IoT World - creating a secure robust IoT reference architecture

•Descargar como PPTX, PDF•

7 recomendaciones•2,034 vistas

This document discusses creating a secure Internet of Things (IoT) architecture. It recommends three rules for IoT security: don't be stupid, be smart, and think about what's different for IoT devices. It also notes unique challenges for IoT security like long device lifecycles and limited capabilities. The document advocates for using federated identity and access control to securely manage devices and data. It presents a reference architecture for IoT that incorporates real-time stream processing, analytics, identity management, and open source components.

Internet

A reference architecture for IoT:
How to create a resilient, secure IoT cloud
Paul Fremantle
CTO, WSO2 (paul@wso2.com)
PhD researcher, Portsmouth
University
(paul.fremantle@port.ac.uk)
@pzfreo #wso2

My three rules for IoT security
• 1. Don’t be stupid
• 2. Be smart
• 3. Think about what’s different

My three rules for IoT security
• 1. Don’t be stupid
– The basics of Internet security haven’t gone away
• 2. Be smart
– Use the best practice from the Internet
• 3. Think about what’s different
– What are the unique challenges of your device?

http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/

So what is different about IoT?
• The longevity of the device
– Updates are harder (or impossible)
• The size of the device
– Capabilities are limited – especially around crypto
• The fact there is a device
– Usually no UI for entering userids and passwords
• The data
– Often highly personal
• The mindset
– Appliance manufacturers don’t think like security experts
– Embedded systems are often developed by grabbing existing
chips, designs, etc

Physical Hacks
A Practical Attack on the MIFARE Classic:
http://www.cs.ru.nl/~flaviog/publications/Attack.MIFARE.pdf
Karsten Nohl and Henryk Plotz. MIFARE, Little Security, Despite Obscurity

Or try this at home?
http://freo.me/1g15BiG

Hardware recommendations
• Don’t rely on obscurity

Hardware recommendations
• Don’t rely on obscurity
• Don’t rely on obscurity
• Don’t rely on obscurity
• Don’t rely on obscurity
• Don’t rely on obscurity
• Don’t rely on obscurity
• Don’t rely on obscurity

Hardware Recommendation #2
• Unlocking a single device should risk only that
device’s data

Crypto on small devices
• Practical Considerations and Implementation Experiences in Securing
Smart Object Networks
– http://tools.ietf.org/html/draft-aks-crypto-sensors-02

Ubertooth
http://ubertooth.sourceforge.net/
https://www.usenix.org/conference/woot13/
workshop-program/presentation/ryan

Passwords
• Passwords suck for humans
• They suck even more for devices

Why Federated Identity for IoT?
• Can enable a meaningful consent mechanism
for sharing of device data
• Giving a device a token to use on API calls
better than giving it a password
– Revokable
– Granular
• May be relevant for both
– Device to cloud
– Cloud to app

More information
http://pzf.fremantle.org/2013/11/using-oauth-
20-with-mqtt.html
http://siot-workshop.org/

Reference Architecture for the Internet of Things
http://freo.me/iotra

Re-active vs Realtime Pro-Active
Web Architecture
• Re-active
• 10k-100k connections
• Pull-based
• Human interactions
• Some APIs
• Creating Big Data
IoT Architecture
• Push-based
• 100k-1m connections
• No human interaction
• Autonomic
• API driven
• Creating even bigger
datasets

Real time stream processing
1 million events/s on 4 servers in Amazon EC2

Device Management
(Generally available Q1/2015)

APIs and API Management
eBay handles 6 billion messages a day through WSO2
That is 4 million a minute

*
Develop Once – Deploy Everywhere
Public WSO2
Cloud
Hybrid/Private
PaaS
Managed
Cloud
On AWS
On-Premise

DOESN’T EVERYONE SAY “JUST USE
MY OPEN PLATFORM”?

Really Actually Open
• 100% Open Source (no bait and switch!)
• Heterogenous
• Polyglot
• Interoperable
• Modular and based on OSGi
• Extensible
• API-driven
https://www.flickr.com/photos/jmarty/

Summary
• Think about security from the start
• Build a federated and secure model of Identity
for Things
• Create Autonomic models that deliver value
that surprises and delights customers
• Use Big Data Analytics and the Lambda
Architecture to understand your customers
• Be Open!

IoT World - creating a secure robust IoT reference architecture

Más contenido relacionado

La actualidad más candente

In developing for IoT, security is not often the highest priority: APIs exposed without care and devices deployed with default passwords become gateways to your network and your data. Many best practices can be used to thwart attacks on your devices, but they have to be thought through from the first architectural design. This session covers many recent IoT attacks, their consequences, and how they could have been prevented. It also explores the many security levels one device can have, from totally exposed to completely secured against physical tampering and identity theft.

IoT Security: Cases and Methods [CON5446]

Leonardo De Moura Rocha Lima

Using FIWARE and Microsoft Azure for the development of IoT solutions

DunavNET

Security in the Internet of Things

ForgeRock

WSO2Con USA 2015: WSO2 Platform for IoT

WSO2

Anonymous Individual Integration for IoT

Paul Fremantle

Devising a practical approach to the Internet of Things

Gordon Haff

Null mumbai-iot top 10

Nitesh Malviya

We already know that the Internet of Things is big. It isn't something that's coming. It's already here. From manufacturing to healthcare, retail and hospitality, transportation, utilities and energy, the shift from Information Technology to Operational Technology and the value that this massive explosion of data can provide is taking the world by storm. But IoT isn't a product. It's not something you can buy. As with any gold rush, snake oil abounds. The potential is massive and the good news is that the technology and platforms are already here! But how do you get started? What are the application and networking protocols at play? How do you handle the ingestion of massive, real-time streams of data? Where do you land the data? What kind of insights does the data at scale provide? How do you make sense of it and/or take action on the data in real time scaling to hundreds if not hundreds of thousands of devices per deployment? In this session, Rick G. Garibay will share a pragmatic reference architecture based on his experience working with dozens of customers in the field and provide an insider’s view on some real-world IoT solutions he's led. He'll demystify what IoT is and what it isn't, discuss patterns for addressing the challenges inherent in IoT projects and how the most popular public cloud vendors are already providing the capabilities you need to build real-world IoT solutions today.

