SlideShare une entreprise Scribd logo

Security in the Internet of Things

ForgeRock
ForgeRock

Security in the Internet Of Things. Every IoT project must be designed with security in mind. Identity Relationship Management is a must for a successful IoT implementation.

Technologie
1  sur  24
Télécharger pour lire hors ligne
Security IN the Internet of Things Victor Ake Victor.Ake@ForgeRock.com CTO Office/Co-Founder
2 About me ! 26 years experience in the IT Industry. ! As a System Engineer, Networking, Security, Identity Relationship Management. Ericsson, IBM, 3Com, Sun Microsystems, ForgeRock ! Co-Founder of FORGEROCK ! CTO Office http://www.forgerock.com
3 World Wide Web Mobile Internet Internet of things Image Source: Kelsey Austin. https://www.flickr.com/photos/kelseyrage/15362515989
4 Despite the wave Information is the common key deliverable Telemetry (Health, Rockets, Energy, Aviation, etc) Device Identification Sensed Information Metered information Forget the HONEY! Source: Meadows R (2012) Understanding the Flight of the Bumblebee. PLoS Biol 10(9)
5 Increasing Amount OF Security, Privacy & Safety Concerns
6 Top barriers to iot and m2m adoption Source: Infonetics, January 2014.
7 Security and privacy Data in Transit Data Access ACCESS Access Data Things MOBILE/ gateway CLOUD ENterprise Data Data ACCESS
8 challenges Low friction human interaction Unique device identification Device Authenticity Device-user association Nature of the data Security vs Comfort / RISK vs REWARD Image Source: Sharkawi Che Din. https://www.flickr.com/photos/sharkawi3d/15374262331/
9 More challenges Limited encryption capabilities Limited resources (RAM/ROM) Limited clock synchronization Firmware must be upgraded from time to time Image Soruce: Massimo Piccoli. https://www.flickr.com/photos/massimo_piccoli/12680390774/
10 IoT security design rules " Build Security in, it can not be added later " Keep security mechanisms simple " Use existing standards " Obscurity does not provide security Image source: http://cdn.blickers.com/wp-content/uploads/2013/12/Leonardo-da-vinci2.jpg
11 IoT security design rules " Encrypt sensitive data at rest and in transit " Use well-studied cryptographic building blocks " Identity and Access Management must be part of the design " Develop a realistic threat model Image source: http://cdn.blickers.com/wp-content/uploads/2013/12/Leonardo-da-vinci2.jpg
12 Common Security Issues
13 secure Web, Mobile and Cloud Interface " Do not allow default credentials " Assume device accessed Internally and Externally " Credentials should not be stored in plain text nor travel in unencrypted channels " Protect against account enumeration & implement account lockout " Protect against XSS, CSRF, SQLi " Implement an IAM/IRM system
14 Implement an IAM/IRM System Identity creation, Authentication & Authorization
15 Provisioning Device Identity IDM System I’m an Authentic device I’m unique (D) Verify authenticity Register me and registers device PKI (SE)
Register user, AuthN, claim ownership 16 Register me I own device D I allow device D to send data on my behalf to service S1 for 1 day Verify identity of user, Register user, Authenticate user Proof possession of Device Create Relationship User-device Generates OAuth2 Token Provision Refresh and Access Token to device Authenticate Store R & A Tokens AM System PKI (SE)
17 Device send data on behalf of user AM System Send Data (OAuth2 Token) Verify Device, OAuth2 Access Token validity and Scope (authorization) PKI (SE) Refresh Token Associate data to Alice …. Token expired Negotiate new Access token Store A.Token New Access Token
18 User shares data, revokes tokens AM with UMA System Authenticate I want to Share my data with My Insurance Company …. Lost my device Revoke token HTTP, MQTT, SASL PKI (SE)
19 Network Services " Ensure only necessary ports are open " Ensure services are not vulnerable to buffer overflow and fuzzing attacks " Ensure services are not vulnerable to DoS attacks
20 Transport encryption " Ensure data and credentials are encrypted while in transit " Use secure encrypted channels " Use good key lengths and good algorithms (Elliptic Curve provides efficient encrypting) " Protect against replay attacks
21 Privacy as part of the design " Collect only the minimum necessary data for the functionality of the device " Ensure any sensitive data collected is properly protected with encryption " Ensure the device properly protects personal data Photo Source: Brian M (OCDBri): https://www.flickr.com/photos/ocdbri/14438661513
22 Software/Firmware " Ensure your firmware does not contain hardcoded credentials or sensitive data " Use a secure channel to transmit the firmware during upgrades " Ensure the update is signed and verified before allowing the update " Do not send the public key with the firmware, use a hash " Ensure your SVN/GIT repositories do not contain the private keys
23 Physical Security " Ensure physical access to your device is controlled " Accessible USB or SD ports can be a weakness " Can it be easily disassembled to access the internal storage (RAM/ROM) " If local data is sensitive, consider encrypting the data Image Source: http://conflictresearchgroupintl.com/wp-content/uploads/2014/03/How-to-Look-Like-a-Bouncer1.jpg
24 Thank You! Security in the Internet of Things FORGEROCK.COM | LEGAL INFORMATION Victor Ake Victor.Ake@ForgeRock.com CTO Office

