SlideShare a Scribd company logo

IoT Meets Security

Samsung Open Source Group
Samsung Open Source Group

Habib Virji covers how IoTivity handles security in order to meet the needs of modern technology.

Software
1 of 32
Download to read offline
1Samsung Open Source Group IoT meets Security Habib Virji habib.virji@samsung.com Samsung Open Source Group Samsung Research, UK LinuxCon Europe 2015 Dublin, Ireland, October 5 – 7, 2015
2Samsung Open Source Group Agenda  Need for IoT Security  Overview of IoTivity  Device Security – Onboarding – Provisioning – Software Resource Manager – Hardware Hardening  Connectivity – Local – Remote  Privacy
3Samsung Open Source Group Need for IoT Security  IoT device to be around 26 billion by 2020 [1]  Increase in IoT device require strong security.  Lots of issues still in current IoT devices:[4] – 80% of devices had privacy issues. – 70% of devices used unencrypted network. – 90% of device collected personal information. – 70% of device along with their cloud enable attacker to identify valid user account using account renumeration.  Need for IoT devices to have device, network and privacy concerns addressed.
4Samsung Open Source Group IoTivity Overview  IoTivity is Linux Foundation project to implement the OIC standard. – OIC is an industry consortium to define a IoT (Internet of Things) standard and certification. – IoTivity implementation is happening in parallel.  Discovery of device is done by looking for a RESTful interface using multicast communication.  Communication is done using: – CoAP (Constrained Application Protocol) over UDP in local scenarios. – XMPP is used in remote scenarios.  Support for multiple OSs platforms – Tizen, Android, Linux, Arduino, etc.
5 OIC Server Samsung Open Source Group Resource Model  Discovery  Control resource  Observe Status: On/Of Dimming: 0-100 Resource Property: rt=oic.light (Type) ra=192.168.1.1/a/light (Address) obs=1 (Observable) acl=oic/sec/acl/1 (Access Control) Resource Attributes: { “status” : on “dimming” : 35 } Discover Connect & ControlOIC Client Resource
7Samsung Open Source Group IoTivity Security  Protection of resources.  Three step in the security mechanism – Connectivity. – Secure channel. – Privacy permission.  Device needs to be onboarded and provisioned. Discover Connect & ControlOIC Client OIC Server Resource Access Control
8Samsung Open Source Group Device Security
9 Use Case: Device Provisioning LAN Network (Home) LAN Network (Home) Home Gateway Smart Device CloudCloud IP Camera (Thin Device) Smart Device
10 OWASP Device Security Risks  Physical – Poor physical security  Software – Insecure cloud interface – Insecure mobile interfaces – Insufficient security configuration – Insecure software/firmware
11Samsung Open Source Group Onboarding  Establishes device ownership. – Device becomes part of the user network. – Device cannot onboard other device ownership.  It is a two step process: – Isolated secure communication between physical device and onboarding tool (OBT). – Then it assigns ownership key and second carrier key  Onboarding relies on ownership transfer protocol. – Ownership credential (OC) establishes OBT and device communication and authenticate each other.  Ownership protocols – Just Work – Random PIN – Asymmetric (Certificate)
12Samsung Open Source Group © SAMSUNG Electronics Co. Ownership Transfer – Just Works Onboarding Tool Enrolling DeviceOnboarding Tool Ownership Transfer Start GET /oic/sec/doxm?Owned=”False” RSP [{“OxmType”: “oic.sec.doxm.jw”, “DeviceId”: “UUID”}] Discovery Preparing for Ownership transfer using Just Works Set Ownership transfer Method PUT /oic/sec/doxm [{“OxmSel”: “oic.sec.doxm.jw”}] RSP 2.04 SRM enables TLS_ECDH_anon_WITH_AES_12SHA256 cipher suite DTLS Connection PUT /oic/sec/doxm [{“Owned”: “T”, “Owner”: “Admin0””}] RSP 2.04 Ownership Transfer Stops
13Samsung Open Source Group © SAMSUNG Electronics Co. Ownership Transfer – Random PIN Onboarding Tool Enrolling DeviceOnboarding Tool Ownership Transfer Start GET /oic/sec/doxm?Owned=”False” RSP [{“OxmType”: “oic.sec.doxm.rdp”, “DeviceId”: “UUID”}] Discovery Preparing for Ownership transfer using Random PIN Set Ownership transfer Method PUT /oic/sec/doxm [{“OxmSel”: “oic.sec.doxm.rdp”}] RSP 2.04 SRM enables TLS_ECDHE_PSK_WITH_AES_128_CBC_SH A256 cipher suite DTLS Connection PUT /oic/sec/doxm [{“Owned”: “T”, “Owner”: “Admin0””}] RSP 2.04 Ownership Transfer Stops
14Samsung Open Source Group © SAMSUNG Electronics Co. Owner transfer protocol - Asymmetric certificate  Minimum certificate size (292 bytes) and minimal parser.  Certificate generated with signed certificate and asymmetric key pair. – OBT binary app signed trusted CA to communicate with above certificate. – Device and OBT authenticate each other using ECDSA. – Authenticate successful then link exchange over ECDH. Root CA Manufacturer1 CA Manufacturer2 CA Gateway Sub CA Manufacturer1 Dev Sub-CA Manufacturer1 Dev Sub-CA2 M1 Dev Cert M1 Dev Cert Manufacturer2 Dev Cert
