IoT Device Profiling: From MUD Files to S×C Contracts

Security is a serious, and often neglected, issue in the Internet of Things (IoT). In order to improve IoT security, researchers proposed to use Security-by-Contract (S×C), a paradigm originally designed for mobile application platforms. However, S×C assumes that manufacturers equip their devices with security contracts, which makes hard to integrate legacy devices with S×C. In this paper, we explore a method to extract S×C contracts from legacy devices’ Manufacturer Usage Descriptions (MUDs). We tested our solution on 28 different MUD files, and we show that it is possible to create basic S×C contracts, paving the way to complete extraction tools.

Matthíasson, Guðni; Giaretta, Alberto; Dragoni, Nicola (2020): IoT Device Profiling: From MUD Files to S×C Contracts. Open Identity Summit 2020. DOI: 10.18420/ois2020_12. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-699-2. pp. 143-154. Regular Research Papers. Copenhagen, Denmark. 26.-27. May 2020

Schlagwörter

Internet of Things , S×C , Security-by-Contract , MUD , Manufacturer Usage Description , Device profiling

DOI

10.18420/ois2020_12

Sammlungen

P305 - Open Identity Summit 2020

Komplettanzeige

IoT Device Profiling: From MUD Files to S×C Contracts

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen