SlideShare a Scribd company logo

SCC (Security Control Center)

Junyoung Jung
Junyoung Jung

This document presents a Security Control Center (SCC) that monitors and analyzes security attacks on IoT devices. It discusses the need for an SCC due to increasing IoT security issues and lack of security in manufactured devices. The SCC collects information from IoT devices to monitor secure key storage, secure boot, firmware updates, remote attestation, login attempts, and network packets. It uses a client-server architecture with a web-based front-end for device management and security controls. A demonstration of the SCC is available online for device registration, monitoring, and firmware updates.

Technology
1 of 10
Download to read offline
- 1 - Mobile & Embedded System Lab. Dept. of Computer Engineering Kyung Hee Univ. SCC (Security Control Center) Presented by Junyoung Jung Capstone Design Ⅱ
- 2 - Kyung Hee University Mobile Embedded System Lab. Contents  Motivation  Related works  Proposed System  SCC: Security Control Center  Demonstration
- 3 - Kyung Hee University Mobile Embedded System Lab. Motivation  Recent Trends  Accelerated the launch of a variety of IoT products & services  Increased interest in IoT device security issues  Problems  Manufactured without considering security level  Absence of a security control system ▶ Difficult to respond to security attacks Need for a Security Control System (Collecting and Analyzing the information about security attacks.)
- 4 - Kyung Hee University Mobile Embedded System Lab. Related works  SecurePi: Secure Raspberry Pi (Using TPM*)  Linux based high-end secure COTS IoT device platform ① Secure Key Storage & Management ② Secure Boot ③ Secure Firmware Update ④ Remote Attestation ⑤ Secure Communication ⑥ Mandatory Access Control ⑦ Filesystem Integrity ⑧ Filesystem Encryption *TPM : Trusted Platform Module
- 5 - Kyung Hee University Mobile Embedded System Lab. Related works  SArduino: Secure Arduino (Using SE*)  RTOS/Firmware based Low-end secure COTS IoT device platform ① Secure Key Storage & Management ② Secure Boot ③ Secure Firmware Update ④ Remote Attestation ⑤ Secure Communication *SE : Secure Elements
- 6 - Kyung Hee University Mobile Embedded System Lab. Proposed System  Functional requirements (for performing Security Controls) ① Ensure availability of sensitive data ▶ Storing and managing the encryption key data in TPM/SE ▶ Secure Key Storage & Management Monitoring ② Ensure F/W integrity (Secure Boot) ▶ Firmware replacement attacks prevention ▶ Secure Boot Monitoring ③ Ensure secure F/W update ▶ The previous versions of firmware install prevention ▶ Secure Firmware Update Monitoring
- 7 - Kyung Hee University Mobile Embedded System Lab. Proposed System  Functional requirements (for performing Security Controls) ④ Ensure F/W integrity (Remote Attestation) ▶ Firmware replacement attacks prevention through other device ▶ Remote Attestation Monitoring ⑤ Detect the device login attempt ▶ Checking the login log(/var/log/auth.log) periodically ▶ Login Monitoring ⑥ Detect the device allow/deny packet ▶ Checking the iptables log periodically ▶ Packet Monitoring
- 8 - Kyung Hee University Mobile Embedded System Lab. SCC: Security Control Center  System Architecture IoT Control Platform SSL Administrator Web browser HTTP SCC-Server SCC-Web Database JSON On-demand Event Secure Pi SCC-Client SecureKeyManagement Monitor Front-end Back-end EJS Node.js .css .js express AJAX Transaction Upload the SCC-Client Info. to Database Remote Attestation Server Firmware Update Server Secure Boot Monitor SecureFWUpdate Monitor RemoteAttestation Monitor Login Monitor Packet Monitor SCC table LOG table …
- 9 - Kyung Hee University Mobile Embedded System Lab. Demonstration  http://163.180.118.193:3000 ① Device registration ② Device detail view ③ Device Firmware Update • Secure Key Storage & Management • Secure Boot • Secure Firmware Update • Remote Attestation ④ Login & Packet Monitoring
- 10 - Kyung Hee University Mobile Embedded System Lab. Thank you

Recommended

[Kcc poster] 정준영
[Kcc poster] 정준영[Kcc poster] 정준영
[Kcc poster] 정준영
Junyoung Jung
 
SecureIoT MVI use case pitch presentation
SecureIoT MVI use case pitch presentationSecureIoT MVI use case pitch presentation
SecureIoT MVI use case pitch presentation
Mariza Konidi
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system
UrmilasSrinivasan
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
Alan Tatourian
 
ME Information Security
ME Information SecurityME Information Security
ME Information Security
Mohamed Monsef
 
Data/File Security & Control
Data/File Security & ControlData/File Security & Control
Data/File Security & Control
Adetula Bunmi
 
IoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfuaIoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfua
Andy Shutka
 

Recommended

[Kcc poster] 정준영
[Kcc poster] 정준영[Kcc poster] 정준영
[Kcc poster] 정준영
Junyoung Jung
 
SecureIoT MVI use case pitch presentation
SecureIoT MVI use case pitch presentationSecureIoT MVI use case pitch presentation
SecureIoT MVI use case pitch presentation
Mariza Konidi
 
Security in an embedded system
Security in an embedded system Security in an embedded system
Security in an embedded system
UrmilasSrinivasan
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
Alan Tatourian
 
ME Information Security
ME Information SecurityME Information Security
ME Information Security
Mohamed Monsef
 
Data/File Security & Control
Data/File Security & ControlData/File Security & Control
Data/File Security & Control
Adetula Bunmi
 
IoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfuaIoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfua
Andy Shutka
 
Ics presentation
Ics presentationIcs presentation
Ics presentation
🖥 Chad Hunter
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 
Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!
Teddy Reed
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
Deepakraj Sahu
 
Info and telecom_network_security
Info and telecom_network_securityInfo and telecom_network_security
Info and telecom_network_security
Brijesh Kumar
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended
Larry Vandenaweele
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Eran Goldstein
 
Security technologies
Security technologiesSecurity technologies
Security technologies
Dhani Ahmad
 
Dmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomDmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a Telecom
Positive Hack Days
 
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Tonex
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep Singh
OWASP Delhi
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Jim Gilsinn
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
pgmaynard
 
Android device protection
Android device protectionAndroid device protection
Android device protection
nlog2n
 
The Truth About Viruses on IBM i
The Truth About Viruses on IBM iThe Truth About Viruses on IBM i
The Truth About Viruses on IBM i
HelpSystems
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen Miller
AVEVA
 
Best Practices in IBM i Security
Best Practices in IBM i SecurityBest Practices in IBM i Security
Best Practices in IBM i Security
Precisely
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Jim Gilsinn
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best Practices
Precisely
 
IoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentationIoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentation
AuliaArifWardana
 
IoT-Device-Security.pptx
IoT-Device-Security.pptxIoT-Device-Security.pptx
IoT-Device-Security.pptx
ZahidHussainqaisar
 

More Related Content

What's hot

Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!
Teddy Reed
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
Deepakraj Sahu
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended
Larry Vandenaweele
 
Dmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomDmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a Telecom
Positive Hack Days
 
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Tonex
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Jim Gilsinn
 
The Truth About Viruses on IBM i
The Truth About Viruses on IBM iThe Truth About Viruses on IBM i
The Truth About Viruses on IBM i
HelpSystems
 
Best Practices in IBM i Security
Best Practices in IBM i SecurityBest Practices in IBM i Security
Best Practices in IBM i Security
Precisely
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Jim Gilsinn
 

What's hot (20)

Ics presentation
Ics presentationIcs presentation
Ics presentation
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
 
Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
 
Info and telecom_network_security
Info and telecom_network_securityInfo and telecom_network_security
Info and telecom_network_security
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
 
Security technologies
Security technologiesSecurity technologies
Security technologies
 
Dmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomDmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a Telecom
 
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep Singh
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
 
Android device protection
Android device protectionAndroid device protection
Android device protection
 
The Truth About Viruses on IBM i
The Truth About Viruses on IBM iThe Truth About Viruses on IBM i
The Truth About Viruses on IBM i
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen Miller
 
Best Practices in IBM i Security
Best Practices in IBM i SecurityBest Practices in IBM i Security
Best Practices in IBM i Security
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best Practices
 

Similar to SCC (Security Control Center)

IoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentationIoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentation
AuliaArifWardana
 
Check point nerc cip compliance
Check point nerc cip complianceCheck point nerc cip compliance
Check point nerc cip compliance
Ivan Carmona
 
Emea Corporate Presentation 0709 Lin
Emea Corporate Presentation 0709 LinEmea Corporate Presentation 0709 Lin
Emea Corporate Presentation 0709 Lin
Joe Sarno
 

Similar to SCC (Security Control Center) (20)

IoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentationIoT-Device-Security-DRAFT-slide-presentation
IoT-Device-Security-DRAFT-slide-presentation
 
IoT-Device-Security.pptx
IoT-Device-Security.pptxIoT-Device-Security.pptx
IoT-Device-Security.pptx
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
 
CSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptxCSE_Instructor_Materials_Chapter7.pptx
CSE_Instructor_Materials_Chapter7.pptx
 
Preventing Stealthy Threats with Next Generation Endpoint Security
Preventing Stealthy Threats with Next Generation Endpoint SecurityPreventing Stealthy Threats with Next Generation Endpoint Security
Preventing Stealthy Threats with Next Generation Endpoint Security
 
Endpoint Security for Mobile Devices
Endpoint Security for Mobile DevicesEndpoint Security for Mobile Devices
Endpoint Security for Mobile Devices
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Power point presentation on cyber security
Power point presentation on cyber securityPower point presentation on cyber security
Power point presentation on cyber security
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
 
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
IoT Device Hacking and New Direction of IoT Security Evaluation Using Common ...
 