15Samsung Open Source Group © SAMSUNG Electronics Co. 8 Onboarding Tool Enrolling DeviceOnboarding Tool Ownership Transfer Start GET /oic/sec/doxm?Owned=”False” RSP [{“OxmType”: “oic.sec.doxm.mfgcert”, “DeviceId”: “UUID”}] Discovery Preparing for Ownership transfer using Certificate Set Ownership transfer Method PUT /oic/sec/doxm [{“OxmSel”: “oic.sec.doxm.mfgcert”}] RSP 2.04 SRM enables TLS_ECDHE_ECDSA_WITH_AES_128_CCM_ 8_SHA256 cipher suite DTLS Connection POST /oic/sec/doxm [{“credid”: “..”, “sub”: “..”, “credType”: “8”, “pdbdata”: “device and CA in base 64”, “pvdata”: {“x”: “x position of elliptic curve in base 64”, “y”: “y position of elliptic curve in base 64”, “ownrs”: “” }}] RSP 2.04 Ownership Transfer Stops Owner transfer protocol - Asymmetric certificate
16Samsung Open Source Group © SAMSUNG Electronics Co. Provisioning  Credential are transferred from OBT to device.  Device needs to engage with bootstrap server to provision – Client directed: Client update server is in need of provisioning. – Server directed: Server self checks if it is provisioned.  Proper security credential and parameters.  Parameters include: – Security credentials through credential management service. – Access control policies and ACL – Devices are self aware about security provision status.
17Samsung Open Source Group © SAMSUNG Electronics Co. Provisioning 8 Onboarding Tool Enrolling DeviceOnboarding Tool ACL Provisioning Start GET /oic/sec/pstat RSP [{“IsOp”: “False”, “Sm”: “0x11”}] Status Client Mode PUT /oic/sec/pstat [{“Om”: “0x11”}] RSP 2.04 RSP 2.04 ACL Provisioning Stop DTLS with Owner PSK RSP 2.04 RSP 2.04
18Samsung Open Source Group © SAMSUNG Electronics Co. Secure Resource Manager (SRM)  Management of the secure virtual resource and ACL [3]. Secure Resource Manager Layer Resource Manager (RM) Persistent Storage interface Policy Engine (PE) Connection Abstraction (CA) Layer DTLS Module Resource Introspection (RI) Layer Application Secure Virtual Resource Database
19Samsung Open Source Group Hardware Hardening  Secure storage is to provided using encryption and hardware security.  Secure execution environment: – Secure storage – Secure execution engine – Trusted I/O paths – Secure Time Source/Clock – Random number generator – Cryptographic algorithm – Hardware tampering
20Samsung Open Source Group Connectivity
21 Use Case: Local and Remote Network Connectivity Smoke & Carbon Monoxide Detector Smart Locks Smart Lights LAN Network (Home) LAN Network (Home) Home Gateway Smart Device CloudCloud Smart Device
22 OWASP Network Security Risks ● Insecure network services ● Lack of transport encryption ● Insecure web interface ● Insufficient authentication/authorization
23Samsung Open Source Group Secure Connectivity  DTLS to provide packet by packet protection.  OIC client and server communication should be protected using – Eavesdropping – Message replay – Tampering  Device authentication – Client verifies server using device id – Client if it has match sends server message – Server verifies message exchange dtls_write dtls_handle_message tinyDTLS tinyDTLS IoTivity
24Samsung Open Source Group Low End Device Secure Connectivity ● Low end device uses extension of DTLS handshake to establish session keys. ● Based on Diffie-Hellman key agreement. ● Can be used in owner transfer protocol to establish keys. ● Breaks down further DTLS handshake to ease smaller packet transfer and fragmented PDU. – 6 way message protocol instead of 3 message. tinyDTLS
25Samsung Open Source Group Remote connectivity  OIC device communicate with XMPP server – Authenticates using XMPP roster credential  Device identified using JID – Server: me@mydomain.com/oic/1.0/oic.d.light/FFFFDDDD- YYYY-4567-JADE-123456789A123 – Client: me@mydomain.com/oic/1.0/client/FFFFDDDD-YYYY- 4567-JADE-123456789A123  Remote XMPP server and OIC server have secure connection.  Inband bytestream is used between XMPP and OIC server.
26Samsung Open Source Group Privacy
27 Use Case: Controlling Access Wife's Tablet LAN Network (Home) LAN Network (Home) Child 2 Room Child 1 Room X
28Samsung Open Source Group Privacy  Protects resources at the OIC server.  ACL are defined via ACE (access control entities).  Every resource should have an ACE.  ACE are stored either locally or remotely on Access manager server (AMS).  ACL needs to be secure stored and partitioned between logical OIC servers.  Access control levels is per group, device, resource or properties.
29Samsung Open Source Group Local Access Control Is light open? Request Accept Response Turn Light Off Request Reject Response acl[0] acl[0]
30 Remote Access Control Samsung Open Source Group Is light open? Request Accept Response Turn Light Off Request Reject Response Request amacl[0] amacl[0] Request AMS1 AMS1 Response Response
31Samsung Open Source Group © SAMSUNG Electronics Co. Conclusion  IoTivity addresses majority of the OWASP issues.  OIC provides following security functionality: – Onboarding mechanism to get device securely in user network – Policies control who can read/write on to the device. – Secure connectivity between device.  Hardening mechanism suggested.  SRM includes security functionality.
32Samsung Open Source Group © SAMSUNG Electronics Co. References  [1] http://www.gartner.com/newsroom/id/2636073  [2] https://www.owasp.org/images/8/8e/Infographic-v1.jpg  [3] https://wiki.iotivity.org/iotivity_security  [4] http://www8.hp.com/h20195/V2/GetPDF.aspx/4AA5-4759ENW.pdf 
33Samsung Open Source Group Thank You!

