IoT Notary: Sensor Data Attestation in Smart Environment

TL;DR

IoT Notary is a framework that ensures trust in sensor data within IoT environments by providing verifiable proofs of data integrity, addressing privacy and security concerns in smart spaces.

Contribution

It introduces IoT Notary, a novel system for secure log sealing and data attestation in IoT, integrated into TIPPERS for real-time location services.

Findings

Verifies sensor data integrity with less than two seconds per day.

Imposes nominal overheads for verification.

Successfully deployed in a real-world campus environment.

Abstract

Contemporary IoT environments, such as smart buildings, require end-users to trust data-capturing rules published by the systems. There are several reasons why such a trust is misplaced --- IoT systems may violate the rules deliberately or IoT devices may transfer user data to a malicious third-party due to cyberattacks, leading to the loss of individuals' privacy or service integrity. To address such concerns, we propose IoT Notary, a framework to ensure trust in IoT systems and applications. IoT Notary provides secure log sealing on live sensor data to produce a verifiable `proof-of-integrity,' based on which a verifier can attest that captured sensor data adheres to the published data-capturing rules. IoT Notary is an integral part of TIPPERS, a smart space system that has been deployed at UCI to provide various real-time location-based services in the campus. IoT Notary imposes nominal overheads for verification, thereby users can verify their data of one day in less than two seconds.