A Pragmatic Reference Architecture for The Internet of Things

Rick G. Garibay

IoT stands for Internet of Things.The internet of things, or IoT, is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. IoT Security Training covers The Internet of Things security and examines IoT conventions, potential dangers, vulnerabilities, misuse, information breaks, security system and alleviation. IoT security training, Internet of Things (IoT) devices Include: manufacturers, retailers in customer hardware, social insurance, processing plant production network stockrooms, transportation offices and numerous others. Learn about: IoT Principles: The Internet of Things Overview Principles for Connected Devices IoT Design Principles Principles of IoT Security IoT Attack Areas IoT Vulnerabilities IoT Firmware Analysis IoT Software Weaknesses IoT Security Verification, Validation and Testing IoT Security Assessment on IoT devices Assessing IoT devices attack surfaces Evaluation of IoT device firmware analysis, attack surface Vulnerabilities and exploiting the vulnerabilities Course Topics Include: Overview and analysis of IoT devices and IoT implementation use cases IoT Architecture IoT Architectural and Design Requirements IoT Security Fundamentals IoT Security Standards NIST Framework: Cyber Physical Systems IoT Governance and Risk Management IoT Security Compliance and Audit IoT Encryption and Key Management IoT Identity and Access Management IoT Security Challenges IoT Security in Critical Infrastructure IoT Security in Personal infrastructure IoT Vulnerabilities Wireless Security applied to IoT ZigBee and Bluetooth Security LTE and Mobile Security Cloud-based web interface security Call us today at +1-972-665-9786. Learn more about this course audience, objectives, outlines, seminars, pricing , any other information. Visit our website link below. IoT SecurityTraining, IoT Security Awareness 2019 https://www.tonex.com/training-courses/iot-security-training-iot-security-awareness/

IoT Security Training, IoT Security Awareness 2019

Tonex

This talk revisits the 2016 Mirai attack which targeted IoT devices including IP cameras, WiFi-connected refrigerators, home routers, and more. The resulting botnet was used to attack Dyn’s DNS platform, which affected many websites including Twitter, SoundCloud, Airbnb, and Spotify. You will learn and discuss the answers to these questions and more: • What is the current state of Mirai and Mirai variants? • What Distributed Denial of Service (DDoS) defenses do you have in place? • How can you prepare to detect and defend against them botnet malware? • What is recommended in the September 2018 NISTIR Draft, Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks.

IoT Security, Mirai Revisited

Clare Nelson, CISSP, CIPP-E

Finding a scalable open-source IoT framework that reliably and securely connects your devices to the cloud while fitting your business needs, not dictating them, turns out to be a little more challenging than it first looks. For a business or professional service, an IoT system needs to be able to offer four things 1) Scalability Be able to scale the solution in a manner that doesn't have operating costs/bandwidth run out of control. 2) Be secure Operate in a secure environment that prevents the system losing date or being hi-jacked. 3) Use open-standards throughout Be based on open-source standards to avoid proprietary lock-in and allow the business to control its own destiny, contribute, collaborate, partner or quickly and easily find help in the community, if required. 4) Manage & Inter-operate The framework must allow that allow remote day-to-day device management and interoperability with other sensors & systems Find out more about how the Creator IoT Framework meets these challenges

Creator IoT Framework

Paul Evans

IoT Security: Cases and Methods

Leonardo De Moura Rocha Lima

IOT Security

Sylvain Martinez

IOT Security. Internet of Things impact is everywhere from your bedroom to office. Everyone should be aware about iot security to run it without any hassle and security risk. Why you should take IOT security training course ? Learn about risks of unsecured enterprise and home IoT devices connecting to the Internet and able to share the information they generate. Iot security training covers these topics : Device and platform vulnerabilities, Authentication and authorization, Web interface and software, Transport encryption, Management issues, Privacy and security enhancements and other iot issues Iot and security risks : Most serious IoT security risks involve software. Software attacks can exploit entire systems, steal information, alter data, deny service and compromise or damage devices. In a phishing attack, for example, Attackers also use malware, such as viruses, worms and Trojans, to damage or delete data, steal information, monitor users and disrupt key system functions. Learn about: IoT Principles Principles of IoT Security IoT Attack Areas IoT Vulnerabilities IoT Firmware Analysis IoT Software Weaknesses IoT Security Verification, Validation Assessing IoT devices attack surfaces Evaluation of IoT device firmware analysis, attack surface, vulnerabilities and exploiting the vulnerabilities Request more information. Visit tonex.com for iot security training course and workshop detail. https://www.tonex.com/training-courses/iot-security-training-iot-security-awareness/

Iot Security, Internet of Things

Bryan Len

Null mumbai-reversing-IoT-firmware

Nitesh Malviya

Security Fundamental for IoT Devices; Creating the Internet of Secure Things

Design World

Practical IoT Security in the Enterprise

Daniel Miessler

How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happens, where data lives and where the interface lies. For instance, it's a mix of architectural styles between cloud, APIs and native hardware/software configurations.