Recommended

IoTivity Tutorial: Prototyping IoT Devices on GNU/Linux
IoTivity Tutorial: Prototyping IoT Devices on GNU/LinuxIoTivity Tutorial: Prototyping IoT Devices on GNU/Linux
IoTivity Tutorial: Prototyping IoT Devices on GNU/LinuxSamsung Open Source Group
 
webthing-floss-iot-20180607rzr
webthing-floss-iot-20180607rzrwebthing-floss-iot-20180607rzr
webthing-floss-iot-20180607rzrPhil www.rzr.online.fr
 
Framework for IoT Interoperability
Framework for IoT InteroperabilityFramework for IoT Interoperability
Framework for IoT InteroperabilitySamsung Open Source Group
 
IoTivity for Automotive IoT Interoperability
IoTivity for Automotive IoT InteroperabilityIoTivity for Automotive IoT Interoperability
IoTivity for Automotive IoT InteroperabilitySamsung Open Source Group
 
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxPractical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxSamsung Open Source Group
 
GENIVI + OCF Cooperation
GENIVI + OCF CooperationGENIVI + OCF Cooperation
GENIVI + OCF CooperationSamsung Open Source Group
 
IoTivity: Smart Home to Automotive and Beyond
IoTivity: Smart Home to Automotive and BeyondIoTivity: Smart Home to Automotive and Beyond
IoTivity: Smart Home to Automotive and BeyondSamsung Open Source Group
 
OCF/IoTivity for Healthcare/Fitness/Wearable
OCF/IoTivity for Healthcare/Fitness/WearableOCF/IoTivity for Healthcare/Fitness/Wearable
OCF/IoTivity for Healthcare/Fitness/WearableJonathan Jeon
 

Recommended

IoTivity Tutorial: Prototyping IoT Devices on GNU/Linux
IoTivity Tutorial: Prototyping IoT Devices on GNU/LinuxIoTivity Tutorial: Prototyping IoT Devices on GNU/Linux
IoTivity Tutorial: Prototyping IoT Devices on GNU/LinuxSamsung Open Source Group
 
webthing-floss-iot-20180607rzr
webthing-floss-iot-20180607rzrwebthing-floss-iot-20180607rzr
webthing-floss-iot-20180607rzrPhil www.rzr.online.fr
 
Framework for IoT Interoperability
Framework for IoT InteroperabilityFramework for IoT Interoperability
Framework for IoT InteroperabilitySamsung Open Source Group
 
IoTivity for Automotive IoT Interoperability
IoTivity for Automotive IoT InteroperabilityIoTivity for Automotive IoT Interoperability
IoTivity for Automotive IoT InteroperabilitySamsung Open Source Group
 
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxPractical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under Linux
Practical Guide to Run an IEEE 802.15.4 Network with 6LoWPAN Under LinuxSamsung Open Source Group
 
GENIVI + OCF Cooperation
GENIVI + OCF CooperationGENIVI + OCF Cooperation
GENIVI + OCF CooperationSamsung Open Source Group
 
IoTivity: Smart Home to Automotive and Beyond
IoTivity: Smart Home to Automotive and BeyondIoTivity: Smart Home to Automotive and Beyond
IoTivity: Smart Home to Automotive and BeyondSamsung Open Source Group
 
OCF/IoTivity for Healthcare/Fitness/Wearable
OCF/IoTivity for Healthcare/Fitness/WearableOCF/IoTivity for Healthcare/Fitness/Wearable
OCF/IoTivity for Healthcare/Fitness/WearableJonathan Jeon
 
IoTivity: From Devices to the Cloud
IoTivity: From Devices to the CloudIoTivity: From Devices to the Cloud
IoTivity: From Devices to the CloudSamsung Open Source Group
 
Easy IoT with JavaScript
Easy IoT with JavaScriptEasy IoT with JavaScript
Easy IoT with JavaScriptSamsung Open Source Group
 
IoTivity for Automotive: meta-ocf-automotive tutorial
IoTivity for Automotive: meta-ocf-automotive tutorialIoTivity for Automotive: meta-ocf-automotive tutorial
IoTivity for Automotive: meta-ocf-automotive tutorialSamsung Open Source Group
 
IoT: From Arduino Microcontrollers to Tizen Products using IoTivity
IoT: From Arduino Microcontrollers to Tizen Products using IoTivityIoT: From Arduino Microcontrollers to Tizen Products using IoTivity
IoT: From Arduino Microcontrollers to Tizen Products using IoTivitySamsung Open Source Group
 
OIC AGL Collaboration
OIC AGL CollaborationOIC AGL Collaboration
OIC AGL CollaborationSamsung Open Source Group
 
Tizen Connected with IoTivity
Tizen Connected with IoTivityTizen Connected with IoTivity
Tizen Connected with IoTivitySamsung Open Source Group
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceSamsung Open Source Group
 
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...Paris Open Source Summit
 
Toward "OCF Automotive" profile
Toward "OCF Automotive" profileToward "OCF Automotive" profile
Toward "OCF Automotive" profileSamsung Open Source Group
 
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...MediaTek Labs
 
Utilisation de la plateforme virtuelle QEMU/SystemC pour l'IoT
Utilisation de la plateforme virtuelle QEMU/SystemC pour l'IoTUtilisation de la plateforme virtuelle QEMU/SystemC pour l'IoT
Utilisation de la plateforme virtuelle QEMU/SystemC pour l'IoTPôle Systematic Paris-Region
 
Introduction to the new MediaTek LinkIt™ Development Platform for RTOS
Introduction to the new MediaTek LinkIt™ Development Platform for RTOSIntroduction to the new MediaTek LinkIt™ Development Platform for RTOS
Introduction to the new MediaTek LinkIt™ Development Platform for RTOSMediaTek Labs
 
Présentation du système d'exploitation RIOT-OS
Présentation du système d'exploitation RIOT-OSPrésentation du système d'exploitation RIOT-OS
Présentation du système d'exploitation RIOT-OSPôle Systematic Paris-Region
 
MediaTek Linkit Smart 7688 Webinar
MediaTek Linkit Smart 7688 WebinarMediaTek Linkit Smart 7688 Webinar
MediaTek Linkit Smart 7688 WebinarMediaTek Labs
 
MediaTek Labs Webinar: Getting Started with LinkIt ONE
MediaTek Labs Webinar: Getting Started with LinkIt ONEMediaTek Labs Webinar: Getting Started with LinkIt ONE
MediaTek Labs Webinar: Getting Started with LinkIt ONEMediaTek Labs
 
Open Source Internet of Things 101 – EclipseCon 2016
Open Source Internet of Things 101 – EclipseCon 2016Open Source Internet of Things 101 – EclipseCon 2016
Open Source Internet of Things 101 – EclipseCon 2016Benjamin Cabé
 
Iotivity atmel-20150328rzr
Iotivity atmel-20150328rzrIotivity atmel-20150328rzr
Iotivity atmel-20150328rzrPhil www.rzr.online.fr
 
