Trustworthy configuration management for networked devices using distributed ledgers

Holger Kinkelin, Valentin Hauner, Heiko Niedermayer, Georg Carle

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

7 Scopus citations

Abstract

Numerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a Byzantine fault tolerant configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to prevent individual malicious administrators from performing undesired actions. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.

Original languageEnglish
Title of host publicationIEEE/IFIP Network Operations and Management Symposium
Subtitle of host publicationCognitive Management in a Cyber World, NOMS 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-5
Number of pages5
ISBN (Electronic)9781538634165
DOIs
StatePublished - 6 Jul 2018
Event2018 IEEE/IFIP Network Operations and Management Symposium, NOMS 2018 - Taipei, Taiwan, Province of China
Duration: 23 Apr 201827 Apr 2018

Publication series

NameIEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018

Conference

Conference2018 IEEE/IFIP Network Operations and Management Symposium, NOMS 2018
Country/TerritoryTaiwan, Province of China
CityTaipei
Period23/04/1827/04/18

Fingerprint

Dive into the research topics of 'Trustworthy configuration management for networked devices using distributed ledgers'. Together they form a unique fingerprint.

Cite this