IoT architecture

Sumit Sharma

Owasp top 10

veerababu penugonda(Mr-IoT)

The use case for Cassandra at Ping Identity

Ping Identity

La actualidad más candente (20)

IoT Security: Cases and Methods [CON5446]

Using FIWARE and Microsoft Azure for the development of IoT solutions

Security in the Internet of Things

WSO2Con USA 2015: WSO2 Platform for IoT

Anonymous Individual Integration for IoT

Devising a practical approach to the Internet of Things

Null mumbai-iot top 10

A Pragmatic Reference Architecture for The Internet of Things

IoT Security Training, IoT Security Awareness 2019

IoT Security, Mirai Revisited

Creator IoT Framework

IoT Security: Cases and Methods

IOT Security

Iot Security, Internet of Things

Null mumbai-reversing-IoT-firmware

Security Fundamental for IoT Devices; Creating the Internet of Secure Things

Practical IoT Security in the Enterprise

IoT architecture

Owasp top 10

The use case for Cassandra at Ping Identity

Similar a IoT World - creating a secure robust IoT reference architecture

WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge

WSO2

The growth of Internet connected devices is hard to comprehend. From health monitoring gadgets to Home Automation systems. The real world is getting Internet connected. Lots of these devices are built on 8-bit microcontrollers. Often they use unencrypted radio comms or networking, and default passwords. Do we care? Maybe they are too simple, too uninteresting to hack? Visit examples of hacking Things, why we should care and how to fix it. If you are building a Thing, using an internet connected Thing, or working with data from Things, come along to find out what you should know about securing them.

Your Thing is pwnd - Security Challenges for the Internet of Things

WSO2

The Internet of Things: We've Got to Chat

Duo Security

Security challenges for internet of things

Monika Keerthi

IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014

Brian Knopf

With the advent of IOT, Every 'Thing' is getting Smart, starting from the range of smartwatches, smart refrigerators, smart bulbs to smart car, smart healthcare, smart agriculture, smart retail, smart city and what not, even smart planet. But why is every thing getting smart? People are trying to bridge the gap between Digital World & Physical World by means of ubiquitous connectivity to Internet, and when digital things become physical, digital threats also become physical threats. Security & Privacy issues are rising as never before. What if the microphone in your smart TV can be used to eavesdrop the private communications in your bed room? What if a smart driverless car deliberately crashes itself into an accident? What if you want to be Anonymous over Internet and don't want anybody to track you? This talk will focus on answering the above questions with a view on 'What are we currently doing to protect ourselves' and 'What we need to do'. What are the new security challenges that are coming up and how privacy & anonymity is taking the lead over security. The talk will also sensitive the audience about the paradigm shift that is happening in IOT DevOps, with help of Docker Containers and how they can be anonymised using TOR.

Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker

Abhinav Biswas

The progress of AI in the last decade has seemed almost magical. But we will discuss the unique challenges posed by Security and what makes this domain the biggest challenge for AI. Reporting from the frontlines, we will describe the deployment of large-scale production-grade AI systems to combat security breaches, using lessons learned at Avast from defending over 400 million consumers every single day. Topics will cover the recent AI advancements in file-based anti-malware solutions, behavior-based on-device solutions, and network-based IoT security solutions.

Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...

AI Frontiers

This talk summarizes the state of IoT security, specifically as it relates to Industrial Control and Energy. When hearing the buzz-word “Internet of Things,” we typically think of the consumer world: smart toasters and connected fridges. However, there is a staggering number of networked embedded devices that perform life- and mission-critical tasks that our daily lives depend on. Industrial Control Systems (ICS) are not unique snowflakes anymore but use the same ubiquitous technology as found in consumer IoT Devices. This presentation summarizes our experiences at Senrio exploiting embedded system and discusses the reasons why these insecure design patterns exist; including business drivers and technology factors. We will share stories and anecdotes based on 10 years of research, training and consulting (including real vulnerabilities and how they work).

The Insecurity of Industrial Things

Senrio

These are the slides from Misha Seltzer's talk at Product of Things Conference in Tel Aviv on July 2018: Who this talk is for: this talk is for product managers that want to avoid common design flaws that lead to easily hackable IoT devices. After this workshop you will be able to: Spot and eliminate security design flaws early Know where you, as a PM, can get involved to improve your product's security Learn from mistakes done by others, and not repeat them What is covered: RTOS as well as Linux-based IoT protection Rules of thumb for basic IoT security Unexpected areas from which security flaws might creep into your products. In the land of IoT, with so many different companies/manufacturers competing for the same space, it's essential to have a good reputation. One embarrassingly hackable product can not only hurt sales but kill the company altogether. In this talk, we'll go over a couple of cases of embarrassing IoT security flaws, learn how/where those mistakes were made, and what can you, as PMs, do not to repeat those mistakes.

Avoid embarrassing press by designing secure IoT products with Misha Seltzer

Product of Things

IoT overview 2014

Mirko Presser

IoT – Breaking Bad

NUS-ISS

Did you know that today, there are over 30 billion connected IoT devices? And that in 2020, that number will double? Do you know how these devices connect to the internet? To each other? To their manufacturer? How many IoT devices are used within your company? If you’re a security professional you’ll need to be able to answer these questions and more. In this session, Jackson Shaw (Dell) will discuss the convergence (collision?) of IoT with IT and OT, what it means to him as a consumer and what it means to us as identity and IT security professionals. Keynote presentation at European Identity Conference 2015, Munich, Germany. https://www.id-conf.com/eic2015

The Convergence of IT, Operational Technology and the Internet of Things (IoT)

Jackson Shaw

Privacy and Security in the Internet of Things

Jeff Katz

Mickey pacsec2016_final

PacSecJP

Spirent: The Internet of Things: The Expanded Security Perimeter

Sailaja Tennati

(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)

