Technical gazette, Vol. 31 No. 1, 2024.
Original scientific paper
https://doi.org/10.17559/TV-20230608000709
ASM: Augmented Security Module for Commercial IoT Devices
Heeseung Son
; School of Computing, College of Software, Kyung Hee University, 1732, Deogyeong-daero, Giheung-gu, Yongin-si, Gyeonggi-do 17104, Republic of Korea
Beom Seok Kim
orcid.org/0000-0002-9369-9126
; School of Computing, College of Software, Kyung Hee University, 1732, Deogyeong-daero, Giheung-gu, Yongin-si, Gyeonggi-do 17104, Republic of Korea
*
Jinsung Cho
; School of Computing, College of Software, Kyung Hee University, 1732, Deogyeong-daero, Giheung-gu, Yongin-si, Gyeonggi-do 17104, Republic of Korea
Ben Lee
; School of Electrical Engineering and Computer Science, Oregon State University, Corvallis 97331, OR, USA
* Corresponding author.
Abstract
The rapid expansion of the Internet of Things (IoT) has led to increased concerns regarding the security of IoT systems. Attacks targeting IoT devices, such as code injection and code reuse, have become more sophisticated, compromising device control and functionality. Existing security schemes, designed primarily for the ×86 architecture, are not well-suited for resource-constrained IoT devices. While numerous studies aim to strengthen IoT device security, practical implementation faces challenges due to time-to-market requirements and manufacturing costs. To address these issues, this paper proposes an Augmented Security Module (ASM) that provides essential security services for IoT devices within the same network, requiring minimal device modifications. The ASM includes Hardware Security Modules (HSMs) like Trusted Platform Module (TPM) and Secure Element (SE) to ensure data integrity and execute requested security services. By adding ASM Agents, which perform minimal operations to request security services, IoT devices can easily access the provided security services. The proposed ASM enables flexible adaptation to evolving security requirements at a low cost, meeting practical manufacturing and time-to-market demands. To validate the effectiveness of the proposed ASM, four representative scenarios are presented and analyzed, demonstrating its ability to enhance IoT device security and prevent attacks. The proposed ASM contributes to the widespread adoption of secure IoT systems by ensuring the security of IoT devices within the network.
Keywords
augmented security module; HSM; IoT security; security framework; security service
Hrčak ID:
312882
URI
Publication date:
31.12.2023.
Visits: 1.127 *