Search

US-12619439-B2 - Establishing an internal clock value of an internet-of-things device based on a timestamp received from a security service via a secure connection

US12619439B2US 12619439 B2US12619439 B2US 12619439B2US-12619439-B2

Abstract

Techniques are described herein that are capable of establishing an internal clock value of an IoT device based at least on a timestamp received from a security service via a secure connection. The IoT device is booted up by setting a time value associated with an internal clock of the IoT device to a default time value. The time value is reset to an updated time value that is received from a trusted time source. A secure connection is established between the IoT device and the security service using the updated time value. A first timestamp is received by the IoT device from the security service via the secure connection. The time value is reset to a second updated time value that is based at least on the first timestamp. An operation that utilizes a second timestamp, which is based at least on the second updated time value, is performed.

Inventors

  • Joseph Alexander LLOYD
  • Alistair James LOWE
  • Dennis Yupeng LIANG

Assignees

  • MICROSOFT TECHNOLOGY LICENSING, LLC

Dates

Publication Date
20260505
Application Date
20231130

Claims (20)

  1. 1 . An Internet-of-things device comprising: a processor system; and a memory coupled to the processor system, the memory storing an operating system that, when executed, performs actions comprising: boot up the Internet-of-things device by setting a time value associated with an internal clock of the Internet-of-things device to a default time value; reset the time value associated with the internal clock of the Internet-of-things device from the default time value to an updated time value, which is received from a trusted time source; establish a secure connection between the Internet-of-things device and a security service by authenticating the Internet-of-things device to the security service based at least on the updated time value being included in a designated time range indicated by a service-granted certificate that is granted by the security service; receive a first timestamp from the security service via the secure connection; reset the time value associated with the internal clock of the Internet-of-things device from the updated time value to a second updated time value that is based at least on the first timestamp received from the security service; combine the second updated time value and a network time latency associated with a network, which is used for communication between the Internet-of-things device and the security service, to provide a corrected time value; and reset the time value associated with the internal clock of the Internet-of-things device from the second updated time value to the corrected time value; and perform an operation that utilizes a second timestamp, which is based at least on the second corrected time value.
  2. 2 . The Internet-of-things device of claim 1 , wherein the memory comprises: a trusted key store (TKS) that stores a reference certificate; and wherein the operating system, when executed, authenticates the Internet-of-things device to the security service further based at least on a second time range indicated by the reference certificate overlapping at least a portion of the designated time range that includes the updated time value.
  3. 3 . The Internet-of-things device of claim 1 , wherein the memory further stores a file; and wherein the operating system, when executed, performs the actions further comprising: determine the updated time value as a result of the updated time value being indicated by a third timestamp associated with the file.
  4. 4 . The Internet-of-things device of claim 1 , wherein the operating system, when executed, performs the actions further comprising: establish a connection between the Internet-of-things device and an unsecured service endpoint in the security service; and determine the updated time value based at least on the updated time value being indicated in a header of information received by the Internet-of-things device from the unsecured service endpoint.
  5. 5 . The Internet-of-things device of claim 4 , wherein the operating system, when executed, performs the actions further comprising: disable transport layer security (TLS) verification with regard to a communication protocol; and wherein the operating system, when executed, establishes the connection between the Internet-of-things device and the unsecured service endpoint using the communication protocol based at least on the TLS verification being disabled.
  6. 6 . The Internet-of-things device of claim 4 , wherein the memory further stores a public key of the security service; wherein the information from the unsecured service endpoint is signed with a private key of the security service; and wherein the operating system, when executed, establishes the secure connection between the Internet-of-things device and the security service further by authenticating the security service to the Internet-of-things device based at least on the private key with which the information from the unsecured service endpoint is signed corresponding to the public key of the security service.
  7. 7 . The Internet-of-things device of claim 1 , wherein the operating system, when executed, performs the actions further comprising: determine the network time latency in accordance with a precision time protocol (PTP) technique by combining the following: a first measurement of a first amount of time that a first message takes to travel from the Internet-of-things device to a server via the network; and a second measurement of a second amount of time that a second message takes to travel from the server to the Internet-of-things device via the network.
  8. 8 . The Internet-of-things device of claim 1 , further comprising: a real time clock (RTC) that calculates a time of day by tracking passage of time with reference to the second updated time value while the Internet-of-things device is powered off; wherein the second timestamp is based at least on the time of day.
  9. 9 . The Internet-of-things device of claim 1 , wherein the operating system, when executed, performs the actions further comprising: identify a synchronized time value that is synchronized between the Internet-of-things device and a computing device in accordance with a network time protocol (NTP) technique; and provide a communication that indicates the synchronized time value to the computing device.
