Ensuring integrity of MUD-enabled plug-ins for Smart Home Gateways

Smart homes, equipped with various home automation systems, have gained popularity but also face significant cybersecurity challenges. To address these concerns, the Internet Engineering Task Force (IETF) introduced a new stan- dard, Manufacturer Usage Description (MUD), which employs a white-list ap- proach to enhance IoT security. This standard requires IoT device manufac- turers to provide MUD files specifying the allowed communication endpoints, effectively mitigating the risk of unauthorized access and distributed denial of service (DDoS) attacks. One critical aspect of ensuring the security of smart home environments lies in the authentication of plug-ins and the associated MUD files. The authen- tication process plays a pivotal role in verifying the legitimacy of the plug-ins and the communication endpoints specified within the MUD files. However, this aspect is often overlooked or not given sufficient attention in existing research. In order to enhance the authentication processes within smart home en- vironments, the proposed solution will leverage the Codenotary Community Attestation service (CAS). CAS is a robust and reliable platform that provides attestation services for software artifacts, ensuring their integrity and authen- ticity. By integrating CAS into the authentication framework, the master thesis aims to establish a trusted and verifiable chain of custody for plug-ins and their associated MUD files. CAS will generate cryptographic proofs, such as digital signatures to attest the authenticity and integrity of the submitted artifacts. These cryptographic proofs will serve as evidence that the plug-ins and MUD files have not been tampered with or modified during transmission or storage. The smart home gateway can then verify the validity of these proofs. This process ensures that only authenticated and unaltered plugin-ins are accepted and processed by the gateway. By leveraging CAS, the authentication framework adds an additional layer of trust and confidence to the authentication process. Plug-ins developers and smart home users can have increased assurance that the plug-ins and their associated MUD files are genuine, reducing the risk of unauthorized access or compromised security within the smart home environment. By addressing the authentication challenges in the context of smart home gateways and MUD-enabled plugins, this research not only contributes to the overall security of smart homes but also establishes a foundation for trustworthy and secure interactions between different IoT devices and their associated plug- ins.