Visible to the public Trustworthy configuration management for networked devices using distributed ledgers

TitleTrustworthy configuration management for networked devices using distributed ledgers
Publication TypeConference Paper
Year of Publication2018
AuthorsKinkelin, Holger, Hauner, Valentin, Niedermayer, Heiko, Carle, Georg
Conference NameNOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium
Date Publishedapr
Keywordsauthorisation, Authorization, blockchain-based distributed ledger, Building automation, Byzantine fault tolerant configuration management system, CMS, composability, Configuration Management, configuration management process, control engineering computing, critical configurations, data leaks, distributed execution environment, distributed ledgers, Fabrics, Fault tolerance, fault tolerant computing, individual malicious administrators, industrial sites, Internet of Things, IoT applications, IT systems, message authentication, Metrics, multiparty authorization, network accountability, networked devices, Organizations, physical world, process control, Proposals, pubcrawl, Resiliency, security of data, security threats, strong connection, targeted devices, Traceability, trustworthy configuration management
AbstractNumerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a Byzantine fault tolerant configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to prevent individual malicious administrators from performing undesired actions. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.
DOI10.1109/NOMS.2018.8406324
Citation Keykinkelin_trustworthy_2018