  10. 10 . A method implemented by an operating system of an Internet-of-things device, the method comprising: booting up the Internet-of-things device by setting a time value associated with an internal clock of the Internet-of-things device to a default time value; resetting the time value associated with the internal clock of the Internet-of-things device from the default time value to an updated time value that is received from a trusted time source; establishing a secure connection between the Internet-of-things device and a security service by authenticating the Internet-of-things device to the security service based at least on the updated time value being included in a designated time range indicated by a service-granted certificate that is granted by the security service; receiving a first timestamp from the security service via the secure connection; resetting the time value associated with the internal clock of the Internet-of-things device from the updated time value to a second updated time value that is based at least on the first timestamp received from the security service; combining the second updated time value and a network time latency associated with a network, which is used for communication between the Internet-of-things device and the security service, to provide a corrected time value; resetting the time value associated with the internal clock of the Internet-of-things device from the second updated time value to the corrected time value; and performing an operation that utilizes a second timestamp, which is based at least on the second corrected time value.
  11. 11 . The method of claim 10 , further comprising: storing a reference certificate in a trusted key store (TKS) on the Internet-of-things device; wherein authenticating the Internet-of-things device to the security service is based at least on a second time range indicated by the reference certificate overlapping at least a portion of the designated time range that includes the updated time value.
  12. 12 . The method of claim 10 , further comprising: disabling transport layer security (TLS) verification with regard to a communication protocol; establishing a connection between the Internet-of-things device and an unsecured service endpoint in the security service based at least on the TLS verification being disabled; and determining the updated time value based at least on the updated time value being indicated in information received by the Internet-of-things device from the unsecured service endpoint; wherein the secure connection between the Internet-of-things device and the security service is established further by authenticating the security service to the Internet-of-things device based at least on a private key with which the information from the unsecured service endpoint is signed corresponding to a public key of the security service that is in possession of the Internet-of-things device.
  13. 13 . The method of claim 10 , further comprising: determining the network time latency in accordance with a precision time protocol (PTP) technique by combining a first measurement of a first amount of time, which a first message takes to travel from the Internet-of-things device to a server via the network, and a second measurement of a second amount of time, which a second message takes to travel from the server to the Internet-of-things device via the network.
  14. 14 . The method of claim 10 , further comprising: calculating a time of day by tracking passage of time with reference to the second updated time value using a real time clock (RTC) while the Internet-of-things device is powered off; wherein the second timestamp is based at least on the time of day.
  15. 15 . The method of claim 10 , further comprising: identifying a synchronized time value that is synchronized between the Internet-of-things device and a computing device in accordance with a network time protocol (NTP) technique; and providing a communication that indicates the synchronized time value to the computing device.
  16. 16 . The method of claim 10 , further comprising: identifying a synchronized time value that is synchronized between the Internet-of-things device and a computing device in accordance with a network time protocol (NTP) technique; and providing a communication that indicates the synchronized time value to the computing device.
  17. 17 . A computer program product comprising a computer-readable storage medium having instructions recorded thereon for enabling a processor-based system to perform actions, the actions comprising: booting up the processor-based system by setting a time value associated with an internal clock of the processor-based system to a default time value; resetting the time value associated with the internal clock of the processor-based system from the default time value to an updated time value, which is received from a trusted time source; establishing a secure connection between the processor-based system and a security service by authenticating the processor-based system to the security service based at least on the updated time value being included in a designated time range indicated by a service-granted certificate that is granted by the security service; receiving a first timestamp from the security service via the secure connection; resetting the time value associated with the internal clock of the processor-based system from the updated time value to a second updated time value that is based at least on the first timestamp received from the security service; combining the second updated time value and a network time latency associated with a network, which is used for communication between the processor-based system and the security service, to provide a corrected time value; resetting the time value associated with the internal clock of the processor-based system from the second updated time value to the corrected time value; and performing an operation that utilizes a second timestamp, which is based at least on the second corrected time value.
  18. 18 . The computer program product of claim 17 , wherein the actions comprise: authenticating the processor-based system to the security service based at least on a second time range indicated by a reference certificate, which is stored in a trusted key store (TKS) of the processor-based system, overlapping at least a portion of the designated time range that includes the updated time value.
  19. 19 . The computer program product of claim 17 , wherein the actions further comprise: determining the network time latency in accordance with a precision time protocol (PTP) technique by combining a first measurement of a first amount of time, which a first message takes to travel from the processor-based system to a server via the network, and a second measurement of a second amount of time, which a second message takes to travel from the server to the processor-based system via the network.
  20. 20 . The computer program product of claim 17 , wherein the actions further comprise: identifying a synchronized time value that is synchronized between the processor-based system and a computing device in accordance with a network time protocol (NTP) technique; and providing a communication that indicates the synchronized time value to the computing device.

