Toward Green Access Management for IoT Environments Using eBPF

With IoT (Internet of Things) becoming more common and widely used, users’ data is getting more exposed to different networks. One of the challenges raised by this situation is to keep the data safe while delivering it to the intended consumers over the network without any security issues. Using firewalls to control access to the data within or across the network can be a reasonable solution. However, traditional firewalls require a large amount of processing power; thus, they consume a lot of energy. A significant portion of the power is used to copy the packets between different environments and allocate various resources to the packets. In this paper, we use eBPF to create a firewall that processes packets as low as possible in the network stack. This eliminates the need to copy packets multiple times for dropped or redirected packets. We also provide comparisons between traditional firewalls like iptables and an eBPF-based firewall in terms of consumed energy and time. We also discuss why eBPF-based firewalls are more suitable when it comes to IoT.

Details