NSF-logo

Security Architectures and Protocols for
Dynamic Networks of Cyber Physical Devices

[ Motivation | Objectives | People | Papers | Presentations | Funding ]
Motivation

Dynamic networks allow cyber physical devices to connect opportunistically to share and process data gathered from the physical world. This project concerns dynamic networks of emerging cyber physical devices, such as smart phones and on-board embedded computing devices, that combine sensors with general-purpose computing environments. These dynamic networks provide a powerful platform of networked devices with significant computation, communication and storage capabilities. However, the opportunistic nature of dynamic networks also raises important security concerns.

Computations in dynamic networks, such as those needed for query processing, may be distributed to several untrusted devices. Some of these devices may be malicious in intent and affect the integrity of computation. It is therefore key to have mechanisms that allow one device to establish the trustworthiness of another device in the dynamic network. Without such mechanisms, devices in a dynamic network may be unwilling to participate or only provide limited access to their resources, which will in turn severely limit the enormous potential of dynamic networks.

Research Objectives

Our research aims to develop new trust establishment mechanisms for dynamic networks. Existing mechanisms to establish trust, notably techniques based on trusted computing, are not directly applicable to dynamic networks of resource-constrained cyber physical devices. In particular, previously proposed trusted computing protocols that allow a prover device to establish its integrity with a verifier device (e.g., IBM's IMA) are interactive and transfer large amounts of data between these devices. These protocols are therefore resource-intensive, both in terms of energy consumption and network bandwidth. Moreover, trusted computing protocols require the prover device to be equipped with trusted hardware, such as a Trusted Platform Module (TPM) or Mobile Trust Module (MTM) chip, and are therefore not applicable to cyber physical devices that lack such hardware.

This project is pursuing a three-pronged research plan that will enable trust establishment in dynamic networks of resource-constrained devices. First, we intend to conduct a comprehensive study of the resource bottlenecks of current trust establishment protocols. Through this study, we aim to better understand the energy and communication costs of existing trusted computing protocols. Second, based on the insights gained from this study, we will develop resource-aware attestation protocols for cyber physical devices that are equipped with trusted hardware. Third, we will develop protocols for trust establishment in heterogeneous dynamic networks, in which some devices may lack trusted hardware. Our research will be conducted and deployed using the Sarana dynamic network programming infrastructure.

As cyber physical devices become increasingly powerful and more widely used, dynamic networks will provide an effective infrastructure to harness the power of these devices to form a highly-distributed, cloud-like infrastructure for computations involving the physical world. Our research provides a basis to secure such dynamic networks. In turn, these mechanisms will encourage even more devices to participate, thereby unleashing the full potential of dynamic networks as a distributed computing infrastructure.

People

Faculty

Students

Related Publications
Presentations
Funding