Abstract
In this paper, we propose a holistic solution for the security management of the Internet of Things (IoT) devices. Following the “security-by-design” principle, we propose RECOnfigurable microserVices-based IoT (iRECOVer), where each IoT device has a fully modular software adopting a Microservices-based architecture. This architecture at the device level leads to a new generation of IoT devices, where an IoT device is composed of a set of programmable functional modules that can be plugged-in/out of the device dynamically. iRECOVer enables patching vulnerable modules of devices by unplugging and replacing them with secure and patched modules on-the-fly, with zero or minimal device downtime. Furthermore, the security management of deployed IoT devices is automated by supporting the remote activation/deactivation of modules inside the device. We also discuss how iRECOVer supports heterogeneous IoT devices by incorporating a custom-designed mitigation solution for each device. These mitigation solutions may consist of modules provided by different vendors or publicly available and verified modules, therefore reducing the development efforts as well as catering for the prevailing lack of security expertise in the IoT industry. We present an experimental evaluation of our solution by measuring the benefits in terms of reduced mitigation time, performance, and impact on device functionality. Our results, when compared with existing approaches, indicate that the proposed solution is able to achieve on-the-fly mitigation of deployed IoT devices in negligible time, while incurring a low CPU load and additionally requiring, on average, only 4.5% of the device’s memory.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.