Rui Miguel Feio

This presentation will dive into research, outcomes, and recommendations regarding information security for the "Internet of Things". Mark and Zach will discuss IoT security failures both from their own research as well as the work of people they admire. Attendees are invited to laugh/cringe at concerning examples of improper access control, a complete lack of transport security, hardcoded-everything, and ways to bypass paying for stuff. Mark and Zach will also discuss the progress that their initiative, BuildItSecure.ly, has made since it was announced this past February at B-Sides San Francisco. Based on their own struggles with approaching smaller technology vendors with bugs and trying to handle coordinated disclosure, Mark and Zach decided to change the process and dialog that was occurring into one that is inclusive, friendly, researcher-centric. They will provide results and key learnings about the establishment of this loose organization of security-minded vendors, partners, and researchers who have decided to focus on improving information security for bootstrapped/crowd-funded IoT products and platforms. If you're a researcher who wants to know more about attacking this space, an IoT vendor trying to refine your security processes, or just a consumer who cares about their own safety and privacy, this talk will provide some great insights to all of those ends. MARK STANISLAV DUO SECURITY Mark Stanislav is the Security Evangelist for Duo Security. With a career spanning over a decade, Mark has worked within small business, academia, startup and corporate environments, primarily focused on Linux architecture, information security, and web application development. He has presented at over 70 events internationally including RSA, ShmooCon, SOURCE Boston, and THOTCON. His security research has been featured on web sites including CSO Online, Security Ledger, and Slashdot. Mark holds a B.S. in Networking & IT Administration and an M.S. in Information Assurance, both from Eastern Michigan University. Mark is currently writing a book titled, "Two-Factor Authentication" (published by IT Governance). ZACH LANIER DUO SECURITY Zach Lanier is a Security Researcher with Duo Security, specializing in various bits of network, mobile, and application security. Prior to joining Duo, Zach most recently served as a Senior Research Scientist with Accuvant LABS. He has spoken at a variety of security conferences, such as Black Hat, CanSecWest, INFILTRATE, ShmooCon, and SecTor, and is a co-author of the recently published "Android Hackers' Handbook."

Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...

Duo Security

Geek Night 15.0 - Touring the Dark-Side of the Internet

GeekNightHyderabad

Pulga, a Tiny Open-Source MQTT Broker for Flexible and Secure IoT Deployments

Eyes of Things

Iot Security: Smart... or haunted home?

NaLUG

Similar a IoT World - creating a secure robust IoT reference architecture (20)

WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge

Your Thing is pwnd - Security Challenges for the Internet of Things

The Internet of Things: We've Got to Chat

Security challenges for internet of things

IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014

Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker

Rajarshi Gupta at AI Frontiers : Security is AI’s biggest challenge, AI is Se...

The Insecurity of Industrial Things

Avoid embarrassing press by designing secure IoT products with Misha Seltzer

IoT overview 2014

IoT – Breaking Bad

The Convergence of IT, Operational Technology and the Internet of Things (IoT)

Privacy and Security in the Internet of Things

Mickey pacsec2016_final

Spirent: The Internet of Things: The Expanded Security Perimeter

(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)

Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...

Geek Night 15.0 - Touring the Dark-Side of the Internet

Pulga, a Tiny Open-Source MQTT Broker for Flexible and Secure IoT Deployments

Iot Security: Smart... or haunted home?

Más de Paul Fremantle

IoT and Blockchains - enhancing security and privacy

Paul Fremantle

Web API Management meets the Internet of Things

Paul Fremantle

Apache Stratos is a PaaS built on top of Equinox and OSGi. Stratos runs all kinds of workloads including Java, OSGi, Tomcat apps, PHP, Node.js, MySQL, Mongo, Cassandra and others. This session is an introduction to Stratos which will cover: - How to get started - Deploying on Amazon AWS and OpenStack Clouds - Workloads Stratos supports - Why and how Equinox is used - Multi-tenancy and security - Elastic scaling - How Stratos compares to other PaaS systems The session will include live demontrations of Stratos. The session is aimed at those interested in PaaS models, as well as those with a strong interest in OSGi runtimes and Equinox.

Apache Stratos - Building a PaaS using OSGi and Equinox

Paul Fremantle

Federated Identity for IoT with OAuth2

Paul Fremantle

Beyond Economics - Cloud as a Business Enabler

Paul Fremantle

Evolution of PaaS

Paul Fremantle

The Evolution of Integration

Paul Fremantle

High Volume Web API Management with the WSO2 ESB

Paul Fremantle

Stratos Open PaaS OSCON 2011

Paul Fremantle

Stratos and PaaS for London Java Community

Paul Fremantle

Understanding Platform as a Service

Paul Fremantle

Are you running Tomcat on the Cloud? What can you do to make Tomcat really take advantage of the cloud? In this session we will discuss how to make Tomcat a native cloud runtime - one that is optimized to run "in" the cloud rather than just "on top" of the cloud. First we will look at what is important for any runtime that wants to truly be cloud native: multi-tenancy, self-service, elasticity, metering and billing, dynamic discovery and side-by-side versioning. Then we will explore how to make Tomcat work in this way. Based on experiences making Tomcat run in a cloud environment as part of Stratos, an Open Source project based on Tomcat and OSGi, we will look at the real issues, solutions, as well as exploring future work in this area.

Making Apache Tomcat Multi-tenant, Elastic and Metered

Paul Fremantle

To really take advantage of cloud, software must be optimized to run in the cloud. This presentation explores what it means to be "Cloud Native" and looks at a real open source project that has built a complete Cloud Native platform. Cloud is not just a better way to run existing software, there are core enhancements that need to be made to software to enable it to run really effectively in a cloud environment. Often the first thought is about massive scalability, but actually there are other key enablers: multi-tenancy, metering, dynamic distribution, self-service and incremental deployment and testability. This presentation explores these enablers and looks at how an Open Source project (Carbon) built on Apache technology was re-built to be cloud native. The presentation will cover not just the concepts but dive into the practical issues in making a cloud native system and also explore which Apache technologies can help along the way.