Recommandé

A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTgr9293
 
IoT ecosystem
IoT ecosystemIoT ecosystem
IoT ecosystemMd. Shamsul Haque
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
Iot Security
Iot SecurityIot Security
Iot SecurityMAITREYA MISRA
 

Recommandé

A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTUniversity of Ontario Institute of Technology (UOIT)
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTgr9293
 
IoT ecosystem
IoT ecosystemIoT ecosystem
IoT ecosystemMd. Shamsul Haque
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
Iot Security
Iot SecurityIot Security
Iot SecurityMAITREYA MISRA
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
Iot(security)
Iot(security)Iot(security)
Iot(security)Shreya Pohekar
 
IoT Security
IoT SecurityIoT Security
IoT SecurityNarudom Roongsiriwong, CISSP
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Introduction to internet of things
Introduction to internet of thingsIntroduction to internet of things
Introduction to internet of thingsBhargavi Padmaraju
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of thingssreelekha appakondappagari
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTSKS
 
Internet of things - challenges scopes and solutions
Internet of things - challenges scopes and solutionsInternet of things - challenges scopes and solutions
Internet of things - challenges scopes and solutionsShivam Kumar
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
Internet of things
Internet of thingsInternet of things
Internet of thingsNaiyer Khan
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Machine Learning and Internet of Things
Machine Learning and Internet of ThingsMachine Learning and Internet of Things
Machine Learning and Internet of ThingsSofian Hadiwijaya
 
Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)3G4G
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network SecurityInformation Technology
 
The Current and Future State of Internet of Things: Unveiling the Opportunities
The Current and Future State of Internet of Things: Unveiling the OpportunitiesThe Current and Future State of Internet of Things: Unveiling the Opportunities
The Current and Future State of Internet of Things: Unveiling the OpportunitiesGoutama Bachtiar
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issuesAnastasios Economides
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 

Contenu connexe

Tendances

Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 Tonex
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Introduction to internet of things
Introduction to internet of thingsIntroduction to internet of things
Introduction to internet of thingsBhargavi Padmaraju
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTSKS
 
Internet of things - challenges scopes and solutions
Internet of things - challenges scopes and solutionsInternet of things - challenges scopes and solutions
Internet of things - challenges scopes and solutionsShivam Kumar
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
Internet of things
Internet of thingsInternet of things
Internet of thingsNaiyer Khan
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Machine Learning and Internet of Things
Machine Learning and Internet of ThingsMachine Learning and Internet of Things
Machine Learning and Internet of ThingsSofian Hadiwijaya
 
Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)3G4G
 
The Current and Future State of Internet of Things: Unveiling the Opportunities
The Current and Future State of Internet of Things: Unveiling the OpportunitiesThe Current and Future State of Internet of Things: Unveiling the Opportunities
The Current and Future State of Internet of Things: Unveiling the OpportunitiesGoutama Bachtiar
 

Tendances (20)

Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITY
 
IoT security
IoT securityIoT security
IoT security
 
IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019 IoT Security Training, IoT Security Awareness 2019
IoT Security Training, IoT Security Awareness 2019
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Introduction to internet of things
Introduction to internet of thingsIntroduction to internet of things
Introduction to internet of things
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
 
Internet of things - challenges scopes and solutions
Internet of things - challenges scopes and solutionsInternet of things - challenges scopes and solutions
Internet of things - challenges scopes and solutions
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
 
Internet of things
Internet of thingsInternet of things
Internet of things
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Machine Learning and Internet of Things
Machine Learning and Internet of ThingsMachine Learning and Internet of Things
Machine Learning and Internet of Things
 
Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)Beginners: What is Industrial IoT (IIoT)
Beginners: What is Industrial IoT (IIoT)
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
The Current and Future State of Internet of Things: Unveiling the Opportunities
The Current and Future State of Internet of Things: Unveiling the OpportunitiesThe Current and Future State of Internet of Things: Unveiling the Opportunities
The Current and Future State of Internet of Things: Unveiling the Opportunities
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
 

En vedette

Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
TOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsTOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsChromeInfo Technologies
 
Internet of Things and Security challenges
Internet of Things and Security challengesInternet of Things and Security challenges
Internet of Things and Security challengesAnastasios Economides
 
Internet of Things: Challenges and Issues
Internet of Things: Challenges and IssuesInternet of Things: Challenges and Issues
Internet of Things: Challenges and Issuesrjain51
 
When IoT Meets Artificial Intelligence
When IoT Meets Artificial Intelligence When IoT Meets Artificial Intelligence
When IoT Meets Artificial IntelligenceVeselin Pizurica
 
Artificial intelligence and IoT
Artificial intelligence and IoTArtificial intelligence and IoT
Artificial intelligence and IoTVeselin Pizurica
 
AI is the Catalyst of IoT
AI is the Catalyst of IoTAI is the Catalyst of IoT
AI is the Catalyst of IoTAhmed Banafa
 
IoT + Big Data + Cloud + AI Integration Strategy Insights from Patents
IoT + Big Data + Cloud + AI Integration Strategy Insights from PatentsIoT + Big Data + Cloud + AI Integration Strategy Insights from Patents
IoT + Big Data + Cloud + AI Integration Strategy Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
Innovation with AWS: IoT, Robotics and AI
Innovation with AWS: IoT, Robotics and AIInnovation with AWS: IoT, Robotics and AI
Innovation with AWS: IoT, Robotics and AIAmazon Web Services
 
Why the Internet of Things needs AI & interoperability to succeed
Why the Internet of Things needs AI & interoperability to succeedWhy the Internet of Things needs AI & interoperability to succeed
Why the Internet of Things needs AI & interoperability to succeedNuance Communications
 
IoT Cloud architecture
IoT Cloud architectureIoT Cloud architecture
IoT Cloud architectureMachinePulse
 
cloud security using Fog Computing
cloud security using Fog Computingcloud security using Fog Computing
cloud security using Fog Computingarchana lisbon
 
Fog computing
Fog computingFog computing
Fog computingAnkit_ap
 

En vedette (20)

Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT security
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
 
TOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsTOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of Things
 
Internet of Things and Security challenges
Internet of Things and Security challengesInternet of Things and Security challenges
Internet of Things and Security challenges
 
The Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security IssuesThe Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security Issues
 
Internet of Things: Challenges and Issues
Internet of Things: Challenges and IssuesInternet of Things: Challenges and Issues
Internet of Things: Challenges and Issues
 
When IoT Meets Artificial Intelligence
When IoT Meets Artificial Intelligence When IoT Meets Artificial Intelligence
When IoT Meets Artificial Intelligence
 
Artificial intelligence and IoT
Artificial intelligence and IoTArtificial intelligence and IoT
Artificial intelligence and IoT
 
AI is the Catalyst of IoT
AI is the Catalyst of IoTAI is the Catalyst of IoT
AI is the Catalyst of IoT
 
How AI connect dots for IoT
How AI connect dots for IoTHow AI connect dots for IoT
How AI connect dots for IoT
 
Understanding the Internet of Things Protocols
Understanding the Internet of Things ProtocolsUnderstanding the Internet of Things Protocols
Understanding the Internet of Things Protocols
 
IoT + Big Data + Cloud + AI Integration Strategy Insights from Patents
IoT + Big Data + Cloud + AI Integration Strategy Insights from PatentsIoT + Big Data + Cloud + AI Integration Strategy Insights from Patents
IoT + Big Data + Cloud + AI Integration Strategy Insights from Patents
 
Innovation with AWS: IoT, Robotics and AI
Innovation with AWS: IoT, Robotics and AIInnovation with AWS: IoT, Robotics and AI
Innovation with AWS: IoT, Robotics and AI
 
Why the Internet of Things needs AI & interoperability to succeed
Why the Internet of Things needs AI & interoperability to succeedWhy the Internet of Things needs AI & interoperability to succeed
Why the Internet of Things needs AI & interoperability to succeed
 
