Trustworthy Configuration Management for Networked Devices using Distributed Ledgers

TL;DR

This paper proposes a blockchain-based configuration management system for IoT devices that ensures security, accountability, and multi-party authorization to prevent insider and outsider attacks.

Contribution

It introduces a novel CMS leveraging Hyperledger Fabric to enforce multi-party approval, accountability, and tamper-resistance in IoT configuration management.

Findings

Achieves Byzantine fault tolerance through multi-party authorization.

Ensures accountability and traceability in configuration changes.

Utilizes blockchain for tamper-resistant configuration storage.

Abstract

Numerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to achieve Byzantine fault tolerance against attacks and faults by administrators. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.