IRIS: An embedded secure boot for IoT devices
This study proposes a hardware secure boot solution, an instant retrieval information system (IRIS) that is suitable for integrating Internet of Things (IoT) devices. IRIS can boot a Linux kernel image pre-stores in removable media and comprises a data verifier securing the authenticity, integrity,...
| Autores: | , , , , |
|---|---|
| Tipo de recurso: | artículo |
| Estado: | Versión publicada |
| Fecha de publicación: | 2023 |
| País: | España |
| Institución: | Universidad de Sevilla (US) |
| Repositorio: | idUS. Depósito de Investigación de la Universidad de Sevilla |
| OAI Identifier: | oai:idus.us.es:11441/148844 |
| Acceso en línea: | https://hdl.handle.net/11441/148844 https://doi.org/10.1016/j.iot.2023.100874 |
| Access Level: | acceso abierto |
| Palabra clave: | Field programmable gate array Secure boot Internet of Things (IoT) Bootloader Hardware Embedded device |
| Sumario: | This study proposes a hardware secure boot solution, an instant retrieval information system (IRIS) that is suitable for integrating Internet of Things (IoT) devices. IRIS can boot a Linux kernel image pre-stores in removable media and comprises a data verifier securing the authenticity, integrity, and confidentiality of the boot process. IRIS is fully developed as a hardware module and the results reveal short boot-up times and a small hardware footprint when implemented on field programmable gate array chips. In addition, IRIS is an open-source generic solution that can be adapted to multiple architectures and includes a crypto-core called E-LUKS that can be used outside the boot-loading process to add confidentiality, integrity, and authenticity to data stored on off-chip storage like a flash device. IRIS shows a reduction in lookup tables footprint when compared to other IoT solutions consuming from 90% to 750% less resources and only slightly greater, around 30%, with solutions that only cover authentication and integrity. |
|---|