IoT Cloud architecture
IoT Cloud architectureIoT Cloud architecture
IoT Cloud architecture
 
Face detection issues
Face detection issuesFace detection issues
Face detection issues
 
cloud security using Fog Computing
cloud security using Fog Computingcloud security using Fog Computing
cloud security using Fog Computing
 
Latest Thesis Topics for Fog computing
Latest Thesis Topics for Fog computingLatest Thesis Topics for Fog computing
Latest Thesis Topics for Fog computing
 
Fog computing
Fog computingFog computing
Fog computing
 

Similaire à Security in the Internet of Things

SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platformSFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platformSouth Tyrol Free Software Conference
 
Big data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursBig data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursDilum Bandara
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantVladimir Jirasek
 
Health Information Privacy and Security (October 30, 2019)
Health Information Privacy and Security (October 30, 2019)Health Information Privacy and Security (October 30, 2019)
Health Information Privacy and Security (October 30, 2019)Nawanan Theera-Ampornpunt
 
Mobile security
Mobile securityMobile security
Mobile securityStefaan
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatDuo Security
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Managementipspat
 
Using Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsUsing Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloudUlf Mattsson
 
Tokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and ComplianceTokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and ComplianceUlf Mattsson
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsMaxim Salnikov
 
Enterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesEnterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesHakan Yüksel
 
Building Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesJavier González
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of securitySejahtera Affif
 
Security testing of mobile applications
Security testing of mobile applicationsSecurity testing of mobile applications
Security testing of mobile applicationsGTestClub
 

Similaire à Security in the Internet of Things (20)

IoT-Device-Security.pptx
IoT-Device-Security.pptxIoT-Device-Security.pptx
IoT-Device-Security.pptx
 
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platformSFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
SFScon 21 - Stefano Della Valle - The role of DLTs in advanced IoT platform
 
Big data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is YoursBig data, Security, or Privacy in IoT: Choice is Yours
Big data, Security, or Privacy in IoT: Choice is Yours
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
 
Health Information Privacy and Security (October 30, 2019)
Health Information Privacy and Security (October 30, 2019)Health Information Privacy and Security (October 30, 2019)
Health Information Privacy and Security (October 30, 2019)
 
INT 1010 05-1.pdf
INT 1010 05-1.pdfINT 1010 05-1.pdf
INT 1010 05-1.pdf
 
itmsday2.pptx
itmsday2.pptxitmsday2.pptx
itmsday2.pptx
 
Mobile security
Mobile securityMobile security
Mobile security
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
 
Using Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsUsing Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced Threats
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
 
Tokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and ComplianceTokenization on the Node - Data Protection for Security and Compliance
Tokenization on the Node - Data Protection for Security and Compliance
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
 
Enterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesEnterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security Cases
 
Building Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal Devices
 
Untitled 1
Untitled 1Untitled 1
Untitled 1
 
Cscu module 01 foundations of security
Cscu module 01 foundations of securityCscu module 01 foundations of security
Cscu module 01 foundations of security
 
Security testing of mobile applications
Security testing of mobile applicationsSecurity testing of mobile applications
Security testing of mobile applications
 

Plus de ForgeRock

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationForgeRock
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmForgeRock
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyForgeRock
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication ForgeRock
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyForgeRock
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewForgeRock
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)ForgeRock
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...ForgeRock
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)ForgeRock
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...ForgeRock
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...ForgeRock
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...ForgeRock
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)ForgeRock
 

