ETSI M2M 標準建議的安全協議和相關通訊密碼套件之分析

Abstract

對於物聯網來說資訊安全是重要的基本層面之一，且需要精心設計及實施。幸運的是，ETSI — 作為一個制定電信的標準組織，已經定義了一套全面的共同安全機制來保護物聯網系統，包括我們所可以利用的相應安全協議。對於TLS協議，ETSI也提出了一系列的加密套件演算法。基於物聯網服務提供商及網路提供商的之間的關係，這些選項可被分為兩種類型 —存取網路相依型和存取網路獨立型。根據這種分類，ETSI允許物聯網服務提供商去選擇最適合他們的物聯網應用的其中一種。然而在標準裡頭，並無說明在什麼條件之下，特定的協議比起其他的協議將會是最好的一個。雖然物聯網服務提供商可以簡單地從中做選擇，但理想的是，能有一些分析的方法根據物聯網應用的特性和流量模式，以選擇最安全的協議以及最節省資源的協議的依據。 在此研究之中，我們將研究在什麼樣的情況下何種協議以及其加密套件演算法為最適合。而我們也只將專注於在物聯網服務提供商與網路提供商之間無須任何關係的網路獨立型協議上，因為這些協議為工業上使用的協議。同時也由於假設並無任何存取網路的支持，所以此種端點對端點的系統也能更被簡易地模擬。在TS 102 690之中，ETSI定義了三個層級的安全機制: 服務啟動安全、連接安全及mId安全。 • 物聯網服務啟動機制旨在相互驗證物連網服務提供商與物聯網裝置或閘道。此研究將會以EAP/PANA乘載的EAP-IBAKE、EAP/PANA乘載的EAP-TLS與TCP/TLS機制做為分析項目。在服務啟動程序完成後，物聯網安全根鑰 (Root Key) 將會隨之產生 • 物聯網連接機制使用安全根鑰來設置一個在物聯網網路節點與物聯網裝置/閘道之間的安全會話。EAP/PANA乘載的EAP-GPSK及TLS-PSK將會做為主要分析的項目。此機制將會產生物聯網連接鑰 (Connection Key)，而此鑰也將會用於最後一個機制 —網路端與裝置端之間的安全。 • mId安全機制保護了mId界面的資料安全。雖然其有三種方式可用於保護界面的安全：存取網路安全、通道安全和物件安全，但在我們的研究之中將會集中在通道的安全上做分析。 為了要進行我們的分析，我們計劃開發這些安全機制在OpenMTC平台之上，因其為符合ETSI-M2M標準的物聯網平台。我們將會使用工廠內的人員管理系統做為測試的範例樣本，此系統的特性為在短時間裡頭產生出大量的小數據流量。根據分析結果，我們希望找到在此類型的網路流量模式範例下最合適的協議。我們使用效率, 成本, 和有效性等參數來確定最合適的協定。為了測量效率，我們將記錄處理的時間和記憶體的使用情況。為了測量成本，我們分析送出跟接收的訊息量，而其總封包大小也用來做比較的參數。對於一個特定的協定的有效性，我們將從一個密碼套件安全保障程度來做為區分，如非常強，強，平均，弱，或非常弱。

Security is one of the fundamental aspects one needs to carefully design and implement for IoT systems. Fortunately, ETSI, as a standard body in telecommunication industry, has defined a comprehensive set of common security mechanisms to protect the IoT system including the corresponding security protocols that we can utilize. For TLS protocols, ETSI also suggests a set of cipher suite algorithms. Those options are categorized into two types, access-dependent and access-independent, based on the relationship between the M2M Service Provider and the Access Network Provider. According to this categorization, ETSI allows the M2M Service Provider to select the one that is the most suitable for their M2M applications. The standards do not describe in what condition a particular protocol will be the best among the others. Although M2M Service Providers can easily choose one out of many options, it is most ideal if some analytic methods can be defined for selecting a protocol that is the most secure and the least resource demanding one according to the characteristics and the traffic patterns of IoT applications. In this research we examine which conditions are most suitable for a security protocol and a cipher suite algorithm. We focus only on access-independent protocols which do not require any relationship between the M2M Service Provider and the Access Network Provider, because these protocols are most applicable in the industry. Also, the whole end-to-end system can be simulated easily by assuming no support from access networks. In TS 102 690, ETSI defines three levels of security mechanisms: Service Bootstrapping, Connection, and mId security. • M2M Service Bootstrapping mechanism aims to mutually authenticate the M2M Service Provider and the M2M Device or Gateway. EAP-IBAKE over EAP/PANA, EAP-TLS over EAP/PANA and TLS over TCP will be analyzed with regard to this study. The result of M2M Service Bootstrapping is an M2M Root Key (Kmr). • M2M Connection mechanism uses the M2M Root Key to set up a secure data session between a Network M2M Node and an M2M Device / Gateway. EAP-GPSK over EAP/PANA and TLS-PSK are the objects to be analyzed. This mechanism generates M2M Connection Key (Kmc) which will be used for the last mechanism, mId security. • The mId security protects the data transmission over the mId interface. Although there are three ways to secure the interface: access network layer security, channel security, and object security, we will focus on the channel security in our study. To proceed with our analysis, we develop these security mechanisms on top of the OpenMTC platform, which is an ETSI-M2M-compliant system. We use people management system in a factory as the use case for our testing samples, in particular, testing the situation where a large amount of small data traffic is generated in a very short time. Based on the result, we analyze what is the most suitable protocol for the type of traffic pattern in this use case. Several parameters can be utilized to determine the most suitable protocol, such as efficiency, cost, and effectiveness. In order to measure efficiency, we record the processing time, CPU usage, and memory usage. To measure the cost, we use the number of sent and received messages, including their total sizes, as the parameters for comparison. For the effectiveness of a particular protocol, we use the degree of security guarantee from a protocol / cipher suite such as very strong, strong, average, weak, or very weak.