Author:

Abstract:

Networked embedded systems are slowly gaining more acceptance in mainstream applications. This causes a shift in the paradigms regarding research and development. While classic research often focused on single-purpose and single-owner networks, we are seeing that modern applications no longer adhere to these paradigms. Rather embedded networks will consist of devices owned by many different parties, and these devices will need to be accessible by many different users. As such, there is a clear need for security in these networked embedded systems. This thesis aims to answer two questions: (1) what are the necessary abstractions required by the different stakeholders to express their security policies and requirements, and (2) what is the minimal required infrastructure to secure all crucial multi-party interactions, with as little overhead as possible. While classic approaches for both embedded and back-end systems provide a useful starting point, we do see significant gaps in the work for both abstractions and security infrastructure. Current related work in networked embedded systems provides several abstractions to model the underlying platform or the data produced, but none to actually model the security policies or requirements. There are some generic security policy declaration languages, which provide a way to express data, but do not provide the necessary abstractions to enable systems to operate. While looking at available infrastructure, we see that related work mainly proposes point solutions for specific types of interactions, but does not provide a holistic infrastructure securing all crucial multi-party interactions. Second, related work for resource constrained embedded networks still only focus on single-owner networks, while research for multi-owner embedded networks always uses resource intensive algorithms to ensure security. The two key contributions presented in this thesis are: (1) a set of abstractions that provides the stakeholders with the necessary means to express their security policies and requirements, and (2) a security middleware that secures the multi-party interactions driven by the previously mentioned policies. These contributions together from the SecLooCI security middleware framework. To develop the abstractions, we defined three stakeholder roles: the application owner, the platform owner, and the network owner. For each of these three roles, we designed a set of abstractions to express their relevant security requirements and policies. These abstraction then drive the security middleware, which consists of five sub-systems, each of which secures one of the 5 key multi-party interactions: (1) network join, (2) application deployment, (3) node service usage, (4) application communication, and (5) application monitoring. These five sub-systems, together with the policy abstractions, form the SecLooCI framework, which provides the necessary functionality for all stakeholders to secure their systems, and offers clear points of modification to allow application specific customisation. These contributions are validated on state-of-the-art constrained embedded platforms, in the form of an integrated prototype implementation. This implementation is validated through a number of representative scenarios derived from industry collaborations in the domain of smart logistics and smart offices. Additionally these contributions were published into multiple peer-reviewed venues. These results show that the SecLooCI middleware is able to secure multi-party ecosystems on current constrained embedded platforms.