Re: [Iotops] maintain ownership (was: can we create protocols that securely transfer ownership?)

["Amyas Phillips, Ambotec" <amyas@ambotec.org>]

Hi folks

Is there a definition of ownership you are using? If not I’d like to propose one because I've found ownership to be a not particularly useful concept in IoT, unless redefined. 

- Ownership as a fundamental legal concept of capitalist societies means having the rights to dispose of an asset how you please, including improving it and deriving benefits from it. 
- Assets historically were strictly physical. 
- When patents were invented it started being possible to own an object without having the right to physically copy it. 
- When copyright was extended to compiled software it started being possible to own an embedded device without having the right to copy its software.
- DMCA and EUCD and equivalents further removed the right to even modify the software.
- Most IoT devices are now sold with EULAs, constraining any remaining legal concept of ownership with contractual terms. 
- You can even find that a licence to use it is the only thing you get when you buy a device, legal title remaining with the vendor.

I’d like to suggest that we set aside legal title and say “ownership” for the purpose of this discussion means “logical control of a device”. Transfer of logical control is an important and delicate event in an IoT device’s lifecycle so this seems to fit within the aims of the charter, even if it isn’t mentioned explicitly.

I’d like to further suggest that logical control ultimately means the right to control what software is installed on a device. That is to say, ownership == logical control == the right to set and (if transfer of control is supported) replace the firmware update trust anchor. That is what ownership means. Every other form of control is delegated from that and is called something other than “ownership". 

That’s it. 


I’ve anticipated and tried to answer some possible objections. They run on a bit, sorry about that: 

1. What if an IC has an integrated secure element under logical control of a third party and it is impossible even for a person with legal title to seize control of that SE? 

That’s fine, just acknowledge the SE as a separate domain of control. Someone has physical title, possibly constrained by license terms. Someone has logical control of the SE. Someone has logical control of the ‘insecure’ computing environment. It would a similar situation in a device with a  main application processor and separate a wireless module with its own firmware. 

2. Wouldn’t this mean that any device whose firmware has to be signed by its OEM is still under the logical control of and “owned” by that OEM? 

Yes.

3. But that’s not who I mean when I talk about the owner! 

I get it, but this just means different and more specific terminology is required. You might mean the entity trusted by the device to issue application-layer commands (possibly including commands to set application-layer trust anchors).

4. What if an OEM retains firmware update rights but no direct connection, do they still have ultimate logical control? 

Yes.

5. What if the application can’t be updated? 

Logical control has been permanently delegated to whoever the device's application layer trusts. There always was control at the application layer, just in this case it is “ultimate” control. Assuming the application exposes logical interfaces and authenticates requests to them there are could be as many logical controllers / "owners" as there are trust anchors for authenticating them, but if there is one interface specifically for administering trust anchors then whoever controls that who is now the ultimate logical controller / “owner”. 

It has to be said that what can be controlled in this situation is much less than what someone with firmware update rights would be able to control. Also,  unless the new owner is able to validate the installed firmware against a build of the source code there’s no way they can know just what they are controlling. 

6. What if the device ships without trust anchors, who owns it then? 

It is in a first-to-claim state. That assumes that once “claimed” it can’t be claimed by anyone else without the current claimant’s authorisation. 

7. Who is the ultimate controller if there is an immutable initial bootloader with a trust anchor immutably set, and a stage two bootloader with another trust anchor, and an application? 

The immutable initial bootloader creates a firmware update right, i.e. an ownership right, which has been permanently claimed by whoever set its trust anchor. In most devices an immutable initial bootloader would allow updating a stage two bootloader, meaning the stage two bootloader’s TA can be changed. So whoever set the iniitial bootloaders' TA controls who gets to install the stage 2 bootloader, and whoever installs the stage 2 bootloader controls who gets to install the main application. 

The ultimate controller a.k.a. owner is whoever set the root TA. What they control has been determined by whoever designed and installed the initial bootloader and whoever designed and fabricated the IC running it, and perhaps whoever designed and manufactured the device running the IC. In this case the owner gets to decide who can install the second boot stage - probably themselves

8. Isn’t is possible to dream up IoT devices that don’t have logical controllers? 

I guess so - you could do without secure boot and expose unauthenticated interfaces, or you could make a device that is always claimable - but that doesn't invalidate the concept. 

9. What does transfer of ownership mean then?

Setting someone else’s TA in the initial bootloader. 

10. What if a hacker obtains arbitrary code execution?

They 0wn the device but they don’t own it - not unless they can make their control permanent across reboots. They have application layer logical control until a reboot. 


Thanks
Amyas