Building Cloud Native Software

Paul Fremantle

Building Innovation with Open Source Approaches

Paul Fremantle

Three SOA Case Studies

Paul Fremantle

Fast SOA with Apache Synapse

Paul Fremantle

REST vs WS-*: Myths Facts and Lies

Paul Fremantle

Más de Paul Fremantle (17)

IoT and Blockchains - enhancing security and privacy

Web API Management meets the Internet of Things

Apache Stratos - Building a PaaS using OSGi and Equinox

Federated Identity for IoT with OAuth2

Beyond Economics - Cloud as a Business Enabler

Evolution of PaaS

The Evolution of Integration

High Volume Web API Management with the WSO2 ESB

Stratos Open PaaS OSCON 2011

Stratos and PaaS for London Java Community

Understanding Platform as a Service

Making Apache Tomcat Multi-tenant, Elastic and Metered

Building Cloud Native Software

Building Innovation with Open Source Approaches

Three SOA Case Studies

Fast SOA with Apache Synapse

REST vs WS-*: Myths Facts and Lies

Último

Russian Call Girls in %(+971524965298 )# Call Girls in Dubai

Dubai call girls 971524965298 Call girls in Bur Dubai

Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur Booking Now open +91- 8005736733 Why you Choose Us- +91- 8005736733 HOT⇄ 8005736733 Mr ashu ji Call Mr ashu Ji +91- 8005736733 𝐇𝐨𝐭𝐞𝐥 𝐑𝐨𝐨𝐦𝐬 𝐈𝐧𝐜𝐥𝐮𝐝𝐢𝐧𝐠 𝐑𝐚𝐭𝐞 𝐒𝐡𝐨𝐭𝐬/𝐇𝐨𝐮𝐫𝐲🆓 .█▬█⓿▀█▀ 𝐈𝐍𝐃𝐄𝐏𝐄𝐍𝐃𝐄𝐍𝐓 𝐆𝐈𝐑𝐋 𝐕𝐈𝐏 𝐄𝐒𝐂𝐎𝐑𝐓 Hello Guys ! High Profiles young Beauties and Good Looking standard Profiles Available , Enquire Now if you are interested in Hifi Service and want to get connect with someone who can understand your needs. Service offers you the most beautiful High Profile sexy independent female Escorts in genuine ✔✔$V15 ✔✔To enjoy with hot and sexy girls ✔✔✔ ★providing:- • Models • vip Models • Russian Models • Foreigner Models • TV Actress and Celebrities • Receptionist • Air Hostess • Call Center Working Girls/Women • Hi-Tech Co. Girls/Women • Housewife

Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...

SUHANI PANDEY

It's important to remember that accessing the dark web can be risky and requires specialized skills and tools. Many organizations leverage threat intelligence companies that have a safe and legal way to monitor these areas and extract valuable information. Let's shine some light on the Dark Web. Kyle Hettinger from Recorded Future's Dark Web research team joins GDG Cloud Southlake joins to Demystify the Dark Web. Kyle has been doing cybercrime investigations for over 10 years, and has collaborated with both public and private sector partners to identify, mitigate, and neutralize cybercriminals.

GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web

James Anderson

Call Girls Dubai Dubai Call Girls Agency Vip Call Girls Dubai Hot Call Girls Dubai Out Call Girls Dubai Best Call Girls Dubai Indian And Pakistani Call Girls Dubai Independent Call Girls Dubai Dubai Indian Call Girls Agency Class Call Girls In Dubai #First Class Call Girls In Dubai #Full Massage Services Call Girls In Dubai Full Night Call Girls Dubai Hourly Call Girls Dubai Call Girls Deira Dubai Dating Call Girls In Deira Dubai Silicon Oasis Call Girls Dubai International City Call Girls Dubai Al Jaddaf Al Satwa Al Quoz Al Barsha South Media City Discovery Garden Call Girls Dubai Al Jaffiliya,Business Bay,Al Karama,Bur Dubai,Deira,Dubai,Palm Jumeirah,Al Wasl,Trade Centre,Dubai Mall,JBR,JVC,JLT,Discovery Garden Al Nahda Call Girls Dubai Al Qusais Call Girls Dubai Dating Call Girls Dubai Dubai Call Girls Services Provide In Ajman_Dubai_RAK_UMQ_Fujairah_Abu_Dhabi#Indian #Tamil #Kerala #Russian #Philippine #Morocco #Thailand #English Models In Dubai #If You Want Serv#Dubai Pakistani Call Girls Agency #Beautiful Call Girls in Dubai #High ices Just Send Me Text On Whatsapp #

Al Barsha Night Partner +0567686026 Call Girls Dubai

Escorts Call Girls

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024

APNIC

Call Girls In Chandigarh Lucky ❤️ 7710465962 Independent Escort Service Chandigarh Their services range from erotic encounters and movie dates to in-call and out-call services, making this option available 24/7. Available for services including NSA, threesomes and foursomes sessions as well as massage services and casual foreplay - they even provide real girlfriend experience. Find one online or visit local women's clubs, hotels or restaurants. Hiring a Chandigarh call girl for an evening or day out can be the perfect addition to your social gathering or office event, or you could arrange for her to visit your home or hotel room. Not only are these women gorgeous, they're intelligent as well, with great senses of humor - sure to please and leave you wanting more. If you want a cheap escort in Chandigarh, look for someone who is either a student or works part time so that she will always be available when you need her. In addition to this, look for housewives as this ensures they have stable lives that can keep you satisfied for extended periods. These beautiful ladies will capture your attention at first sight with stunning eyes and full, seductive lips; not to mention a seductive personality that makes you want to spend more time with them; moreover they are discreet enough to meet up anywhere nearby! Hiring a call girl in Chandigarh can be done through either the internet or calling her directly, with services like massage or sex sessions offered to request from specific agencies within a few hours of making contact. Furthermore, text the girl directly for price quotes!

Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...