IoTivity on Tizen: How to
IoTivity on Tizen: How toIoTivity on Tizen: How to
IoTivity on Tizen: How toSamsung Open Source Group
 
Geek Pic-Nic Master Class
Geek Pic-Nic Master ClassGeek Pic-Nic Master Class
Geek Pic-Nic Master ClassMediaTek Labs
 
IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355AndrewRJamieson
 
Seminar V2
Seminar V2Seminar V2
Seminar V2Moustafa Najm
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Cyren, Inc
 

More Related Content

What's hot

IoTivity for Automotive: meta-ocf-automotive tutorial
IoTivity for Automotive: meta-ocf-automotive tutorialIoTivity for Automotive: meta-ocf-automotive tutorial
IoTivity for Automotive: meta-ocf-automotive tutorialSamsung Open Source Group
 
IoT: From Arduino Microcontrollers to Tizen Products using IoTivity
IoT: From Arduino Microcontrollers to Tizen Products using IoTivityIoT: From Arduino Microcontrollers to Tizen Products using IoTivity
IoT: From Arduino Microcontrollers to Tizen Products using IoTivitySamsung Open Source Group
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceSamsung Open Source Group
 
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...Paris Open Source Summit
 
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...MediaTek Labs
 
Utilisation de la plateforme virtuelle QEMU/SystemC pour l'IoT
Utilisation de la plateforme virtuelle QEMU/SystemC pour l'IoTUtilisation de la plateforme virtuelle QEMU/SystemC pour l'IoT
Utilisation de la plateforme virtuelle QEMU/SystemC pour l'IoTPôle Systematic Paris-Region
 
Introduction to the new MediaTek LinkIt™ Development Platform for RTOS
Introduction to the new MediaTek LinkIt™ Development Platform for RTOSIntroduction to the new MediaTek LinkIt™ Development Platform for RTOS
Introduction to the new MediaTek LinkIt™ Development Platform for RTOSMediaTek Labs
 
MediaTek Linkit Smart 7688 Webinar
MediaTek Linkit Smart 7688 WebinarMediaTek Linkit Smart 7688 Webinar
MediaTek Linkit Smart 7688 WebinarMediaTek Labs
 
MediaTek Labs Webinar: Getting Started with LinkIt ONE
MediaTek Labs Webinar: Getting Started with LinkIt ONEMediaTek Labs Webinar: Getting Started with LinkIt ONE
MediaTek Labs Webinar: Getting Started with LinkIt ONEMediaTek Labs
 
Open Source Internet of Things 101 – EclipseCon 2016
Open Source Internet of Things 101 – EclipseCon 2016Open Source Internet of Things 101 – EclipseCon 2016
Open Source Internet of Things 101 – EclipseCon 2016Benjamin Cabé
 
Geek Pic-Nic Master Class
Geek Pic-Nic Master ClassGeek Pic-Nic Master Class
Geek Pic-Nic Master ClassMediaTek Labs
 

What's hot (19)

IoTivity: From Devices to the Cloud
IoTivity: From Devices to the CloudIoTivity: From Devices to the Cloud
IoTivity: From Devices to the Cloud
 
Easy IoT with JavaScript
Easy IoT with JavaScriptEasy IoT with JavaScript
Easy IoT with JavaScript
 
IoTivity for Automotive: meta-ocf-automotive tutorial
IoTivity for Automotive: meta-ocf-automotive tutorialIoTivity for Automotive: meta-ocf-automotive tutorial
IoTivity for Automotive: meta-ocf-automotive tutorial
 
IoT: From Arduino Microcontrollers to Tizen Products using IoTivity
IoT: From Arduino Microcontrollers to Tizen Products using IoTivityIoT: From Arduino Microcontrollers to Tizen Products using IoTivity
IoT: From Arduino Microcontrollers to Tizen Products using IoTivity
 
OIC AGL Collaboration
OIC AGL CollaborationOIC AGL Collaboration
OIC AGL Collaboration
 
Tizen Connected with IoTivity
Tizen Connected with IoTivityTizen Connected with IoTivity
Tizen Connected with IoTivity
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
 
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
 
Toward "OCF Automotive" profile
Toward "OCF Automotive" profileToward "OCF Automotive" profile
Toward "OCF Automotive" profile
 
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
 
Utilisation de la plateforme virtuelle QEMU/SystemC pour l'IoT
Utilisation de la plateforme virtuelle QEMU/SystemC pour l'IoTUtilisation de la plateforme virtuelle QEMU/SystemC pour l'IoT
Utilisation de la plateforme virtuelle QEMU/SystemC pour l'IoT
 
Introduction to the new MediaTek LinkIt™ Development Platform for RTOS
Introduction to the new MediaTek LinkIt™ Development Platform for RTOSIntroduction to the new MediaTek LinkIt™ Development Platform for RTOS
Introduction to the new MediaTek LinkIt™ Development Platform for RTOS
 
Présentation du système d'exploitation RIOT-OS
Présentation du système d'exploitation RIOT-OSPrésentation du système d'exploitation RIOT-OS
Présentation du système d'exploitation RIOT-OS
 
MediaTek Linkit Smart 7688 Webinar
MediaTek Linkit Smart 7688 WebinarMediaTek Linkit Smart 7688 Webinar
MediaTek Linkit Smart 7688 Webinar
 
MediaTek Labs Webinar: Getting Started with LinkIt ONE
MediaTek Labs Webinar: Getting Started with LinkIt ONEMediaTek Labs Webinar: Getting Started with LinkIt ONE
MediaTek Labs Webinar: Getting Started with LinkIt ONE
 
Open Source Internet of Things 101 – EclipseCon 2016
Open Source Internet of Things 101 – EclipseCon 2016Open Source Internet of Things 101 – EclipseCon 2016
Open Source Internet of Things 101 – EclipseCon 2016
 
Iotivity atmel-20150328rzr
Iotivity atmel-20150328rzrIotivity atmel-20150328rzr
Iotivity atmel-20150328rzr
 
