Secure and Trusted Execution: Past, Present, and Future - A Critical Review in the Context of the Internet of Things and Cyber-Physical Systems

Shepherd, Carlton; Arfaoui, Ghada; Gurulian, Iakovos; Lee, Robert P.; Markantonakis, Konstantinos; Akram, Raja Naeem; Sauveron, Damien; Conchon, Emmanuel

doi:10.1109/trustcom.2016.0060

Cited by 50 publications

(25 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Trusted Execution Environments (TEE) represent one solution for it. Shepherd et al [20] give an overview of actual technologies. Companies like Intel, LEGIC 7 or Riddle & Code 8 provide products to store private keys in a secure element on a chip.…”

Section: Giving a Device An Identity During Manufacturingmentioning

confidence: 99%

Identity of Things: Applying concepts from Self Sovereign Identity to IoT devices

Weingärtner¹

2021

The JBBA

View full text Add to dashboard Cite

Identity is a crucial property of Internet of Things (IoT) devices. Due to rapid growth and high numbers of similar devices, reliable identification of those devices is a problem. The origin and history of an IoT device is especially important in security-relevant environments. Our research addresses this issue by proposing an approach based on blockchain and decentralised identifiers (DID). It is inspired by the concepts of self-sovereign identity (SSI) and bootstrapping of remote secure key infrastructures (BRSKI). Devices are equipped by the manufacturer with an identity stored in a trusted execution environment (TEE) and secured by a blockchain. This identity can be used to trace back the origin of the device. During the bootstrapping process on the customer side, the identity registration of the device is updated in the blockchain. This process is performed by a so-called registrar. Smart contracts prevent unsolicited transfer of ownership and track the history of the device. Besides proof of origin and device security our concept can be used for device inventory and firmware upgrade. A prototype implementation was realised to validate the concept. All six use cases have been implemented and tested using an Ethereum blockchain infrastructure. JSON Web Tokens (JWT) have been used as signed artefacts to transfer information between the stakeholders. This enables an asynchronous communication needed for example in an environment with no direct internet access. Such an infrastructure can be provided by an independent association and can be used by all manufacturers. Depending on the environment a registration of devices can be optional or mandatory.

show abstract

Section: Giving a Device An Identity During Manufacturingmentioning

confidence: 99%

Identity of Things: Applying concepts from Self Sovereign Identity to IoT devices

Weingärtner¹

2021

The JBBA

View full text Add to dashboard Cite

show abstract

“…In MCUs, the secret must be preserved so that any illegitimate device cannot access to it. Conventional schemes require storage and hence only few IoT devices can handle them [4]. Miguel Angel Prada-Delgado, Iliminada Baturone, Gero Dittmann, Jens Jelitto and Andreas Kind, in their paper entitled "PUF-derived IoT identities in a zero-knowledge protocol for blockchain" propose an alternative authentication approach based on public-key cryptography in which an MCU generates a secret key internally based on the fact that manufacturing technology shows lots of variations in their processes and hence this variability can be used as a physical unclonable function (PUF).…”

Section: Contributions To the Special Issuementioning

confidence: 99%

Advancements in distributed ledger technology for Internet of Things

Arslan

Jurdak

Jelitto³

et al. 2020

Internet of Things

View full text Add to dashboard Cite

This is a PDF file of an article that has undergone enhancements after acceptance, such as the addition of a cover page and metadata, and formatting for readability, but it is not yet the definitive version of record. This version will undergo additional copyediting, typesetting and review before it is published in its final form, but we are providing this version to give early visibility of the article. Please note that, during the production process, errors may be discovered which could affect the content, and all legal disclaimers that apply to the journal pertain.

show abstract

“…Android, or Rich Execution Environment (REE), by allocating distinct memory regions with accesses controlled by hardware. We summarise the foremost commercial TEEs for Intel and ARM chipsets; the reader is referred to [22] for a detailed survey of secure and trusted execution environments. Intel Software Guard eXtensions (SGX) is an extension to the x86-64 instruction set that enables the creation of per-application 'enclaves'.…”

Section: Trusted Execution Environments (Tees)mentioning

confidence: 99%

Remote Credential Management with Mutual Attestation for Trusted Execution Environments

Shepherd

Akram

Markantonakis

2019

Information Security Theory and Practice

Self Cite

View full text Add to dashboard Cite

Trusted Execution Environments (TEEs) are rapidly emerging as a root-of-trust for protecting sensitive applications and data using hardware-backed isolated worlds of execution. TEEs provide robust assurances regarding critical algorithm execution, tamper-resistant credential storage, and platform integrity using remote attestation. However, the challenge of remotely managing credentials between TEEs remains largely unaddressed in existing literature. In this work, we present novel protocols using mutual attestation for supporting four aspects of secure remote credential management with TEEs: backups, updates, migration, and revocation. The proposed protocols are agnostic to the underlying TEE implementation and subjected to formal verification using Scyther, which found no attacks.

show abstract

Secure and Trusted Execution: Past, Present, and Future - A Critical Review in the Context of the Internet of Things and Cyber-Physical Systems

Cited by 50 publications

References 10 publications

Identity of Things: Applying concepts from Self Sovereign Identity to IoT devices

Identity of Things: Applying concepts from Self Sovereign Identity to IoT devices

Advancements in distributed ledger technology for Internet of Things

Remote Credential Management with Mutual Attestation for Trusted Execution Environments

Contact Info

Product

Resources

About