...
Use Case Name: | Remote Attestation Use Case 1- IoT Device Security and Authentication |
---|---|
Use Case Description: | Leveraging technics of Peraton Labs add Remote Attestation to existing lab infrastructure This Use Case may be combined with Remote Attestation Use Case 2- IoT Device Onboarding & Maintenance |
Epic Problem Statement and how is the problem solved: | Problem Statement: How to insure that IoT devices on a network are authentic and have not been tampered with. This is particularly sensitive in remote areas that are not often frequented by people. Resolution: |
User Stories |
|
Demo Storyline (optional) | |
Interaction with other open source projects and components |
|
Links to existing documentation (Build Guide, Slideware, etc), if available (optional). | |
Links to existing demo/video, if available (optional). | |
Links to existing code/repos, if available (optional). | https://github.com/sediment-lfproject/remote-attestation |
Minutes:
- Quick round of Introductions
- Ta provided description of current SEDIMENT deployment in three parts (following passport model): prover on IoT, verifier, and relying party.
- Rahul provided sescription of Accuknox on securing multi-vendor workloads being pushed to the edge using KubeArmor. Containerized environment, but how do we ensure failure of one container does not compromise other workloads.
- SEDIMENT needs three TCP ports for verifier: prover to verifier, verifier to relying party, RA admin/visualization GUI, and two ports for relying part: verifier to replying party, application GUI. Simple daemons that run on Linux, a few shared library dependencies.
- What is the demo going to be on? Muddasar described use case and demo goals from 5G SBP perspective. Once basic demo of RA with Accuknox is done, we can talk to other folks to integrate with ORAN compliant base station.
- Muddasar will like to see SEDIMENT RA code for attesting an Intel/AMD computer (beyond IoTs), so edge servers can also be attested
- May be a good idea to evaluate each other’s products out and do a demo in the lab. Then we can replicate it at Kaloom Lab or other lab available to LF 5G SBP.
Next steps:
- Send meeting minutes to 5G SBP [Rajesh]
- Define requirements for demo. Identify resources (how many cores, memory, disk etc.), IP addresses, ports that need to be open. Topology of services/containers. This will help LF coordinate the use case demo. [Rahul to take lead, Ta to support – draft in a couple of weeks, to discuss tentatively in May 2nd 5G SBP call]
- Need SEDIMENT to Dockerize the solution
- Capture requirements in parallel, put it on the LF 5G SBP wiki
Meeting Notes:
...