A Scheme of Measurement for Terminal Equipment Based on DICE in IoT

doi:10.3969/j.issn.1671-1122.2020.04.003

Abstract

Abstract:

With the widespread applications of the IoT, the security protection of terminal device is weak and the security events occurr frequently. Only effective measures are taken from the bottom of the system, the security of IoT can be improved. As the latest achievement of the trusted computing, DICE technology applies a new solution for security problems of IoT terminal. It can provide not only device identity protection, data encryption and identity authentication, but also the updating mechanism coping with the complex IoT environment. Based on the DICE technology, it takes the RFID reader as the research object in this paper. By analyzing the startup process of this device, an approach of the establishment and extension of the chain of trust is designed and the scheme of DICE-based mesurement and updating for IoT terminal is proposed, which can ensure the security of read-write operation and data uploading of the RFID reader. In the C compiler environment, the scheme of chain of trust transfer and measurement based on DICE are implemented.

Key words: IoT, trusted computing, DICE, TPM

CLC Number:

TP309

CHEN Lu, SUN Yajie, ZHANG Liqiang, CHEN Yun. A Scheme of Measurement for Terminal Equipment Based on DICE in IoT[J]. Netinfo Security, 2020, 20(4): 21-30.

Figures/Tables 13

References 16

[1]	Trusted Computing Group. RIoT[EB/OL]. , 2016-6-15.
[2]	Trusted Computing Group. Implicit Identity Based Device Attestation[EB/OL]. admin@trustedcomputinggroup.org, 2016-3-5.
[3]	HUA Cunqing.A Survey of Security Detection and Protection for Internet of Things[J]. Journal of Shanghai Jiaotong University, 2018, 52(10): 1307-1313.
	化存卿. 物联网安全检测与防护机制综述[J]. 上海交通大学学报,2018,52(10):1307-1313.
[4]	COSTIN A, ZADDACH J, FRANCILLON A.A Large-scale Analysis of the Security of Embedded Firmwares[C]//ACM. 23rd USENIX conference on Security Symposium, August 19, 2014, Berkeley, CA, US. New York: ACM, 2014: 95-110.
[5]	KHOKHLOV I, REZNIK L.Data Security Evaluation for Mobile Android Devices[C]//IEEE. 20th Conference of Open Innovations Association(FRUCT), April 3-7, 2017, Petersburg, Russia. New Jersey: IEEE, 2017: 154-160.
[6]	MAVROPOULOS O, MOURATIDIS H, FISH A, et al.ASTO: A Tool for Security Analysis of IoT Systems[C]//IEEE. 15th International Conference on Software Engineering Research, Management and Applications, June 7-9, 2017, London, UK. New Jersey: IEEE, 2017:395-400.
[7]	RAZA S, WALLGREN L, VOIGT T.SVELTE:Real-time Intrusion Detection in the Internet of things[J]. Ad Hoc Networks, 2013, 11(8): 2661-2674.
[8]	NDIBANJE B, LEE H J, LEE S G.Security Analysis and Improvements of Authentication and Access Control in the Internet of Things[J]. Sensors, 2014, 14(8): 14786-14805.
[9]	NI Mingtao, ZHAO Bo, WU Fusheng, et al.CREBAD: Chip Radio Emission Based Anomaly Detection Scheme of IoT Devices[J]. Journal of Computer Research and Development, 2018, 55(7): 1451-1461.
	倪明涛,赵波,吴福生,等. CREBAD:基于芯片辐射的物联网设备异常检测方案[J]. 计算机研究与发展,2018,55(7):1451-1461.
[10]	WU Zhenqiang, ZHOU Yanwei, MA Jianfeng.A Security Transmission Model for Internet of Things[J]. Chinese Journal of Computers, 2011, 34(8): 1351-1364.
	吴振强,周彦伟,马建峰. 物联网安全传输模型[J]. 计算机学报,2011,34(8):1351-1364.
[11]	RHEE K, KWAK J, KIM S.Challenge-response based RFID Authentication Protocol for Distributed Database Environment[C]//Springer. 2nd International Conference on Security in Pervasive Computing(SPC 2005), April 6-8, 2005, Boppard, Germany. Heidelberg: Springer, 2005: 70-84.
[12]	Golle P, Jakobsson M, Juels A, et al.Universal Re-encryption for Mixners[C]//Springer. The Cryptographers’ Track at the RSA Conference 2004(CT-RSA 2004), February 23-27, 2004, San Francisco, CA, USA. Heidelberg: Springer, 2004: 163-178.
[13]	ZHOU Yongbin, FENG Dengguo.Design and Analysis of Cryptographic Protocols for RFID[J]. Chinese Journal of Computers, 2006, 29(4): 581-589.
	周永彬,冯登国. RFID安全协议的设计与分析[J]. 计算机学报,2006,29(4):581-589.
[14]	JUELS A.RFID Security and Privacy: a research survey[J]. IEEE Journal on Selected Areas in Communication, 2006, 24(2): 381-394.
[15]	ZHANG Jiawei.Research and Implementation of Trusted Computing Platform Based on Linux[J]. Beijing: Beijing University of Posts and Telecommunication, 2018.
	张家伟. 基于Linux的可信计算平台研究与实现[D]. 北京:北京邮电大学,2018.
[16]	WANG Juan, SHI Yuan, PENG Guojun, et al.Survey on Key Technology Development and Application in Trusted Computing[J]. China Communication, 2016(11): 69-90.