Browse Prior Art Database

FOG BASED ATTESTATION - INLINE DATAPLANE BASED INTEGRITY VALIDATION AND EVENT BASED ATTESTATION QUERY

IP.com Disclosure Number: IPCOM000245102D
Publication Date: 2016-Feb-08
Document File: 7 page(s) / 128K

Publishing Venue

The IP.com Prior Art Database

Related People

Carlos M. Pignataro: AUTHOR [+4]

Abstract

A process is presented that uses extensions to offload a hashing value for sensors to edge nodes. The hashing value can be included in an IPv6 Extension Header (in all packets, few packets, on-demand/request based). Any deviation in hashing is detected, and an instruction may be sent to a server using various extensions to trigger integrity/attestation validation. This provides an event-based integrity validation trigger from server to sensor. Until the integrity validation is completed, all the packets from the sensors may be dropped. Thus, a dataplane-based integrity validation process is provided that achieves faster abnormality detection and prevents the falsified data from affecting the service.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 27% of the total text.

Page 01 of 7

FOG BASED ATTESTATION - INLINE DATAPLANE BASED INTEGRITY VALIDATION AND EVENT BASED ATTESTATION QUERY

AUTHORS:

 Carlos M. Pignataro Nagendra Kumar Nainar Omar Santos

Jeff Apcar

CISCO SYSTEMS, INC.

ABSTRACT

    A process is presented that uses extensions to offload a hashing value for sensors to edge nodes. The hashing value can be included in an IPv6 Extension Header (in all packets, few packets, on-demand/request based). Any deviation in hashing is detected, and an instruction may be sent to a server using various extensions to trigger integrity/attestation validation. This provides an event-based integrity validation trigger from server to sensor. Until the integrity validation is completed, all the packets from the sensors may be dropped. Thus, a dataplane-based integrity validation process is provided that achieves faster abnormality detection and prevents the falsified data from affecting the service.

DETAILED DESCRIPTION

     Currently, there are different ways of checking the integrity of the IoT sensors. Examples include using a Trusted Platform Module (TPM), which is a hardware-based approach, and a memory filling technique, which is a software-based approach. Another approach uses any network protocol and any transport technology for interval-based polling, such as an out-of-band Low Power Wide Area Network (LPWAN) or LoRa™ techniques. In each of those approaches, the validation is based generally on a periodic timer based query. This may lead to a time interval where the data can be forged/compromised until the next query is triggered for validation.

Copyright 2016 Cisco Systems, Inc.

1


Page 02 of 7

    In the above-mentioned prior approaches, it is observed that they are based on a periodic OOB mechanism that is triggered to validate the integrity of the device and mark it as untrusted if required. In such scenarios, if a sensor is compromised and loaded with malicious code, it might affect other sensors or will provide falsified data until the next iteration of integrity validation triggered from the server. Presented herein are techniques to avoid this potential intrusion gap by offloading a hashing value and sensor information to the edge nodes and performing a dataplane-based validation to detect any anomaly. That is, the sensors are given / calculate the hashing value as well.

FIG. 1

    In the topology shown in FIG. 1, assume the sensors use any of those OOB mechanism defined in the prior approaches. Once the integrity validation on the hash value (from the program memory, MMU) is done, the hash value will be downloaded to the border nodes (Fog routers, 6LBR) using, for example, protocols such as Constrained Application Protocol (CoAP), MQ Telemetry Transport (MQTT), the YANG extension

Copyright 2016 Cisco Systems, Inc.

2


Page 03 of 7

(RFC 6020) and the Routing Protocol for Low-Power and Lossy Networks (RPL). The data offload is done selectively so that information relevant only to those set of PAN/Mesh ID is downloaded to the...