Improving Internet of Things Device Certification with Policy-based Management

NEISSE, Ricardo; BALDINI, Gianmarco; STERI, Gary; AHMAD, Abbas; FOURNERET, Elizabeta; LEGEARD, Bruno

doi:10.1109/GIOTS.2017.8016273

The fast growing rate of the IoT systems with strong pressure to put devices on the market as soon as possible makes these systems vulnerable targets for cyber criminals, as recently seen in the Mirai botnet DDOS attack. A way to mitigate these threats is to enforce a comprehensive security certification process of IoT devices based on common standards. In this paper, we present an approach to improve certification of IoT devices using a combination of model-based testing and policy-based management in order to detect post certification vulnerabilities and act on them by introducing runtime policy enforcement capabilities. More precisely, we address these attacks using policy enforcement in order to correct vulnerable IoT device behavior and protect users even if security and privacy were not properly addressed by the device manufactures. We describe the details of our approach and, focusing on authorization vulnerabilities, we present a case study for the oneM2M standard showing how our solution can be applied in practice.

NEISSE Ricardo; BALDINI Gianmarco; STERI Gary; AHMAD Abbas; FOURNERET Elizabeta; LEGEARD Bruno;

2017-09-19

IEEE

JRC106530

978-1-5090-5873-0,

http://ieeexplore.ieee.org/document/8016273/, https://publications.jrc.ec.europa.eu/repository/handle/JRC106530,

10.1109/GIOTS.2017.8016273,

Language	Citation

Name	Country	City	Type

Datasets

ID	Title	Public URL

Dataset collections

ID	Acronym	Title	Public URL

Scripts / source codes

Description	Public URL

Additional supporting files

File name	Description	File type

Show metadata record Copy citation url to clipboard Download BibTeX