Designing a security-first IoT device management platform
Industries employ an increasing amount of IoT (Internet of Things) devices to automate product line and carry on monitoring and surveillance tasks. It is therefore important to secure these devices and to be able to control them remotely in a secure environment. In my thesis work, a solution to this problem was to design and develop a software platform in which IoT devices would be enrolled and updated, was developed.
A management platform is a system that allows IoT devices to securely enrol, to be seen and controlled by human operators in a web interface, which is accessed via a tagged key given by the operator’s employer.
Security first
The main requirement for this platform was that each component that makes the system would not trust each other and would always validate the identity and validity of the data being transferred. This architectural pattern is called zero-trust architecture (ZTA). In the platform it is implemented via mutual TLS, a common practice in network security used to reciprocally authenticate both parties during a data exchange.
Operators are allowed to log into the management web interface only if they use their supplied tagged key, which acts as a second factor authentication method besides the usual username and password login. Furthermore, their access is regulated and monitored by an administrator.
Devices register themselves into the platform in two steps: First, they are supplied a unique identity in a separate and secure facility. Then they can request to join the platform, which is granted only if a series of hardware and software checks are passed. Hardware tests include checking the serial numbers of each component and sensor to prevent hardware tampering. Likewise, software tests verify the authenticity of the identity and the integrity of the installed software.
Operators can update enrolled IoT devices over-the-air (OTA) from the web interface. This is made possible by a flexible update configuration mechanism based on the YAML file format and stored in a tree structure on GitHub. The devices would receive the configuration file and would update their software components, communicating back to the web interface the success or failure of the update.
Flexible architecture
The management platform was developed to sustain a large amount of network traffic via the deployment of microservices, lightweight pieces of software that ideally perform a single task efficiently. These microservices communicate with a central device registry via a publisher-subscriber protocol similar to MQTT, ensuring high throughput and preventing microservices from bottlenecking others in case of a particularly high amount of requests.