IoTivity on Tizen: How to
IoTivity on Tizen: How toIoTivity on Tizen: How to
IoTivity on Tizen: How to
 
Geek Pic-Nic Master Class
Geek Pic-Nic Master ClassGeek Pic-Nic Master Class
Geek Pic-Nic Master Class
 

Viewers also liked

IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355AndrewRJamieson
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Cyren, Inc
 
UX and Security for the IoT
UX and Security for the IoTUX and Security for the IoT
UX and Security for the IoTKevin Rohling
 
IoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamIoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamAmit Rohatgi
 
BKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T SystemsBKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T SystemsLinaro
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Ravindra Dastikop
 
SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSukumar Nayak
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoTgr9293
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson
 
A reference architecture for the internet of things
A reference architecture for the internet of thingsA reference architecture for the internet of things
A reference architecture for the internet of thingsCharles Gibbons
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay KumarOWASP Delhi
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)Ankur Pipara
 
IoT - IT 423 ppt
IoT - IT 423 pptIoT - IT 423 ppt
IoT - IT 423 pptMhae Lyn
 

Viewers also liked (20)

IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355IoT Security – It’s in the Stars! 16_9 v201605241355
IoT Security – It’s in the Stars! 16_9 v201605241355
 
Seminar V2
Seminar V2Seminar V2
Seminar V2
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
 
UX and Security for the IoT
UX and Security for the IoTUX and Security for the IoT
UX and Security for the IoT
 
IoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you SpamIoT Security Imperative: Stop your Fridge from Sending you Spam
IoT Security Imperative: Stop your Fridge from Sending you Spam
 
Internet of Things and Future Internet
Internet of Things and Future InternetInternet of Things and Future Internet
Internet of Things and Future Internet
 
CLOUDIFICATION FOR INTERNET OF THINGS - THE ROAD AHEAD
CLOUDIFICATION FOR INTERNET OF THINGS - THE ROAD AHEADCLOUDIFICATION FOR INTERNET OF THINGS - THE ROAD AHEAD
CLOUDIFICATION FOR INTERNET OF THINGS - THE ROAD AHEAD
 
BKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T SystemsBKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T Systems
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
 
Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough? Will Internet of Things (IoT) be secure enough?
Will Internet of Things (IoT) be secure enough?
 
SN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoTSN-Security Architecture for Mobile Computing and IoT
SN-Security Architecture for Mobile Computing and IoT
 
IoT and Embedded OS Lecture - Cristian Toma and George Iosif
IoT and Embedded OS Lecture - Cristian Toma and George IosifIoT and Embedded OS Lecture - Cristian Toma and George Iosif
IoT and Embedded OS Lecture - Cristian Toma and George Iosif
 
Security in IoT
Security in IoTSecurity in IoT
Security in IoT
 
Ryan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT SecurityRyan Wilson - ryanwilson.com - IoT Security
Ryan Wilson - ryanwilson.com - IoT Security
 
A reference architecture for the internet of things
A reference architecture for the internet of thingsA reference architecture for the internet of things
A reference architecture for the internet of things
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT security
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay Kumar
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)
 
IoT architecture
IoT architectureIoT architecture
IoT architecture
 
IoT - IT 423 ppt
IoT - IT 423 pptIoT - IT 423 ppt
IoT - IT 423 ppt
 

Similar to IoT Meets Security

Secure sigfox ready devices recommendation guide
Secure sigfox ready devices recommendation guideSecure sigfox ready devices recommendation guide
Secure sigfox ready devices recommendation guideSigfox
 
cisco-nti-Day20
cisco-nti-Day20cisco-nti-Day20
cisco-nti-Day20eyad alaa
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of buildingChuck Speicher
 
Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...
Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...
Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...mfrancis
 
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric VanderburgNetworking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric VanderburgEric Vanderburg
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
Data Capture in IBM WebSphere Premises Server - Aldo Eisma, IBM
Data Capture in IBM WebSphere Premises Server - Aldo Eisma, IBMData Capture in IBM WebSphere Premises Server - Aldo Eisma, IBM
Data Capture in IBM WebSphere Premises Server - Aldo Eisma, IBMmfrancis
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PROIDEA
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Zscaler
 
Securing Millions of Devices
Securing Millions of DevicesSecuring Millions of Devices
Securing Millions of DevicesKai Hudalla
 
Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Sabreen Irfana
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of buildingCharles "Chuck" Speicher Jr.
 
Security for automation in Internet of Things by using one time password
Security for automation in Internet of Things by using one time passwordSecurity for automation in Internet of Things by using one time password
Security for automation in Internet of Things by using one time passwordSHASHANK WANKHADE
 

Similar to IoT Meets Security (20)

Secure sigfox ready devices recommendation guide
Secure sigfox ready devices recommendation guideSecure sigfox ready devices recommendation guide
Secure sigfox ready devices recommendation guide
 
cisco-nti-Day20
cisco-nti-Day20cisco-nti-Day20
cisco-nti-Day20
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of building
 
Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...
Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...
Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...
 
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric VanderburgNetworking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
Networking Concepts Lesson 10 part 2 - Security Appendix - Eric Vanderburg
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 
Data Capture in IBM WebSphere Premises Server - Aldo Eisma, IBM
Data Capture in IBM WebSphere Premises Server - Aldo Eisma, IBMData Capture in IBM WebSphere Premises Server - Aldo Eisma, IBM
Data Capture in IBM WebSphere Premises Server - Aldo Eisma, IBM
 
IoT4Devs (1)
IoT4Devs (1)IoT4Devs (1)
IoT4Devs (1)
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
PLNOG15: Simplifying network deployment using Autonomic networking and Plug-a...
 