Sheetaleventcompany

Call girls in delhi ✔️✔️🔝 9953056974 🔝✔️✔️Welcome To Vip Escort Services In Delhi [ ]Noida Gurgaon 24/7 Open Sex Escort Services With Happy Ending ServiCe Done By Most Attractive Charming Soft Spoken Bold Beautiful Full Cooperative Independent Escort Girls ServiCe In All-Star Hotel And Home Service In All Over Delhi, Noida, Gurgaon, Faridabad, Ghaziabad, Greater Noida, • IN CALL AND OUT CALL SERVICE IN DELHI NCR • 3* 5* 7* HOTELS SERVICE IN DELHI NCR • 24 HOURS AVAILABLE IN DELHI NCR • INDIAN, RUSSIAN, PUNJABI, KASHMIRI ESCORTS • REAL MODELS, COLLEGE GIRLS, HOUSE WIFE, ALSO AVAILABLE • SHORT TIME AND FULL TIME SERVICE AVAILABLE • HYGIENIC FULL AC NEAT AND CLEAN ROOMS AVAIL. IN HOTEL 24 HOURS • DAILY NEW ESCORTS STAFF AVAILABLE • MINIMUM TO MAXIMUM RANGE AVAILABLE. Call Girls in Delhi & Independent Escort Service – CALL GIRLS SERVICE DELHI NCR Vip call girls in Delhi Call Girls in Delhi, Call Girl Service 24×7 open Call Girls in Delhi Best Delhi Escorts in Delhi Low Rate Call Girls In Saket Delhi X~CALL GIRLS IN Ramesh Nagar Metro best Delhi call girls and Delhi escort service. CALL GIRLS SERVICE IN ALL DELHI … (Delhi) Call Girls in (Chanakyapuri) Hot And Sexy Independent Model Escort Service In Delhi Unlimited Enjoy Genuine 100% Profiles And Trusted Door Step Call Girls Feel Free To Call Us Female Service Hot Busty & Sexy Party Girls Available For Complete Enjoyment. We Guarantee Full Satisfaction & In Case Of Any Unhappy Experience, We Would Refund Your Fees, Without Any Questions Asked. Feel Free To Call Us Female Service Provider Hours Opens Thanks. Delhi Escorts Services 100% secure Services.Incall_OutCall Available and outcall Services provide. We are available 24*7 for Full Night and short Time Escort Services all over Delhi NCR. Delhi All Hotel Services available 3* 4* 5* Call Call Delhi Escorts Services And Delhi Call Girl Agency 100% secure Services in my agency. Incall and outcall Services provide. We are available 24*7 for Full Night and short Time Escort Services my agency in all over New Delhi Delhi All Hotel Services available my agency SERVICES [✓✓✓] Housewife College Girl VIP Escort Independent Girl Aunty Without a Condom sucking )? Sexy Aunty.DSL (Dick Sucking Lips)? DT (Dining at the Toes English Spanking) Doggie (Sex style from no behind)?? OutCall- All Over Delhi Noida Gurgaon 24/7 FOR APPOINTMENT Call/Whatsop / 9953056974

Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service

9953056974 Low Rate Call Girls In Saket, Delhi NCR

Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL CALL GIRLS IN Locknow ESCORT SERVICE❤CALL GIRL IN We are Providing :- ● – Private independent collage Going girls . ● – independent Models . ● – House Wife’s . ● – Private Independent House Wife’s ● – Corporate M.N.C Working Profiles . ● – Call Center Girls . ● – Live Band Girls . ●- Foreigners & Many More . Service type: 1.In call 2.out call 3. full Lip to Lip kiss 4.69 5.b-job without Condom 6. Hard Core sex & Much More. 7 Body to Body Touch 8 Kissing 9 Sucking Boobs and More 10 Enjoy by Hand 11 Relax By Oral 12 Sex with Happy Ending • In Call and Out Call Service • 3* 5* 7* Hotels Service • 24 Hours Available • Indian, Russian, Punjabi, Kashmiri Escorts • Real Models, College Girls, House Wife, Also Available • Short Time and Full Time Service Available • Hygienic Full AC Neat and Clean Rooms Avail. In Hotel 24 hours • Daily Escorts Staff Available • Minimum to Maximum Range Available. Call girl service in Lucknow Lucknow call girl service Call girl service Lucknow Call girl Lucknow Call girls service in Lucknow Call girls in Lucknow Lucknow call girls Lucknow call girls service Lucknow escort service Lucknow escorts service Lucknow escorts Lucknow escort Escort service in Lucknow Escort in Lucknow Escort Lucknow Escorts in Lucknow Escorts service in Lucknow These professional and Call girls in Bangalore can satisfy your every desire - be it sensual massage or an erotic shower, they are always more than willing to meet them. Furthermore, they pay close attention to body language cues to ensure you enjoy every minute spent in their company - both in-call and outcall services are offered. Is an excellent choice for anyone seeking an exciting and thrilling night of fun and excitement

Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL

imonikaupta

Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R. Why you Choose Us- +91-8264348440 I Have Extremely Beautiful Broad Minded Cute Sexy & Hot Call Girls Delhi and Escorts, We Are Located in 3* 4* 5* Hotels. Safe & Secure High Class Services Affordable Rate 100% Satisfaction, Unlimited Enjoyment. Any Time for Model/Teens Escort in Delhi High class luxury and premium escorts agency. ★ CALL US High Class Luxury and Premium Escort Service We Provide Well Educated,Royal Class Female,High-Class Escort Service Offering a Top High Class Escort Service In The & Several Nearby All Places of . ★ To Enjoy With Hot and Sexy Girls . ★ We Are Providing :- • 3* 5* 7*Hotels Service • Hygienic Full AC Neat and Clean Rooms Avail. • Daily New Escorts Staff Available • Minimum to Maximum Range Available. Our escort service •BJ (Blowjob) •FK (French kissing) •Kissing with tongue •O-Level (Oral sex) •Long Silky Brown Hair •69 (69 sex) •A-Level (5 start Escort) •Dating {{{N.M}}} 30-04-2024

Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.

soniya singh

VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS Live Booking Contact Details :- WhatsApp Chat :- [+91-9999965857 ] The Best Call Girls Delhi At Your Service Russian Call Girls Delhi Doing anything intimate with can be a wonderful way to unwind from life's stresses, while having some fun. These girls specialize in providing sexual pleasure that will satisfy your fetishes; from tease and seduce their clients to keeping it all confidential - these services are also available both install and outcall, making them great additions for parties or business events alike. Their expert sex skills include deep penetration, oral sex, cum eating and cum eating - always respecting your wishes as part of the experience (07-May-2024(PSS)

VVVIP Call Girls In Connaught Place ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...

Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure

Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R. Why you Choose Us- +91-8264348440 I Have Extremely Beautiful Broad Minded Cute Sexy & Hot Call Girls Delhi and Escorts, We Are Located in 3* 4* 5* Hotels. Safe & Secure High Class Services Affordable Rate 100% Satisfaction, Unlimited Enjoyment. Any Time for Model/Teens Escort in Delhi High class luxury and premium escorts agency. ★ CALL US High Class Luxury and Premium Escort Service We Provide Well Educated,Royal Class Female,High-Class Escort Service Offering a Top High Class Escort Service In The & Several Nearby All Places of . ★ To Enjoy With Hot and Sexy Girls . ★ We Are Providing :- • 3* 5* 7*Hotels Service • Hygienic Full AC Neat and Clean Rooms Avail. • Daily New Escorts Staff Available • Minimum to Maximum Range Available. Our escort service •BJ (Blowjob) •FK (French kissing) •Kissing with tongue •O-Level (Oral sex) •Long Silky Brown Hair •69 (69 sex) •A-Level (5 start Escort) •Dating {{{N.M}}} 30-04-2024

Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.

soniya singh

On Starlink, presented by Geoff Huston at NZNOG 2024

APNIC

Call Girls In Ashram Chowk Delhi +91-8264348440 !! Best Woman Seeking Man Call Girls Service, Escorts Service in Home Hotel in Delhi NCR 24 Hours Available Service Call Girls, Contact Us +91-8264348440 (Any Time. Any Where) Call Girls in Delhi, Noida, Gurgaon, Ghaziabad,Sexy Indian Female Escorts Service Delhi NCRWelcome To Delhi Escorts Service – An All Over New Delhi Very Sexy Hot Call Girls Agency Service Escorts In South DelhiNCRDelhi’s No. 1 High Profile Independent Female Escorts Service. We Provide Good Quality Educated Profile At Very Regnebal Price 100% Safe And Original.We Are Provide Escorts Service All OYO Hotels ,3*,4*,5* Star Hotel And Home Flat, Apartment. Guest-House. Services In -Call And Out – Call Both Are Services Available. 24Hrs. Any Time Any Where. In All Over Delhi Noida Gurgaon Ghaziabad Faridabad.More Information And Contact Profile Real Pic Visit Our Website City Wise Escorts Service Agency.Good Looking Cheap And Best Models Girls U Can Get Best Click On Link……Night Call Girls Now In Hotel Le Meridien Gurgaon Near Female Escort Service – 24×7 .Call Whatsapp, +91-8264348440 Our Services and Rates: –– In call Shot 1500 Out Call Short 2000: – In call Night 6000 Out Call Night 7000Minimum To Maximum Range AvailableOnly Serious And Genuine Persons Can Contact Us : +91-8264348440 Call Girls in Delhi At All Location :– Malviya Nagar, Saket, Hauz Khas, Dwarka, Mahipalpur, Aerocity, Lajpat Nagar, Nehru Place karol Bagh, Near Metro Station :Call Us Whatapp Call Now +91-8264348440

Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝

soniya singh

₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111༒99012🔝 <J.R.P > 30/30/2024 Call Us(Call Girls in Delhi Escort Service(🔝))/WhatsApp 97111⇛99012 Call Girls in ,(Delhi) We are Provide best Genuine Normal, High class call girls. escort service at affordable price. We Are One Of The Oldest Escorts and Call girls Agencies in Delhi You Will Find That Our Female Escorts Are Full Of Fun, Sexy And They Would Love Enjoy Your Company. We Have A Fantastic Selection Of Callo Girls Ladies Available For In-Calls As Well As Out-Calls. Our Escorts Are Not Only Beautiful But All Have Great Personalities Making Them The Perfect Companion For Any Occasion. In-Call: — You Can Come at Our Location in Delhi Which Is Very Clean Hygienic 100% safe Accommodation. Out-Call: — You have To come and Pick Girl From My Place We are Also Provide Door Step Services in Delhi , Gurgaon, Noida. Hygienic: — Full Ac Neat And Clean Rooms Available In Hotel 24 * 7 Hour In Delhi NCR, We Are Providing : — all Types of girls Indian, North East , Foreigner , Airhostess, many More. Service type — In-call Shot 1500, 2,000– In — Call Night /Out-call Night 6,000, to 8,000 — Hi-Fi Rates Shot — 5,000 to 10,000 Full Night 10,000 to 12,000 More Details, Call//WhatsApp, 97111 🔝 ⇛99012

₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...

Diya Sharma

Real Men Wear Diapers T Shirts sweatshirt

rahman018755

Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Independent Escorts service Booking Now open +91- 8005736733 Why you Choose Us- +91- 8005736733 HOT⇄ 8005736733 Mr ashu ji Call Mr ashu Ji +91- 8005736733 𝐇𝐨𝐭𝐞𝐥 𝐑𝐨𝐨𝐦𝐬 𝐈𝐧𝐜𝐥𝐮𝐝𝐢𝐧𝐠 𝐑𝐚𝐭𝐞 𝐒𝐡𝐨𝐭𝐬/𝐇𝐨𝐮𝐫𝐲🆓 .█▬█⓿▀█▀ 𝐈𝐍𝐃𝐄𝐏𝐄𝐍𝐃𝐄𝐍𝐓 𝐆𝐈𝐑𝐋 𝐕𝐈𝐏 𝐄𝐒𝐂𝐎𝐑𝐓 Hello Guys ! High Profiles young Beauties and Good Looking standard Profiles Available , Enquire Now if you are interested in Hifi Service and want to get connect with someone who can understand your needs. Service offers you the most beautiful High Profile sexy independent female Escorts in genuine ✔✔$V15 ✔✔To enjoy with hot and sexy girls ✔✔✔ ★providing:- • Models • vip Models • Russian Models • Foreigner Models • TV Actress and Celebrities • Receptionist • Air Hostess • Call Center Working Girls/Women • Hi-Tech Co. Girls/Women • Housewife

Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...

