Collaborative Research: CNS Core: Small: Retrofitting IoT Ecosystems with a Software-defined Overlay to Enforce Safety, Security, and Privacy Policies

合作研究：CNS 核心：小型：使用软件定义的覆盖层改造物联网生态系统，以执行安全、安保和隐私政策

• 批准号: 2007512
• 负责人: Endadul Hoque
• 金额: $ 25.01万
• 依托单位: Syracuse University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-10-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2007512&HistoricalAwards=false
• 关键词: Collaborative; Research; CNS; Core; Small; Collaborative; Research; CNS; Core; Small

The recent advancement in the Internet-of-Things (IoT) domain has substantially transformed many important sectors (e.g., manufacturing, healthcare, smart-home) by introducing programmable IoT platforms to fulfill their varying business needs. Such programmable platforms facilitate a user to bring together a collection of low-powered IoT devices to automatically carry out customized tasks at hand by installing various native and third-party automation apps. Unfortunately, many of these existing programmable IoT platforms do not provide adequate in-built security measures (e.g., fine-grained access control) to thwart risks from misbehaving (rogue/faulty) apps. As a result, a misbehaving app can exercise unrestricted access to the devices and thus, transition the IoT system to an undesirable and/or unsafe state. This can lead to financial loss, fatal consequences, or environmental disasters. This project focuses on defending IoT systems against such threats by preventing native and third-party apps from administering unexpected operations on IoT devices. The project develops a platform-agnostic solution, which has the potential to substantially improve the overall security, privacy and safety of existing programmable IoT systems. The foundational techniques developed in this project are also applicable to a variety of networked systems (e.g., mission-/safety-critical systems). To develop an effective solution, this collaborative research project relies on the insight that undesirable state transitions of the IoT system can be viewed as violations of the system's desired stateful invariants or policies. The system is expected to comply with these policies to ensure its safety, security, and privacy guarantees. The core objective of this research is to create a policy-guided defense mechanism which prevents an IoT system from entering into an undesired state, even at the presence of misbehaving apps, by dynamically enforcing user-defined policies at runtime. This project realizes the project's objective through three research thrusts. The first thrust designs a unified, expressive policy language to capture user-defined rich stateful policies, which would dictate the expected behavior of a system. The second thrust develops a software-defined overlay which not only generalizes heterogeneous IoT devices connected through several network technologies but also enables a platform-agnostic policy enforcement approach. The third thrust devises the necessary techniques to realize the high-level foundational developments from the preceding thrusts for real-world IoT ecosystems (e.g., smart-home, industrial control systems). With the goal of developing a competitive cybersecurity workforce, the theories and prototypes developed in this project are used to educate undergraduate and graduate students on the inherent design trade-offs in building practical, secure and resilient systems.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

通过引入可编程的IoT平台来满足其不同的业务需求，通过引入可编程的IoT平台，实质上改变了许多重要领域（例如制造业，医疗保健，智能家庭）的最新进步。这样的可编程平台可以促进用户组合一组低功耗的物联网设备，以通过安装各种本机和第三方自动化应用程序来自动执行手头定制的任务。不幸的是，这些现有的可编程物联网平台中的许多人没有提供足够的内置安全措施（例如，细粒度访问控制），以阻止行为不良（Rogue/Farry）应用程序的风险。结果，行为不当的应用程序可以行使对设备的不受限制访问，从而将IoT系统转变为不良和/或不安全状态。这可能导致经济损失，致命后果或环境灾难。该项目着重于通过防止本地和第三方应用程序对物联网设备进行意外操作来捍卫物联网系统免受此类威胁。该项目开发了一种平台不足的解决方案，该解决方案有可能大大提高现有可编程物联网系统的整体安全性，隐私和安全性。该项目中开发的基础技术也适用于各种网络系统（例如，任务/安全 - 关键系统）。为了开发有效的解决方案，该协作研究项目依赖于以下见解：物联网系统的不良状态过渡可以看作是违反该系统所需的状态不变或政策的行为。预计该系统将遵守这些政策，以确保其安全，保障和隐私保证。这项研究的核心目的是创建一种政策制定的防御机制，该机制通过在运行时动态执行用户定义的策略，以防止物联网系统进入不希望的状态，即使在存在不当应用程序的情况下。该项目通过三项研究实现了项目的目标。第一个推力设计了一种统一的表达政策语言，以捕获用户定义的丰富状态政策，这将决定系统的预期行为。第二个推力开发了一个软件定义的覆盖层，该覆盖层不仅概括了通过多种网络技术连接的异质IoT设备，而且还可以实现一种平台 - 不可固定的策略执行方法。第三个推力设计了必要的技术，以实现实际物联网生态系统（例如，智能家庭工业控制系统）的前面推力，实现高级基础发展。为了开发竞争性的网络安全劳动力，该项目中开发的理论和原型用于教育本科生和研究生在建立实用，安全和有弹性的系统的固有设计权衡方面。该奖项反映了NSF的立法使命，并被认为是通过基金会的智力效果和广泛的范围来评估的，并值得通过评估来进行评估。