Iot Security
Iot SecurityIot Security
Iot Security
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18Ma story then_now_webcast_10_17_18
Ma story then_now_webcast_10_17_18
 
Securing Millions of Devices
Securing Millions of DevicesSecuring Millions of Devices
Securing Millions of Devices
 
Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt Data security in local network using distributed firewall ppt
Data security in local network using distributed firewall ppt
 
V P N
V P NV P N
V P N
 
Sfa community of practice a natural way of building
Sfa community of practice a natural way of buildingSfa community of practice a natural way of building
Sfa community of practice a natural way of building
 
Security for automation in Internet of Things by using one time password
Security for automation in Internet of Things by using one time passwordSecurity for automation in Internet of Things by using one time password
Security for automation in Internet of Things by using one time password
 
Cyber security
Cyber securityCyber security
Cyber security
 

More from Samsung Open Source Group

The Complex IoT Equation (and FLOSS solutions)
The Complex IoT Equation (and FLOSS solutions)The Complex IoT Equation (and FLOSS solutions)
The Complex IoT Equation (and FLOSS solutions)Samsung Open Source Group
 
Rapid SPi Device Driver Development over USB
Rapid SPi Device Driver Development over USBRapid SPi Device Driver Development over USB
Rapid SPi Device Driver Development over USBSamsung Open Source Group
 
Tizen RT: A Lightweight RTOS Platform for Low-End IoT Devices
Tizen RT: A Lightweight RTOS Platform for Low-End IoT DevicesTizen RT: A Lightweight RTOS Platform for Low-End IoT Devices
Tizen RT: A Lightweight RTOS Platform for Low-End IoT DevicesSamsung Open Source Group
 
Open Source Metrics to Inform Corporate Strategy
Open Source Metrics to Inform Corporate StrategyOpen Source Metrics to Inform Corporate Strategy
Open Source Metrics to Inform Corporate StrategySamsung Open Source Group
 
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Thin...
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Thin...JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Thin...
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Thin...Samsung Open Source Group
 
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Things
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of ThingsJerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Things
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of ThingsSamsung Open Source Group
 
Introduction to Linux-wpan and Potential Collaboration
Introduction to Linux-wpan and Potential CollaborationIntroduction to Linux-wpan and Potential Collaboration
Introduction to Linux-wpan and Potential CollaborationSamsung Open Source Group
 
IoTivity Connects RVI from GENIVI's Develoment Platform to Tizen devices
IoTivity Connects RVI from GENIVI's Develoment Platform to Tizen devicesIoTivity Connects RVI from GENIVI's Develoment Platform to Tizen devices
IoTivity Connects RVI from GENIVI's Develoment Platform to Tizen devicesSamsung Open Source Group
 

More from Samsung Open Source Group (16)

The Complex IoT Equation (and FLOSS solutions)
The Complex IoT Equation (and FLOSS solutions)The Complex IoT Equation (and FLOSS solutions)
The Complex IoT Equation (and FLOSS solutions)
 
Spawny: A New Approach to Logins
Spawny: A New Approach to LoginsSpawny: A New Approach to Logins
Spawny: A New Approach to Logins
 
Rapid SPi Device Driver Development over USB
Rapid SPi Device Driver Development over USBRapid SPi Device Driver Development over USB
Rapid SPi Device Driver Development over USB
 
Tizen RT: A Lightweight RTOS Platform for Low-End IoT Devices
Tizen RT: A Lightweight RTOS Platform for Low-End IoT DevicesTizen RT: A Lightweight RTOS Platform for Low-End IoT Devices
Tizen RT: A Lightweight RTOS Platform for Low-End IoT Devices
 
Open Source Metrics to Inform Corporate Strategy
Open Source Metrics to Inform Corporate StrategyOpen Source Metrics to Inform Corporate Strategy
Open Source Metrics to Inform Corporate Strategy
 
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Thin...
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Thin...JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Thin...
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Thin...
 
SOSCON 2016 JerryScript
SOSCON 2016 JerryScriptSOSCON 2016 JerryScript
SOSCON 2016 JerryScript
 
Run Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT NetworkRun Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT Network
 
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Things
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of ThingsJerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Things
JerryScript: An ultra-lighteweight JavaScript Engine for the Internet of Things
 
Clang: More than just a C/C++ Compiler
Clang: More than just a C/C++ CompilerClang: More than just a C/C++ Compiler
Clang: More than just a C/C++ Compiler
 
Introduction to Linux-wpan and Potential Collaboration
Introduction to Linux-wpan and Potential CollaborationIntroduction to Linux-wpan and Potential Collaboration
Introduction to Linux-wpan and Potential Collaboration
 
JerryScript on RIOT
JerryScript on RIOTJerryScript on RIOT
JerryScript on RIOT
 
Development Boards for Tizen IoT
Development Boards for Tizen IoTDevelopment Boards for Tizen IoT
Development Boards for Tizen IoT
 
IoTivity Connects RVI from GENIVI's Develoment Platform to Tizen devices
IoTivity Connects RVI from GENIVI's Develoment Platform to Tizen devicesIoTivity Connects RVI from GENIVI's Develoment Platform to Tizen devices
IoTivity Connects RVI from GENIVI's Develoment Platform to Tizen devices
 
Introduction to IoT.JS
Introduction to IoT.JSIntroduction to IoT.JS
Introduction to IoT.JS
 
6LoWPAN: An Open IoT Networking Protocol
6LoWPAN: An Open IoT Networking Protocol6LoWPAN: An Open IoT Networking Protocol
6LoWPAN: An Open IoT Networking Protocol
 

Recently uploaded

A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shardsChristopher Curtin
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecturerahul_net
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringHironori Washizaki
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxThe Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxRTS corp
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingShane Coughlan
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonApplitools
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptxVinzoCenzo
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfkalichargn70th171
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITmanoharjgpsolutions
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesKrzysztofKkol1
 
Keeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldKeeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldRoberto Pérez Alcolea
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Rob Geurden
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024Anthony Dahanne
 

Recently uploaded (20)

A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecture
 
Machine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their EngineeringMachine Learning Software Engineering Patterns and Their Engineering
Machine Learning Software Engineering Patterns and Their Engineering
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptxThe Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
The Role of IoT and Sensor Technology in Cargo Cloud Solutions.pptx
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full RecordingOpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
OpenChain Education Work Group Monthly Meeting - 2024-04-10 - Full Recording
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptx
 
