiStar , 2006, OSDI '06.

[6]  P. Denning,et al.  Beyond Calculation , 1997, Springer New York.

[7]  Ratul Mahajan,et al.  Bolt: Data Management for Connected Homes , 2014, NSDI.

[8]  Jin Tong,et al.  Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[9]  Prabal Dutta,et al.  The Internet of Things Has a Gateway Problem , 2015, HotMobile.

[10]  Silas Boyd-Wickizer,et al.  Securing Distributed Systems with Information Flow Control , 2008, NSDI.

[11]  Stefan Saroiu,et al.  An Operating System for the Home , 2012, NSDI.

[12]  Zhao Li,et al.  SIFT: building an internet of safe things , 2015, IPSN.

[13]  D. Richard Kuhn,et al.  Role-Based Access Control ( RBAC ) : Features and Motivations , 2014 .

[14]  Earlence Fernandes,et al.  Security Analysis of Emerging Smart Home Applications , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[15]  Martín Abadi,et al.  Authentication in the Taos operating system , 1993, SOSP '93.

[16]  Srinivasan Seshan,et al.  Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the Internet-of-Things , 2015, HotNets.

[17]  Dennis G. Kafura,et al.  First experiences using XACML for access control in distributed systems , 2003, XMLSEC '03.

[18]  Patrick D. McDaniel,et al.  Semantically rich application-centric security in Android , 2012 .

[19]  David E. Culler,et al.  BOSS: Building Operating System Services , 2013, NSDI.

[20]  Jiwon Choi,et al.  FACT: Functionality-centric Access Control System for IoT Programming Frameworks , 2017, SACMAT.

[21]  Ítalo S. Cunha,et al.  AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle , 2016, SenSys.