Verlagslink DOI: 10.5555/3578948.3578956
Titel: Usable security for an IoT OS : integrating the zoo of embedded crypto components below a common API
Sprache: Englisch
Autorenschaft: Boeckmann, Lena 
Kietzmann, Peter 
Lanzieri Rodriguez, Leandro 
Schmidt, Thomas C.  
Wählisch, Matthias 
Schlagwörter: Internet of Things; Embedded Security; Crypto Hardware
Erscheinungsdatum: 18-Jan-2023
Verlag: Association for Computing Machinery
Teil der Schriftenreihe: Proceedings of the 2022 International Conference on Embedded Wireless Systems and Networks 
Anfangsseite: 84
Endseite: 95
Konferenz: International Conference on Embedded Wireless Systems and Networks 2022 
Zusammenfassung: 
IoT devices differ widely in crypto-supporting hardware, ranging from no hardware support to powerful accelerators supporting numerous of operations including protected key storage. An operating system should provide uniform access to these heterogeneous hardware features, which is a particular challenge in the resource constrained IoT. Effective security is tied to the usability of cryptographic interfaces. A thoughtful API design is challenging, and it is beneficial to re-use such an interface and to share the knowledge of programming embedded security widely.

In this paper, we integrate an emerging cryptographic interface into usable system-level calls for the IoT operating system RIOT, which runs on more than 200 platforms. This interface supports ID-based key handling to access key material in protected storage without exposing it to anyone. Our design foresees hardware acceleration on all available variants; our implementation integrates diverse cryptographic hardware and software backends via the uniform interface. Our performance measurements show that the overhead of the uniform API with integrated key management is negligible compared to the individual crypto operation. Our approach enhances the usability, portability, and flexibility of cryptographic support in the IoT.
URI: http://hdl.handle.net/20.500.12738/14878
Begutachtungsstatus: Diese Version hat ein Peer-Review-Verfahren durchlaufen (Peer Review)
Einrichtung: Department Informatik 
Fakultät Technik und Informatik 
Dokumenttyp: Konferenzveröffentlichung
Enthalten in den Sammlungen:Publications without full text

Zur Langanzeige

Seitenansichten

58
checked on 26.11.2024

Google ScholarTM

Prüfe

HAW Katalog

Prüfe

Volltext ergänzen

Feedback zu diesem Datensatz


Alle Ressourcen in diesem Repository sind urheberrechtlich geschützt.