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdfExploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
Exploring Selenium_Appium Frameworks for Seamless Integration with HeadSpin.pdf
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh IT
 
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilitiesAmazon Bedrock in Action - presentation of the Bedrock's capabilities
Amazon Bedrock in Action - presentation of the Bedrock's capabilities
 
Keeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository worldKeeping your build tool updated in a multi repository world
Keeping your build tool updated in a multi repository world
 
Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...Simplifying Microservices & Apps - The art of effortless development - Meetup...
Simplifying Microservices & Apps - The art of effortless development - Meetup...
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024Not a Kubernetes fan? The state of PaaS in 2024
Not a Kubernetes fan? The state of PaaS in 2024
 

IoT Meets Security

  • 1. 1Samsung Open Source Group IoT meets Security Habib Virji habib.virji@samsung.com Samsung Open Source Group Samsung Research, UK LinuxCon Europe 2015 Dublin, Ireland, October 5 – 7, 2015
  • 2. 2Samsung Open Source Group Agenda  Need for IoT Security  Overview of IoTivity  Device Security – Onboarding – Provisioning – Software Resource Manager – Hardware Hardening  Connectivity – Local – Remote  Privacy
  • 3. 3Samsung Open Source Group Need for IoT Security  IoT device to be around 26 billion by 2020 [1]  Increase in IoT device require strong security.  Lots of issues still in current IoT devices:[4] – 80% of devices had privacy issues. – 70% of devices used unencrypted network. – 90% of device collected personal information. – 70% of device along with their cloud enable attacker to identify valid user account using account renumeration.  Need for IoT devices to have device, network and privacy concerns addressed.
  • 4. 4Samsung Open Source Group IoTivity Overview  IoTivity is Linux Foundation project to implement the OIC standard. – OIC is an industry consortium to define a IoT (Internet of Things) standard and certification. – IoTivity implementation is happening in parallel.  Discovery of device is done by looking for a RESTful interface using multicast communication.  Communication is done using: – CoAP (Constrained Application Protocol) over UDP in local scenarios. – XMPP is used in remote scenarios.  Support for multiple OSs platforms – Tizen, Android, Linux, Arduino, etc.
  • 5. 5 OIC Server Samsung Open Source Group Resource Model  Discovery  Control resource  Observe Status: On/Of Dimming: 0-100 Resource Property: rt=oic.light (Type) ra=192.168.1.1/a/light (Address) obs=1 (Observable) acl=oic/sec/acl/1 (Access Control) Resource Attributes: { “status” : on “dimming” : 35 } Discover Connect & ControlOIC Client Resource
  • 6. 7Samsung Open Source Group IoTivity Security  Protection of resources.  Three step in the security mechanism – Connectivity. – Secure channel. – Privacy permission.  Device needs to be onboarded and provisioned. Discover Connect & ControlOIC Client OIC Server Resource Access Control
  • 7. 8Samsung Open Source Group Device Security
  • 8. 9 Use Case: Device Provisioning LAN Network (Home) LAN Network (Home) Home Gateway Smart Device CloudCloud IP Camera (Thin Device) Smart Device
  • 9. 10 OWASP Device Security Risks  Physical – Poor physical security  Software – Insecure cloud interface – Insecure mobile interfaces – Insufficient security configuration – Insecure software/firmware
  • 10. 11Samsung Open Source Group Onboarding  Establishes device ownership. – Device becomes part of the user network. – Device cannot onboard other device ownership.  It is a two step process: – Isolated secure communication between physical device and onboarding tool (OBT). – Then it assigns ownership key and second carrier key  Onboarding relies on ownership transfer protocol. – Ownership credential (OC) establishes OBT and device communication and authenticate each other.  Ownership protocols – Just Work – Random PIN – Asymmetric (Certificate)
  • 11. 12Samsung Open Source Group © SAMSUNG Electronics Co. Ownership Transfer – Just Works Onboarding Tool Enrolling DeviceOnboarding Tool Ownership Transfer Start GET /oic/sec/doxm?Owned=”False” RSP [{“OxmType”: “oic.sec.doxm.jw”, “DeviceId”: “UUID”}] Discovery Preparing for Ownership transfer using Just Works Set Ownership transfer Method PUT /oic/sec/doxm [{“OxmSel”: “oic.sec.doxm.jw”}] RSP 2.04 SRM enables TLS_ECDH_anon_WITH_AES_12SHA256 cipher suite DTLS Connection PUT /oic/sec/doxm [{“Owned”: “T”, “Owner”: “Admin0””}] RSP 2.04 Ownership Transfer Stops
  • 12. 13Samsung Open Source Group © SAMSUNG Electronics Co. Ownership Transfer – Random PIN Onboarding Tool Enrolling DeviceOnboarding Tool Ownership Transfer Start GET /oic/sec/doxm?Owned=”False” RSP [{“OxmType”: “oic.sec.doxm.rdp”, “DeviceId”: “UUID”}] Discovery Preparing for Ownership transfer using Random PIN Set Ownership transfer Method PUT /oic/sec/doxm [{“OxmSel”: “oic.sec.doxm.rdp”}] RSP 2.04 SRM enables TLS_ECDHE_PSK_WITH_AES_128_CBC_SH A256 cipher suite DTLS Connection PUT /oic/sec/doxm [{“Owned”: “T”, “Owner”: “Admin0””}] RSP 2.04 Ownership Transfer Stops
  • 13. 14Samsung Open Source Group © SAMSUNG Electronics Co. Owner transfer protocol - Asymmetric certificate  Minimum certificate size (292 bytes) and minimal parser.  Certificate generated with signed certificate and asymmetric key pair. – OBT binary app signed trusted CA to communicate with above certificate. – Device and OBT authenticate each other using ECDSA. – Authenticate successful then link exchange over ECDH. Root CA Manufacturer1 CA Manufacturer2 CA Gateway Sub CA Manufacturer1 Dev Sub-CA Manufacturer1 Dev Sub-CA2 M1 Dev Cert M1 Dev Cert Manufacturer2 Dev Cert
