A Comprehensive Framework for Building Highly Secure, Network-Connected Devices: Chip to App

• URL: http://arxiv.org/abs/2501.13716v1
• Date: Thu, 23 Jan 2025 14:44:34 GMT
• Title: A Comprehensive Framework for Building Highly Secure, Network-Connected Devices: Chip to App
• Authors: Khan Reaz, Gerhard Wunder,
• Abstract summary: This paper proposes a holistic approach to securing network-connected devices. At the hardware level, we focus on secure key management, reliable random number generation, and protecting critical assets. For secure communication, we emphasize TLS 1.3 and optimized cipher suites tailored for both standard and resource-constrained devices.
• Score: 1.4732811715354452
• License:
• Abstract: The rapid expansion of connected devices has amplified the need for robust and scalable security frameworks. This paper proposes a holistic approach to securing network-connected devices, covering essential layers: hardware, firmware, communication, and application. At the hardware level, we focus on secure key management, reliable random number generation, and protecting critical assets. Firmware security is addressed through mechanisms like cryptographic integrity validation and secure boot processes. For secure communication, we emphasize TLS 1.3 and optimized cipher suites tailored for both standard and resource-constrained devices. To overcome the challenges of IoT, compact digital certificates, such as CBOR, are recommended to reduce overhead and enhance performance. Additionally, the paper explores forward-looking solutions, including post-quantum cryptography, to future-proof systems against emerging threats. This framework provides actionable guidelines for manufacturers and system administrators to build secure devices that maintain confidentiality, integrity, and availability throughout their lifecycle.

Related papers

• Quantum-enabled framework for the Advanced Encryption Standard in the post-quantum era [0.0]
  This paper presents an improved version of the Advanced Encryption Standard (AES) that uses quantum technology to strengthen protection. The system generates encryption keys using quantum randomness instead of predictable computer algorithms, making keys virtually impossible to guess. Organizations can implement this solution in stages--starting with hybrid mode for sensitive data while keeping older systems operational.
  arXiv  Detail & Related papers  (2025-02-04T16:11:37Z)
• An Efficiency Firmware Verification Framework for Public Key Infrastructure with Smart Grid and Energy Storage System [0.6757476692230008]
  Rapid evolution of smart grids has attracted numerous nation-state actors seeking to disrupt the power infrastructure of adversarial nations. We propose a digital signing and verification framework grounded in Public Key Infrastructure (PKI), specifically tailored for resource-constrained devices such as smart meters.
  arXiv  Detail & Related papers  (2025-01-10T05:43:31Z)
• Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC) ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic. We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
  We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
  arXiv  Detail & Related papers  (2024-05-03T07:18:45Z)
• Software-based Security Framework for Edge and Mobile IoT [0.5735035463793009]
  This work focuses on designing secure communication among remote servers and embedded IoT devices. The proposed approach uses lightweight cryptography, optimizing device performance and security without overburdening their limited resources.
  arXiv  Detail & Related papers  (2024-04-09T16:25:13Z)
• HOACS: Homomorphic Obfuscation Assisted Concealing of Secrets to Thwart Trojan Attacks in COTS Processor [0.6874745415692134]
  We propose a software-oriented countermeasure to ensure the confidentiality of secret assets against hardware Trojans. The proposed solution does not require any supply chain entity to be trusted and does not require analysis or modification of the IC design. We have implemented the proposed solution to protect the secret key within the Advanced Encryption Standard (AES) program and presented a detailed security analysis.
  arXiv  Detail & Related papers  (2024-02-15T04:33:30Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
  We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes. SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices. We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
  arXiv  Detail & Related papers  (2023-09-26T08:11:38Z)
• Smart Home, security concerns of IoT [91.3755431537592]
  The IoT (Internet of Things) has become widely popular in the domestic environments. People are renewing their homes into smart homes; however, the privacy concerns of owning many Internet connected devices with always-on environmental sensors remain insufficiently addressed. Default and weak passwords, cheap materials and hardware, and unencrypted communication are identified as the principal threats and vulnerabilities of IoT devices.
  arXiv  Detail & Related papers  (2020-07-06T10:36:11Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.