Edge Computing Security: Device Attestation as a Solid Foundation for a Trusted Edge
This post is part 5 of the series. Read part 1 here / Read part 2 here / Read part 3 here / Read part 4 here
Implementing a proper solution for device attestation builds a solid foundation for raising the “trustworthiness level” of infrastructure or sources of information. Trust, however, is not a binary concept but rather a continuum. In other words, once you establish a foundation of trust, you can gradually increase the level of trust you associate with various aspects of an edge computing solution and the related information. In this context, device attestation is the foundation, the starting point.
Because device attestation allows the development of edge platforms that developers and users can trust regarding the underlying system (hardware & software platform), it is possible to layer additional types of attestation on top of it. Let’s now look at a few possible ways to leverage — and build on — that trust.
Leveraging device attestation to ensure the integrity of the edge system is increasing the “level of trust” regarding other attestation aspects directly associated with the device, its status, and the context in which it operates. Examples include information ranging from geo-position and local time to data about environmental and internal conditions such as temperature, humidity, acceleration, anti-tampering status, storage error rates, memory & CPU utilization, and communication throughput, among others.
Device ownership attestation is probably the most natural extension of device attestation. Knowing who a device belongs to is extremely important, especially from a management, maintenance, and compliance perspective. We referred to this aspect in previous parts of this series. One example we provided is zero-touch provisioning leveraging the IEEE 802.1AR concept of an LDevID to implement a customer or owner attestation. Ownership attestation also influences the other aspects of edge computing. For example, it is possible to restrict the deployment and execution of software according to device ownership. Ownership attestation is critical in multi-tenancy scenarios since it ensures that all tenants are authorized to leverage the device as intended and, in turn, get the assurance that the device is under the authority of a trusted provider.
Edge application attestation affirms that application software comes from the expected source and remains in a defined condition — ensuring its integrity. Similar to verifying a software download using a public key, edge application code can be packaged and signed in ways that support ongoing verification as it is used — just in a secure, highly automated way.
Data flow attestation can certify that data is unaltered from its source to all of its destinations. To an extent, data flow attestation can additionally certify that only intended recipients have been able to access the data. Data flow attestation supports access traceability. Management of data sovereignty becomes far easier when access traceability is enabled.
Clearly, device attestation is an enabler for all sorts of other layered security measures. However, there are many other aspects to consider in edge computing and IoT security. Examples include secure communication and lifecycle management, secure remote access, logging, (rule-based) access control, and other system and hardware-related security features like anti-tampering or secure boot. Or using AI and analytics at the edge for anomaly detection to address some of the security challenges introduced. This is especially important when integrating legacy assets and technologies in the field. Machine learning can be leveraged in the context of field assets and network traffic by establishing a baseline and identifying deviations from expected patterns.
We did not touch in this article on many other edge computing and IoT security aspects that benefit from solid device attestation, like security management & operations and security certifications and compliance. For example, strategies for handling compromised devices and their data are highly relevant to an informed security posture. But requirements and best practices vary from industry to industry and are also influenced by local regulations. They are also beyond the scope of this article.
Given how rich the topic of edge security is, you can expect us to revisit it frequently in future posts on The Edge of Things.
All Edge of Things contributors belong to Eclipse Foundation member organizations or are Foundation staff. The contributors to this particular post are Robert Andres (Eurotech), Frédéric Desbiens (Eclipse Foundation), and Kilton Hopkins (Edgeworx).
