TY - GEN
T1 - Trustworthy configuration management for networked devices using distributed ledgers
AU - Kinkelin, Holger
AU - Hauner, Valentin
AU - Niedermayer, Heiko
AU - Carle, Georg
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/7/6
Y1 - 2018/7/6
N2 - Numerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a Byzantine fault tolerant configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to prevent individual malicious administrators from performing undesired actions. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.
AB - Numerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a Byzantine fault tolerant configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to prevent individual malicious administrators from performing undesired actions. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.
UR - http://www.scopus.com/inward/record.url?scp=85050688397&partnerID=8YFLogxK
U2 - 10.1109/NOMS.2018.8406324
DO - 10.1109/NOMS.2018.8406324
M3 - Conference contribution
AN - SCOPUS:85050688397
T3 - IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018
SP - 1
EP - 5
BT - IEEE/IFIP Network Operations and Management Symposium
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2018 IEEE/IFIP Network Operations and Management Symposium, NOMS 2018
Y2 - 23 April 2018 through 27 April 2018
ER -