@article{Pahl2018c,

title = {Securing IoT microservices with certificates},

author = {Marc Oliver Pahl and Lorenzo Donini},

doi = {10.1109/NOMS.2018.8406189},

isbn = {9781538634165},

year  = {2018},

date = {2018-01-01},

journal = {IEEE/IFIP Network Operations and Management Symposium: Cognitive Management in a Cyber World, NOMS 2018},

pages = {1--5},

abstract = {The Internet of Things (IoT) consists of distributed computing nodes. With increasing processor power such nodes can be used as hosts for microservices. IoT services routinely processes security critical data that affects the privacy, safety, and security of users. However, suitable security mechanisms remain missing. Fundamental open challenges are the authentication of services, securing the metadata of services, and validating the correct functioning of security mechanisms on distributed entities under different authorities. In this paper we present a certificate- based methodology for authenticating services, securely adding information to their executables, and validating the correct functioning of distributed entities of our design. We add X.509 certificates with extended attributes to the service executables. By introducing different trust anchors, services and their metadata are protected through their entire life cycle from developers to the computing nodes running them. Our solution enables distributed nodes to verify the security properties locally. It enables reliably changing certificate properties across the distributed IoT nodes. It features autonomous certificate management. We evaluate the traffic caused by our autonomous certificate management process quantitatively. The presented solution is churn tolerant and applicable to diverse distributed systems.},

keywords = {Autonomous certificate management, Certificates, IoT, Microservices, Security, Unattended nodes, X.509},

pubstate = {published},

tppubtype = {article}

}