Security proposal for gateways IoT using operating system and secure element
Numerous possibilities of Internet application of Things put this feature at the top of the digital transformation in business. A very important equipment in this environment is the gateway, which acts as a router for data traffic between devices of different networks. Although it performs control functions and like other devices present in the Internet of Things, it is affected by software and hardware level vulnerabilities. Unexplored, vulnerabilities related to the physical attack of gateways are common and the solutions demand high costs with the use of proprietary secure elements that often make the implementation of the device unfeasible. The present project aims to study the challenges of implementing adequate security means in highly complex devices in Internet of Things, especially gateways, and to propose a viable alternative of low cost and of easy implementation that can be used in these devices to improvement in data protection and privacy. In order to achieve this objective, studies have been carried out on safe operating systems that can be used in gateways for security at the software level; the use of elements for hardware-level security; safe boot processes to ensure the integrity of the device. The study proposes the implementation of a low cost architecture that makes use of the Ubuntu Core 16 operating system, secure UICC element and secure boot that together verify the integrity and security of the device. The results obtained by simulation and other related tests demonstrate that the architecture is able to guarantee device identification and detect physical and virtual changes in the operating system that compromise device security without the need for high investments in software and hardware.