IoT Device Authentication and Security
With IoT networks constantly expanding and becoming more powerful, maintaining the integrity of data and privacy has never been more important. Strong IoT device authentication is required to ensure connected devices on the IoT can be trusted.
Attacks and Breaches Escalate to Life-Threatening
Whether it’s a sensor-based device or used to perform a specific function, all devices are open to hacking unless preventative measures are taken. There are several examples of this, from disabling a surveillance monitor on a Turkish pipeline to attacks on medical devices such as insulin pumps and MRI machines. These attacks were potentially life-threatening and indicate that some hackers have no scruples when it comes to target selection or gaining bragging rights to fellow cybercriminals.
Other attacks seem less malicious but still provide food for thought. A baby monitor was hacked, allowing the hacker to talk directly to the infant.
In another widely publicized security flaw, a smart gun was able to be hacked due to 1) A
default network password that can’t be changed, and 2) The rifle is always listening for remote instructions, for example to change bullet trajectory — allowing administrative access that should only belong to the actual shooter holding the weapon.
Clearly, connected devices incorporate risk that could endanger lives or jeopardize the well-being of your company or family. To understand the risks, we first need to understand how devices communicate.
What is IOT Authentication?
Each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.
The ability to secure data and limit it to only those with the correct permissions is not a new idea and is used extensively in many industries. The security needs and requirements of devices vary widely. Similar with communications – some devices connect using proximity-based protocols such as Bluetooth, RFID (radio frequency identification), or Wi-Fi while others use GPS, 4G or are hard-wired.
Connecting them is often as easy as scanning for nearby devices, by inputting a short code (that may or may not be changed from a default) or by using a form of multi-factor authentication to verify device and recipient permissions.
Security Device Identities with Vouch
What is an Intelligent Device – from a security POV?
Using the example of a connected home device, a common definition of a “smart device” is a device that is able to gather data from its environment (e.g. human movement) and then adapt to achieve a certain outcome (e.g. turn on the air conditioning, adjusting to a certain temperature) without the requirement of a human interaction.
Foundational device-level intelligence should include the ability for the device to validate any actions executed or requested by the device against the chain of custody data.
To be truly self-securing, devices should be capable of performing these basic awareness checks:
- On power-up or startup – check that the installed software is the authentic build that it should be running – against an immutable source that is decentralized and can be absolutely trusted.
- When prompted to install an update – verify that the identity-making the request is authentic and authorized, and check that the build is authentic and the policy is correct.
- When connecting to another device –
- Check the authenticity of the identity of the other device and that the policy allows for connecting to that device for each use case (e.g. data sharing).
- Allow other devices to check the authenticity and identity of the device prior to activity.
- Communicate audit data to manufacturer or operator – Report back to the manufacturer or operator on all audit activity to ensure a consistent chain of custody remains intact.
- Confirm any aspect of authenticity – At any time (random, scheduled, remote), prior to activity, a device should be able to verify any aspect of authenticity (identity, firmware authenticity, policy, etc.) to ensure no compromise has occurred.
How Vouch Secures Devices
Integrating Vouch into the Device and Firmware Ecosystem
To secure IOT devices from the initial point of manufacturing, Vouch is integrated into the transaction approval processes orchestrated by 3rd party IoT platforms and infrastructure.
These processes perform operations such as: onboarding, firmware management, updates, dashboard, monitoring, network configuration, etc. and include solutions from companies such as AWS, Azure, IBM, ThingWorx, Cisco, Bosch and Google.
Vouch integrates to existing IoT platforms and infrastructure through plugins to perform authentication and authorization for the security-critical aspects of manufacturing processes such as device provisioning, the promotion of production firmware into release, updates, etc.
Vouch capabilities employed for this purpose include:
Vouch Identity Endorsement Engine
Creates and authenticates the identity of the people involved in the process
Delivers granular identity authorization permissions control across the roles of teams that orchestrate the process
Enforces the number of team members required to authorize a particular process step, appropriate to the risk level, audit, and chain of custody requirements
Vouch Audit Engine
Maintains an immutable record of every transaction in the system – “who did what, when”
Enabling Device-Level Awareness Checks
Vouch injects digital signatures into the device firmware/software using the device identity private key and different messaging techniques via common protocols such as MQTT, HTTP and others.
A variety of messaging techniques are utilized to inject the digital signature:
- Repurpose of the basic authentication mechanism – where Vouch passes along the device token info (embedding the device id and replay attack data) and a digital signature as username and password.
- Signature of the actual message content itself – where Vouch embeds the signature as a header or in the message body. This approach is valuable if the message represents a high value transaction and there is a desire to verify the authenticity in a downstream system with absolute trust.
- Using AWS IOT – where the signature is easily implemented using a custom authorizer, where a custom Lambda is triggered to verify the device token and signature headers with Vouch.
To support scaling in large manufacturing environments, device identities can be either onboarded by a human or automated within an existing process by establishing a keypair on the device by a variety of methods:
- Using application software
- Inside of a TPM (Trusted Platform Module), or
- Inside a TEE (Trusted Execution Environment)
The public part of the keypair is stored with the device identity on the Vouch Blockchain Network and a signed approval transaction is published.
The Vouch Identity Trust Platform enables a breakthrough level of security for IOT – establishing absolute trust for each of the elements of the IOT ecosystem – including each human, device and the software that IOT devices are affected by.
For IOT manufacturers Vouch provides absolute trust from the manufacturing process through device operation and device authenticity, establishing a tamper-proof audit trail with a full chain of custody intact.
Vouch solves many of the complex security, scalability, and commercial issues facing today’s IOT manufacturers and software developers.