IT Essentials (Version 7.0) - ITE Chapter 13 Exam Answers
IT Essentials (Version 7.0) - ITE Chapter 13 Exam AnswersIT Essentials (Version 7.0) - ITE Chapter 13 Exam Answers
IT Essentials (Version 7.0) - ITE Chapter 13 Exam Answers
 
Secured Remote Solutions for Critical Plant Assets
Secured Remote Solutions for Critical Plant AssetsSecured Remote Solutions for Critical Plant Assets
Secured Remote Solutions for Critical Plant Assets
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
 
The 300 Leonidas Solution
The 300 Leonidas SolutionThe 300 Leonidas Solution
The 300 Leonidas Solution
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
Check point nerc cip compliance
Check point nerc cip complianceCheck point nerc cip compliance
Check point nerc cip compliance
 
Topics in network security
Topics in network securityTopics in network security
Topics in network security
 
FortiGate_Sec_02_Security Fabric (1).pptx
FortiGate_Sec_02_Security Fabric (1).pptxFortiGate_Sec_02_Security Fabric (1).pptx
FortiGate_Sec_02_Security Fabric (1).pptx
 
Emea Corporate Presentation 0709 Lin
Emea Corporate Presentation 0709 LinEmea Corporate Presentation 0709 Lin
Emea Corporate Presentation 0709 Lin
 

More from Junyoung Jung

전자석을 이용한 타자 연습기
전자석을 이용한 타자 연습기전자석을 이용한 타자 연습기
전자석을 이용한 타자 연습기
Junyoung Jung
 

More from Junyoung Jung (20)

[KCC oral] 정준영
[KCC oral] 정준영[KCC oral] 정준영
[KCC oral] 정준영
 
전자석을 이용한 타자 연습기
전자석을 이용한 타자 연습기전자석을 이용한 타자 연습기
전자석을 이용한 타자 연습기
 
[2018 평창올림픽 기념 SW 공모전] Nolza 보고서
[2018 평창올림픽 기념 SW 공모전] Nolza 보고서[2018 평창올림픽 기념 SW 공모전] Nolza 보고서
[2018 평창올림픽 기념 SW 공모전] Nolza 보고서
 
[2018 평창올림픽 기념 SW 공모전] Nolza - Activity curation service
[2018 평창올림픽 기념 SW 공모전] Nolza - Activity curation service[2018 평창올림픽 기념 SW 공모전] Nolza - Activity curation service
[2018 평창올림픽 기념 SW 공모전] Nolza - Activity curation service
 
Google File System
Google File SystemGoogle File System
Google File System
 
sauber92's Potfolio (ver.2012~2017)
sauber92's Potfolio (ver.2012~2017)sauber92's Potfolio (ver.2012~2017)
sauber92's Potfolio (ver.2012~2017)
 
Electron을 사용해서 Arduino 제어하기
Electron을 사용해서 Arduino 제어하기Electron을 사용해서 Arduino 제어하기
Electron을 사용해서 Arduino 제어하기
 
[UNITHON 5TH] KOK - 프로귀찮러를 위한 지출관리 서비스
[UNITHON 5TH] KOK - 프로귀찮러를 위한 지출관리 서비스[UNITHON 5TH] KOK - 프로귀찮러를 위한 지출관리 서비스
[UNITHON 5TH] KOK - 프로귀찮러를 위한 지출관리 서비스
 
[우아주, Etc] 정준영 - 페이시스템
[우아주, Etc] 정준영 - 페이시스템[우아주, Etc] 정준영 - 페이시스템
[우아주, Etc] 정준영 - 페이시스템
 
[우아주, 7월] 정준영
[우아주, 7월] 정준영[우아주, 7월] 정준영
[우아주, 7월] 정준영
 
[team608] 전자석을 이용한 타자연습기
[team608] 전자석을 이용한 타자연습기[team608] 전자석을 이용한 타자연습기
[team608] 전자석을 이용한 타자연습기
 
[Graduation Project] 전자석을 이용한 타자 연습기
[Graduation Project] 전자석을 이용한 타자 연습기[Graduation Project] 전자석을 이용한 타자 연습기
[Graduation Project] 전자석을 이용한 타자 연습기
 
