To continue to grow, the Internet of Things (IoT) requires scalable and secure system software solutions for resource-constrained devices. To maximize return on investment of these devices, IoT platforms should support multiple third-party applications and adaptation of software over time. However, realizing the vision of shared IoT platforms demands not only strong guarantees on the confidentiality and integrity of application data, but also guarantees on the use of critical resources such as computation, sensors and energy. We refer to this vision as resource security . Prior research on Operating Systems (OS) for tiny IoT devices has focused on miniaturizing core functionality such as scheduling and communication and does not consider resource security. To address this problem, we introduce CerberOS, a resource-secure OS for sharing IoT devices. CerberOS enables multiple applications on constrained IoT devices while, for the first time, guaranteeing data confidentiality, integrity and secure resource management. Our approach is based upon the twin pillars of virtualization, which isolates applications, and contracts, which control application resource usage. Evaluation shows that CerberOS supports the secure coexistence of up to seven applications on a representative IoT device with a memory usage of 40KB ROM and 5KB RAM while preserving multi-year battery lifetimes
CerberOS: A Resource-Secure OS for Sharing IoT Devices / Akkermans, Seven; Daniels, Wilfried; Ramachandran, Gowri Sankar; Crispo, Bruno; Hughes, Danny. - (2017), pp. 96-107. (Intervento presentato al convegno EWSN 2017 tenutosi a Uppsala, Sweden nel 20th-22th February 2017).
CerberOS: A Resource-Secure OS for Sharing IoT Devices
Crispo, Bruno;
2017-01-01
Abstract
To continue to grow, the Internet of Things (IoT) requires scalable and secure system software solutions for resource-constrained devices. To maximize return on investment of these devices, IoT platforms should support multiple third-party applications and adaptation of software over time. However, realizing the vision of shared IoT platforms demands not only strong guarantees on the confidentiality and integrity of application data, but also guarantees on the use of critical resources such as computation, sensors and energy. We refer to this vision as resource security . Prior research on Operating Systems (OS) for tiny IoT devices has focused on miniaturizing core functionality such as scheduling and communication and does not consider resource security. To address this problem, we introduce CerberOS, a resource-secure OS for sharing IoT devices. CerberOS enables multiple applications on constrained IoT devices while, for the first time, guaranteeing data confidentiality, integrity and secure resource management. Our approach is based upon the twin pillars of virtualization, which isolates applications, and contracts, which control application resource usage. Evaluation shows that CerberOS supports the secure coexistence of up to seven applications on a representative IoT device with a memory usage of 40KB ROM and 5KB RAM while preserving multi-year battery lifetimes| File | Dimensione | Formato | |
|---|---|---|---|
|
crispo - cerberos.pdf
Solo gestori archivio
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
786.04 kB
Formato
Adobe PDF
|
786.04 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