  • 14. 15Samsung Open Source Group © SAMSUNG Electronics Co. 8 Onboarding Tool Enrolling DeviceOnboarding Tool Ownership Transfer Start GET /oic/sec/doxm?Owned=”False” RSP [{“OxmType”: “oic.sec.doxm.mfgcert”, “DeviceId”: “UUID”}] Discovery Preparing for Ownership transfer using Certificate Set Ownership transfer Method PUT /oic/sec/doxm [{“OxmSel”: “oic.sec.doxm.mfgcert”}] RSP 2.04 SRM enables TLS_ECDHE_ECDSA_WITH_AES_128_CCM_ 8_SHA256 cipher suite DTLS Connection POST /oic/sec/doxm [{“credid”: “..”, “sub”: “..”, “credType”: “8”, “pdbdata”: “device and CA in base 64”, “pvdata”: {“x”: “x position of elliptic curve in base 64”, “y”: “y position of elliptic curve in base 64”, “ownrs”: “” }}] RSP 2.04 Ownership Transfer Stops Owner transfer protocol - Asymmetric certificate
  • 15. 16Samsung Open Source Group © SAMSUNG Electronics Co. Provisioning  Credential are transferred from OBT to device.  Device needs to engage with bootstrap server to provision – Client directed: Client update server is in need of provisioning. – Server directed: Server self checks if it is provisioned.  Proper security credential and parameters.  Parameters include: – Security credentials through credential management service. – Access control policies and ACL – Devices are self aware about security provision status.
  • 16. 17Samsung Open Source Group © SAMSUNG Electronics Co. Provisioning 8 Onboarding Tool Enrolling DeviceOnboarding Tool ACL Provisioning Start GET /oic/sec/pstat RSP [{“IsOp”: “False”, “Sm”: “0x11”}] Status Client Mode PUT /oic/sec/pstat [{“Om”: “0x11”}] RSP 2.04 RSP 2.04 ACL Provisioning Stop DTLS with Owner PSK RSP 2.04 RSP 2.04
  • 17. 18Samsung Open Source Group © SAMSUNG Electronics Co. Secure Resource Manager (SRM)  Management of the secure virtual resource and ACL [3]. Secure Resource Manager Layer Resource Manager (RM) Persistent Storage interface Policy Engine (PE) Connection Abstraction (CA) Layer DTLS Module Resource Introspection (RI) Layer Application Secure Virtual Resource Database
  • 18. 19Samsung Open Source Group Hardware Hardening  Secure storage is to provided using encryption and hardware security.  Secure execution environment: – Secure storage – Secure execution engine – Trusted I/O paths – Secure Time Source/Clock – Random number generator – Cryptographic algorithm – Hardware tampering
  • 19. 20Samsung Open Source Group Connectivity
  • 20. 21 Use Case: Local and Remote Network Connectivity Smoke & Carbon Monoxide Detector Smart Locks Smart Lights LAN Network (Home) LAN Network (Home) Home Gateway Smart Device CloudCloud Smart Device
  • 21. 22 OWASP Network Security Risks ● Insecure network services ● Lack of transport encryption ● Insecure web interface ● Insufficient authentication/authorization
  • 22. 23Samsung Open Source Group Secure Connectivity  DTLS to provide packet by packet protection.  OIC client and server communication should be protected using – Eavesdropping – Message replay – Tampering  Device authentication – Client verifies server using device id – Client if it has match sends server message – Server verifies message exchange dtls_write dtls_handle_message tinyDTLS tinyDTLS IoTivity
  • 23. 24Samsung Open Source Group Low End Device Secure Connectivity ● Low end device uses extension of DTLS handshake to establish session keys. ● Based on Diffie-Hellman key agreement. ● Can be used in owner transfer protocol to establish keys. ● Breaks down further DTLS handshake to ease smaller packet transfer and fragmented PDU. – 6 way message protocol instead of 3 message. tinyDTLS
  • 24. 25Samsung Open Source Group Remote connectivity  OIC device communicate with XMPP server – Authenticates using XMPP roster credential  Device identified using JID – Server: me@mydomain.com/oic/1.0/oic.d.light/FFFFDDDD- YYYY-4567-JADE-123456789A123 – Client: me@mydomain.com/oic/1.0/client/FFFFDDDD-YYYY- 4567-JADE-123456789A123  Remote XMPP server and OIC server have secure connection.  Inband bytestream is used between XMPP and OIC server.
  • 25. 26Samsung Open Source Group Privacy
  • 26. 27 Use Case: Controlling Access Wife's Tablet LAN Network (Home) LAN Network (Home) Child 2 Room Child 1 Room X
  • 27. 28Samsung Open Source Group Privacy  Protects resources at the OIC server.  ACL are defined via ACE (access control entities).  Every resource should have an ACE.  ACE are stored either locally or remotely on Access manager server (AMS).  ACL needs to be secure stored and partitioned between logical OIC servers.  Access control levels is per group, device, resource or properties.
  • 28. 29Samsung Open Source Group Local Access Control Is light open? Request Accept Response Turn Light Off Request Reject Response acl[0] acl[0]
  • 29. 30 Remote Access Control Samsung Open Source Group Is light open? Request Accept Response Turn Light Off Request Reject Response Request amacl[0] amacl[0] Request AMS1 AMS1 Response Response
  • 30. 31Samsung Open Source Group © SAMSUNG Electronics Co. Conclusion  IoTivity addresses majority of the OWASP issues.  OIC provides following security functionality: – Onboarding mechanism to get device securely in user network – Policies control who can read/write on to the device. – Secure connectivity between device.  Hardening mechanism suggested.  SRM includes security functionality.
  • 31. 32Samsung Open Source Group © SAMSUNG Electronics Co. References  [1] http://www.gartner.com/newsroom/id/2636073  [2] https://www.owasp.org/images/8/8e/Infographic-v1.jpg  [3] https://wiki.iotivity.org/iotivity_security  [4] http://www8.hp.com/h20195/V2/GetPDF.aspx/4AA5-4759ENW.pdf 
  • 32. 33Samsung Open Source Group Thank You!