Plus de ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 

Dernier

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 

Dernier (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 

Security in the Internet of Things

  • 1. Security IN the Internet of Things Victor Ake Victor.Ake@ForgeRock.com CTO Office/Co-Founder
  • 2. 2 About me ! 26 years experience in the IT Industry. ! As a System Engineer, Networking, Security, Identity Relationship Management. Ericsson, IBM, 3Com, Sun Microsystems, ForgeRock ! Co-Founder of FORGEROCK ! CTO Office http://www.forgerock.com
  • 3. 3 World Wide Web Mobile Internet Internet of things Image Source: Kelsey Austin. https://www.flickr.com/photos/kelseyrage/15362515989
  • 4. 4 Despite the wave Information is the common key deliverable Telemetry (Health, Rockets, Energy, Aviation, etc) Device Identification Sensed Information Metered information Forget the HONEY! Source: Meadows R (2012) Understanding the Flight of the Bumblebee. PLoS Biol 10(9)
  • 5. 5 Increasing Amount OF Security, Privacy & Safety Concerns
  • 6. 6 Top barriers to iot and m2m adoption Source: Infonetics, January 2014.
  • 7. 7 Security and privacy Data in Transit Data Access ACCESS Access Data Things MOBILE/ gateway CLOUD ENterprise Data Data ACCESS
  • 8. 8 challenges Low friction human interaction Unique device identification Device Authenticity Device-user association Nature of the data Security vs Comfort / RISK vs REWARD Image Source: Sharkawi Che Din. https://www.flickr.com/photos/sharkawi3d/15374262331/
  • 9. 9 More challenges Limited encryption capabilities Limited resources (RAM/ROM) Limited clock synchronization Firmware must be upgraded from time to time Image Soruce: Massimo Piccoli. https://www.flickr.com/photos/massimo_piccoli/12680390774/
  • 10. 10 IoT security design rules " Build Security in, it can not be added later " Keep security mechanisms simple " Use existing standards " Obscurity does not provide security Image source: http://cdn.blickers.com/wp-content/uploads/2013/12/Leonardo-da-vinci2.jpg
  • 11. 11 IoT security design rules " Encrypt sensitive data at rest and in transit " Use well-studied cryptographic building blocks " Identity and Access Management must be part of the design " Develop a realistic threat model Image source: http://cdn.blickers.com/wp-content/uploads/2013/12/Leonardo-da-vinci2.jpg
  • 13. 13 secure Web, Mobile and Cloud Interface " Do not allow default credentials " Assume device accessed Internally and Externally " Credentials should not be stored in plain text nor travel in unencrypted channels " Protect against account enumeration & implement account lockout " Protect against XSS, CSRF, SQLi " Implement an IAM/IRM system
  • 14. 14 Implement an IAM/IRM System Identity creation, Authentication & Authorization
  • 15. 15 Provisioning Device Identity IDM System I’m an Authentic device I’m unique (D) Verify authenticity Register me and registers device PKI (SE)
  • 16. Register user, AuthN, claim ownership 16 Register me I own device D I allow device D to send data on my behalf to service S1 for 1 day Verify identity of user, Register user, Authenticate user Proof possession of Device Create Relationship User-device Generates OAuth2 Token Provision Refresh and Access Token to device Authenticate Store R & A Tokens AM System PKI (SE)
  • 17. 17 Device send data on behalf of user AM System Send Data (OAuth2 Token) Verify Device, OAuth2 Access Token validity and Scope (authorization) PKI (SE) Refresh Token Associate data to Alice …. Token expired Negotiate new Access token Store A.Token New Access Token
  • 18. 18 User shares data, revokes tokens AM with UMA System Authenticate I want to Share my data with My Insurance Company …. Lost my device Revoke token HTTP, MQTT, SASL PKI (SE)
  • 19. 19 Network Services " Ensure only necessary ports are open " Ensure services are not vulnerable to buffer overflow and fuzzing attacks " Ensure services are not vulnerable to DoS attacks
  • 20. 20 Transport encryption " Ensure data and credentials are encrypted while in transit " Use secure encrypted channels " Use good key lengths and good algorithms (Elliptic Curve provides efficient encrypting) " Protect against replay attacks
  • 21. 21 Privacy as part of the design " Collect only the minimum necessary data for the functionality of the device " Ensure any sensitive data collected is properly protected with encryption " Ensure the device properly protects personal data Photo Source: Brian M (OCDBri): https://www.flickr.com/photos/ocdbri/14438661513
  • 22. 22 Software/Firmware " Ensure your firmware does not contain hardcoded credentials or sensitive data " Use a secure channel to transmit the firmware during upgrades " Ensure the update is signed and verified before allowing the update " Do not send the public key with the firmware, use a hash " Ensure your SVN/GIT repositories do not contain the private keys
  • 23. 23 Physical Security " Ensure physical access to your device is controlled " Accessible USB or SD ports can be a weakness " Can it be easily disassembled to access the internal storage (RAM/ROM) " If local data is sensitive, consider encrypting the data Image Source: http://conflictresearchgroupintl.com/wp-content/uploads/2014/03/How-to-Look-Like-a-Bouncer1.jpg
  • 24. 24 Thank You! Security in the Internet of Things FORGEROCK.COM | LEGAL INFORMATION Victor Ake Victor.Ake@ForgeRock.com CTO Office