[KCC poster]정준영
[KCC poster]정준영[KCC poster]정준영
[KCC poster]정준영
 
16 학술제 마무리 자료
16 학술제 마무리 자료16 학술제 마무리 자료
16 학술제 마무리 자료
 
[Maybee] inSpot
[Maybee] inSpot[Maybee] inSpot
[Maybee] inSpot
 
[대학생 연합 해커톤 UNITHON 3RD] Mingginyu_ppt
[대학생 연합 해커톤 UNITHON 3RD] Mingginyu_ppt[대학생 연합 해커톤 UNITHON 3RD] Mingginyu_ppt
[대학생 연합 해커톤 UNITHON 3RD] Mingginyu_ppt
 
[2016 K-global 스마트디바이스톤] inSpot
[2016 K-global 스마트디바이스톤] inSpot[2016 K-global 스마트디바이스톤] inSpot
[2016 K-global 스마트디바이스톤] inSpot
 
[2015전자과공모전] ppt
[2015전자과공모전] ppt[2015전자과공모전] ppt
[2015전자과공모전] ppt
 
[C++]6 function2
[C++]6 function2[C++]6 function2
[C++]6 function2
 
[C++]5 function
[C++]5 function[C++]5 function
[C++]5 function
 

Recently uploaded

Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 

Recently uploaded (20)

UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 

SCC (Security Control Center)

  • 1. - 1 - Mobile & Embedded System Lab. Dept. of Computer Engineering Kyung Hee Univ. SCC (Security Control Center) Presented by Junyoung Jung Capstone Design Ⅱ
  • 2. - 2 - Kyung Hee University Mobile Embedded System Lab. Contents  Motivation  Related works  Proposed System  SCC: Security Control Center  Demonstration
  • 3. - 3 - Kyung Hee University Mobile Embedded System Lab. Motivation  Recent Trends  Accelerated the launch of a variety of IoT products & services  Increased interest in IoT device security issues  Problems  Manufactured without considering security level  Absence of a security control system ▶ Difficult to respond to security attacks Need for a Security Control System (Collecting and Analyzing the information about security attacks.)
  • 4. - 4 - Kyung Hee University Mobile Embedded System Lab. Related works  SecurePi: Secure Raspberry Pi (Using TPM*)  Linux based high-end secure COTS IoT device platform ① Secure Key Storage & Management ② Secure Boot ③ Secure Firmware Update ④ Remote Attestation ⑤ Secure Communication ⑥ Mandatory Access Control ⑦ Filesystem Integrity ⑧ Filesystem Encryption *TPM : Trusted Platform Module
  • 5. - 5 - Kyung Hee University Mobile Embedded System Lab. Related works  SArduino: Secure Arduino (Using SE*)  RTOS/Firmware based Low-end secure COTS IoT device platform ① Secure Key Storage & Management ② Secure Boot ③ Secure Firmware Update ④ Remote Attestation ⑤ Secure Communication *SE : Secure Elements
  • 6. - 6 - Kyung Hee University Mobile Embedded System Lab. Proposed System  Functional requirements (for performing Security Controls) ① Ensure availability of sensitive data ▶ Storing and managing the encryption key data in TPM/SE ▶ Secure Key Storage & Management Monitoring ② Ensure F/W integrity (Secure Boot) ▶ Firmware replacement attacks prevention ▶ Secure Boot Monitoring ③ Ensure secure F/W update ▶ The previous versions of firmware install prevention ▶ Secure Firmware Update Monitoring
  • 7. - 7 - Kyung Hee University Mobile Embedded System Lab. Proposed System  Functional requirements (for performing Security Controls) ④ Ensure F/W integrity (Remote Attestation) ▶ Firmware replacement attacks prevention through other device ▶ Remote Attestation Monitoring ⑤ Detect the device login attempt ▶ Checking the login log(/var/log/auth.log) periodically ▶ Login Monitoring ⑥ Detect the device allow/deny packet ▶ Checking the iptables log periodically ▶ Packet Monitoring
  • 8. - 8 - Kyung Hee University Mobile Embedded System Lab. SCC: Security Control Center  System Architecture IoT Control Platform SSL Administrator Web browser HTTP SCC-Server SCC-Web Database JSON On-demand Event Secure Pi SCC-Client SecureKeyManagement Monitor Front-end Back-end EJS Node.js .css .js express AJAX Transaction Upload the SCC-Client Info. to Database Remote Attestation Server Firmware Update Server Secure Boot Monitor SecureFWUpdate Monitor RemoteAttestation Monitor Login Monitor Packet Monitor SCC table LOG table …
  • 9. - 9 - Kyung Hee University Mobile Embedded System Lab. Demonstration  http://163.180.118.193:3000 ① Device registration ② Device detail view ③ Device Firmware Update • Secure Key Storage & Management • Secure Boot • Secure Firmware Update • Remote Attestation ④ Login & Packet Monitoring
  • 10. - 10 - Kyung Hee University Mobile Embedded System Lab. Thank you