Description

BACKGROUND An Internet-of-things (IoT) device is an individually addressable device that is capable of communicating with a computing system (e.g., another individually addressable device) via a network, such as the Internet, without human intervention. For instance, IoT devices may transfer data to each other via the network without human intervention. An IoT device typically has a sense of time that is used to communicate, perform security operations, and establish trust. Establishing a sense of time for an IoT device presents challenges that are not common for many other types of devices. For instance, computers in an office (e.g., enterprise) environment typically establish a sense of time by communicating with multiple servers and running relatively complex timing clients to filter through erroneous time measurements and compromised service. However, IoT devices typically do not have access to multiple servers and complex timing clients, which may leave the IoT devices more vulnerable to tampering and attack. A variety of techniques have been proposed for establishing a sense of time for an IoT device. However, each such technique has its limitations, and those limitations may become more apparent as the IoT device is operated across a variety of geographic, network, and radio frequency (RF) conditions. In one example, the sense of time is established by synchronizing an internal clock of the IoT device with an internal clock of other IoT device(s) using a network time protocol (NTP). However, techniques that utilize NTP (i.e., NTP techniques) often are characterized by relatively low robustness and security and relatively high power consumption. For instance, utilizing NTP through network security layers may be relatively complex and error prone. Moreover, instability of the NTP techniques may result in an IoT device or an entire fleet of IoT devices being untrusted and unconnected for a relatively long period of time. In another example, the sense of time is established using a battery-powered real time clock (RTC) that is installed physically into the IoT device. However, techniques that utilize a RTC (i.e., RTC techniques) often are relatively expensive. Accordingly, the RTC techniques typically are not used in low-cost, prolific IoT devices. SUMMARY It may be desirable to establish a sense of time for an Internet-of-things (IoT) device in a manner that addresses the robustness, security, and power-consumption concerns associated with NTP techniques and the cost concerns associated with RTC techniques. By utilizing a timestamp received from a security service (e.g., a cloud-based security service) via a secure connection (e.g., a hypertext transfer protocol secure (HTTPS) connection), the sense of time may be established in a robust, secure, power-sensitive, and cost-effective manner. A security service is a service that provides security features with regard to an IoT device. The security features enable the IoT device to perform security operations. Examples of a security operation include compartmentalizing data and/or code, securing data in use and/or at rest, authentication of the IoT device to a computing device or service (e.g., the security service), authenticating a computing device or service to the IoT device, and establishing a secure connection between the IoT device and a computing device or service. Examples of a security service include an Azure Sphere® security service (a.k.a. “AS3”), developed and distributed by Microsoft Corporation; an impSecure™ security service, developed and distributed by Electric Imp Incorporated; and a Vigishield Secure By Design™ security service, developed and distributed by Timesys Inc. Moreover, the sense of time may be established without a need for additional network firewall rules and/or configurations in network equipment. Various approaches are described herein for, among other things, establishing a value of an internal clock of an IoT device based at least on (e.g., in response to or as a result of) a timestamp received from a security service via a secure connection. In an example approach, the IoT device is booted up by setting a time value associated with an internal clock of the IoT device to a default time value. The time value associated with the internal clock of the IoT device is reset from the default time value to an updated time value that is received from a trusted time source. A secure connection is established between the IoT device and the security service by authenticating the IoT device to the security service based at least on the updated time value being included in a designated time range indicated by a service-granted certificate that is granted by the security service. A first timestamp is received by the IoT device from the security service via the secure connection. The time value associated with the internal clock of the IoT device is reset from the updated time value to a second updated time value that is based at least