Design and implementation of secure smart home using remote attestation

Abstract

In general, Internet of Things (IoT) devices collect status information or operate according to control commands of other devices. If the safety and reliability of externally accessible devices are compromised, the risk of exposure of personal information collected internally or of abnormal operation of internal devices increases.This dissertation proposes a method of building a safe smart home environment by pre-blocking devices that may cause a risk by performing mutual safety verification between devices prior to data transmission and reception through the scalable Session Initiation Protocol (SIP) of a home network.Using a Samsung's commercial smartphone, not a development board to implement the device's own verification function, and using a modified open source application and a SIP server providing free service, we established a test environment that is practically applicable and proved the feasibility of the attestation operation of the device.During the operation test, the packets on a communication channel between two devices were captured and analyzed.As a result, it was confirmed that the transmission of parameter data for the real attestation in SIP/Session Description Protocol (SDP) packets succeeded without any problems. It was also confirmed that the final verification result of the target device could be derived correctly. With the proposed method, it is possible to establish a safe trust relationship between smart home devices and external smart devices or between various IoT devices while also securing the smart home environment by blocking communications with devices that seek to do harm intentionally.