| CPC H04W 12/10 (2013.01) [H04W 12/122 (2021.01); H04W 24/10 (2013.01)] | 20 Claims |
|
1. A method of determining an integrity of a plurality of internet of things (IoT) devices by a communication gateway that connects the IoT devices to a 5G core network, comprising:
for each of the plurality of IoT devices, receiving measurements by an attestation client application executing on the gateway separate from an IoT device,
wherein the measurements are determined by a measurement client application that executes on the IoT device to measure a universal communication stack (UCS) that executes on the IoT device and supports connecting the IoT device with the 5G core network via the gateway,
wherein the UCS comprises a plurality of non-access stratum (NAS) application programming interfaces (APIs), a mobility manager application, a session manager application, a NAS encoder/decoder application, a NAS transport control protocol (TCP) encapsulation application, and a plurality of adapters, each of which use communication security features of an operating system executing on the IoT device to provide a communication link between the IoT device and the gateway, and
wherein the measurements comprise memory sizes and memory locations of each of the NAS APIs, the mobility manager application, the session manager application, the NAS encoder/decoder application, the NAS TCP encapsulation application, and the adapters of the UCS;
building, by an attestation server application executing on a server separate from the gateway, a baseline from the measurements received from the plurality of IoT devices, wherein the baseline comprises normative values of each of the measurements received and a threshold associated with each of the measurements;
requesting current measurements of the UCS from one of the plurality of IoT devices by the attestation client application;
after requesting the current measurements of the UCS from the one of the plurality of IoT devices, receiving the current measurements of the UCS by the attestation client application from the one of the plurality of IoT devices;
comparing the current measurements to the normative values of each of the current measurements indicated in the baseline;
determining whether at least one of the current measurements differ from the normative values of each of the current measurements by more than a threshold associated with the current measurement; and
when the current measurements do not differ from the normative values of each of the current measurements by more than the threshold associated with the current measurement, providing a communication link to the one of the plurality of IoT devices to a 5G core network using the UCS.
|