CRAFT: A Continuous Remote Attestation Framework for IoT

L. Moreau; E. Conchon; D. Sauveron

doi:10.1109/ACCESS.2021.3067697

IEEE Access (Jan 2021)

CRAFT: A Continuous Remote Attestation Framework for IoT

L. Moreau,
E. Conchon,
D. Sauveron

Affiliations

L. Moreau: ORCiD; XLIM Laboratory, UMR CNRS 7252, Université de Limoges, Limoges, France
E. Conchon: ORCiD; XLIM Laboratory, UMR CNRS 7252, Université de Limoges, Limoges, France
D. Sauveron: ORCiD; XLIM Laboratory, UMR CNRS 7252, Université de Limoges, Limoges, France

DOI: https://doi.org/10.1109/ACCESS.2021.3067697
Journal volume & issue: Vol. 9
pp. 46430 – 46447

Abstract

Read online

As Internet of Things (IoT) networks keep growing with regards to the number of devices they contain, they become more attractive targets for attackers. Protecting these networks and the IoT devices they encompass is a major security challenge, and remote attestation enables checking of the integrity of devices (and thus networks). There are three categories of existing remote attestation protocols: software, hardware and hybrid attestation protocols. However, they all tackle specific issues only, such as small networks, IoT swarms, static networks, device-to-device attestation and network attestation. To provide as generic a solution as possible, which enhances security, we propose CRAFT, the first agnostic continuous remote attestation framework for IoT. CRAFT can be used in any real-world IoT network topology and can use any preexisting remote attestation protocol while remaining open to upgrades and extensions. A rigorous performance evaluation shows that CRAFT is very flexible and improves network security with little or no overhead, depending on the chosen parameters.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords