Browse Prior Art Database

DYNAMIC TRUST AND RISK SCORING USING LAST-KNOWN-PROFILE LEARNING

IP.com Disclosure Number: IPCOM000247388D
Publication Date: 2016-Aug-31

Publishing Venue

The IP.com Prior Art Database

Related People

Hazim Dahir: AUTHOR [+4]

Abstract

Presented herein is a distributed and dynamic security threat and risk calculation method for Internet of Things (IoT) environments. Dynamic changes of IoT infrastructure are detected, and a "Risk Score" profile is derived from multiple "current" or "previously known" factors about the sensor or previous communication patterns. The Risk Score is updated and maintained over time. This method allows for enumerating and classifying IoT asset value in large-scale IoT environments.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 16% of the total text.

Page 01 of 12

DYNAMIC TRUST AND RISK SCORING USING LAST-KNOWN-PROFILE LEARNING

AUTHORS:

Hazim Dahir Omar Santos

Jazib Fahim Yenu Gobena

CISCO SYSTEMS, INC.

ABSTRACT

    Presented herein is a distributed and dynamic security threat and risk calculation method for Internet of Things (IoT) environments. Dynamic changes of IoT infrastructure are detected, and a "Risk Score" profile is derived from multiple "current" or "previously known" factors about the sensor or previous communication patterns. The Risk Score is updated and maintained over time. This method allows for enumerating and classifying IoT asset value in large-scale IoT environments.

DETAILED DESCRIPTION

    The majority of sensors today are built with very light weight protocols with limited battery life. This trend is here to stay as sensors continue to get smaller in their form-factors in order to accommodate a wider set of applications and use-cases. Consequently, sensors are only able to share limited information about their identity with the upper layers of the stack when communicating with their first-hop gateway.

    Another challenge is that some of these sensors may go dormant for long periods of times ranging from a couple of days to months. The re-introduction of these devices can be risky as they could have been moved, compromised, or a rogue new sensor could have been added either maliciously or inadvertently. As a large number of sensors are placed in a variety of large-scale environments it may become difficult to authenticate and trust individual sensors based on information carried in the communication exchange. Typically, if a sensor is not trusted it may be allowed to connect to the network but not access or write to any applications. The data may or may not be stored and in some cases

Copyright 2016 Cisco Systems, Inc.

1


Page 02 of 12

that data may be extremely valuable especially once the sensor has been identified as a valid communicator into the application.

    In some cases, sensors from one project may end up being on a different project (and perhaps on a different authentication domain). Consider a scenario where sensors are used to monitor seismic activity in California for a project sponsored by a first entity. At the end of the assignment, the same sensors might be used to measure seismic activity in Japan for a project sponsored by a second entity. The authentication gateways and perhaps the authentication domains could be completely different based on the project type and the deployment scenario. Ignoring all other challenges around a large shared secret or public-key infrastructure deployment, a sensor can certainly be authenticated using a shared secret or public-key exchange. However, a successful authentication only validates the identity of the sensor (I am talking to the sensor that I should be talking to). It does not validate the business context (Is it registering/onboarding for the project that it should be a part of?) as well as the technical context (is i...