Enforcing Network Security in an Embedded Operating System via Rust’s Type System
Abstract/Contents
- Abstract
- Internet of things (IoT) devices are rapidly proliferating along with the applications that run on these devices. Oftentimes, developers write these applications without much regard for security. As a result, IoT applications often contain vulnerabilities that can compromise entire networked systems. One OS that targets this issue is Tock, which is geared toward low-power embedded devices (e.g. sensors, wearables, authentication devices). Tock is written in Rust, a type- safe systems programming language. In this paper, we discuss how we leverage the Rust type system to guarantee certain network security properties in Tock. Among these properties are (1) restricting access to network resources, (2) ensuring that only one UDP client is able to send from a particular port at any given time, and (3) the limitation of sending unencrypted data. These security mechanisms provide a low-overhead way to reduce audit space for vulnerabilities dramatically and to force the developer to explicitly express the security properties of their applications.
Description
Type of resource | text |
---|---|
Date created | May 7, 2019 |
Creators/Contributors
Author | Armin Namavari |
---|---|
Degree granting institution | Stanford University, Department of Computer Science |
Advisor | Levis, Philip |
Subjects
Subject | Rust |
---|---|
Subject | Tock |
Subject | Embedded Systems |
Subject | IoT |
Subject | Security |
Subject | Type System |
Subject | Networks |
Genre | Thesis |
Bibliographic information
Access conditions
- Use and reproduction
- User agrees that, where applicable, content will not be used to identify or to otherwise infringe the privacy or confidentiality rights of individuals. Content distributed via the Stanford Digital Repository may be subject to additional license and use restrictions applied by the depositor.
- License
- This work is licensed under a Creative Commons Attribution Non Commercial 3.0 Unported license (CC BY-NC).
Preferred citation
- Preferred Citation
- Armin Namavari. (2019). Enforcing Network Security in an Embedded Operating System via Rust’s Type System. Stanford Digital Repository. Available at: https://purl.stanford.edu/kw972jy4494
Collection
Undergraduate Theses, School of Engineering
View other items in this collection in SearchWorksContact information
- Contact
- arminn@stanford.edu
Also listed in
Loading usage metrics...