SUHANI PANDEY

VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And Reasonable Packages Near You Booking Now open +91- 8005736733 Why you Choose Us- +91- 8005736733 HOT⇄ 8005736733 Mr ashu ji Call Mr ashu Ji +91- 8005736733 𝐇𝐨𝐭𝐞𝐥 𝐑𝐨𝐨𝐦𝐬 𝐈𝐧𝐜𝐥𝐮𝐝𝐢𝐧𝐠 𝐑𝐚𝐭𝐞 𝐒𝐡𝐨𝐭𝐬/𝐇𝐨𝐮𝐫𝐲🆓 .█▬█⓿▀█▀ 𝐈𝐍𝐃𝐄𝐏𝐄𝐍𝐃𝐄𝐍𝐓 𝐆𝐈𝐑𝐋 𝐕𝐈𝐏 𝐄𝐒𝐂𝐎𝐑𝐓 Hello Guys ! High Profiles young Beauties and Good Looking standard Profiles Available , Enquire Now if you are interested in Hifi Service and want to get connect with someone who can understand your needs. Service offers you the most beautiful High Profile sexy independent female Escorts in genuine ✔✔✔ To enjoy with hot and sexy girls ✔✔✔$V15 ★providing:- • Models • vip Models • Russian Models • Foreigner Models • TV Actress and Celebrities • Receptionist • Air Hostess • Call Center Working Girls/Women • Hi-Tech Co. Girls/Women • Housewife

VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...

SUHANI PANDEY

VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K High Profile Escorts In Pune Booking Now open +91- 8005736733 Why you Choose Us- +91- 8005736733 HOT⇄ 8005736733 Mr ashu ji Call Mr ashu Ji +91- 8005736733 (V030524]N) 𝐇𝐨𝐭𝐞𝐥 𝐑𝐨𝐨𝐦𝐬 𝐈𝐧𝐜𝐥𝐮𝐝𝐢𝐧𝐠 𝐑𝐚𝐭𝐞 𝐒𝐡𝐨𝐭𝐬/𝐇𝐨𝐮𝐫𝐲🆓 .█▬█⓿▀█▀ 𝐈𝐍𝐃𝐄𝐏𝐄𝐍𝐃𝐄𝐍𝐓 𝐆𝐈𝐑𝐋 𝐕𝐈𝐏 𝐄𝐒𝐂𝐎𝐑𝐓 Hello Guys ! High Profiles young Beauties and Good Looking standard Profiles Available , Enquire Now if you are interested in Hifi Service and want to get connect with someone who can understand your needs. Service offers you the most beautiful High Profile sexy independent female Escorts in genuine ✔✔✔ To enjoy with hot and sexy girls ✔✔✔ ★providing:- • Models • vip Models • Russian Models • Foreigner Models • TV Actress and Celebrities • Receptionist • Air Hostess • Call Center Working Girls/Women • Hi-Tech Co. Girls/Women • Housewife

VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...

SUHANI PANDEY

(Vivek)Call Us, 8448380779,Call girls in Delhi NCr – We Offer best in class call girls. escort Service At Affordable Price At low Rate with Space Night 8000 We Are One Of The Oldest Escort and Call girls Agencies in Delhi. You Will Find That Our Female Escorts Are Full Of Fun, Sexy And They Would Love Enjoy Your Company. We Have A Fantastic Selection Of Escort Ladies Available For In-Calls As Well As Out-Calls. Our Escorts Are Not Only Beautiful But All Have Great Personalities Making Them The Perfect Companion For Any Occasion. In-Call:- You Can Come At Our Place in Delhi Our place Which Is Very Clean Hygienic 100% safe Accommodation. Out-Call:- You have To Come Pick The Girl From My Place We Are Also Provide Door Step Services (Delhi Ncr, Noida, Gurgaon, Faridabad, Ghaziabad Note:- Pic Collectors Time Passers Bargainers Stay Away As We Respect The Value For Your Money Time And Expect The Same From You Hygienic:- Full Ac room And Clean Rooms Available In Hotel 24 * 7 Hourly In Delhi NCR More Details, With WhatsApp Number, +91-8448380779

WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)

Delhi Call girls

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service

Delhi Call girls

IoT World - creating a secure robust IoT reference architecture

1. A reference architecture for IoT: How to create a resilient, secure IoT cloud Paul Fremantle CTO, WSO2 (paul@wso2.com) PhD researcher, Portsmouth University (paul.fremantle@port.ac.uk) @pzfreo #wso2

2. Firstly, does security even matter?

5. My three rules for IoT security • 1. Don’t be stupid • 2. Be smart • 3. Think about what’s different

6. My three rules for IoT security • 1. Don’t be stupid – The basics of Internet security haven’t gone away • 2. Be smart – Use the best practice from the Internet • 3. Think about what’s different – What are the unique challenges of your device?

7. http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/

8. So what is different about IoT? • The longevity of the device – Updates are harder (or impossible) • The size of the device – Capabilities are limited – especially around crypto • The fact there is a device – Usually no UI for entering userids and passwords • The data – Often highly personal • The mindset – Appliance manufacturers don’t think like security experts – Embedded systems are often developed by grabbing existing chips, designs, etc

9. Physical Hacks A Practical Attack on the MIFARE Classic: http://www.cs.ru.nl/~flaviog/publications/Attack.MIFARE.pdf Karsten Nohl and Henryk Plotz. MIFARE, Little Security, Despite Obscurity

10.

11. Or try this at home? http://freo.me/1g15BiG

12. Hardware recommendations • Don’t rely on obscurity

13. Hardware recommendations • Don’t rely on obscurity • Don’t rely on obscurity • Don’t rely on obscurity • Don’t rely on obscurity • Don’t rely on obscurity • Don’t rely on obscurity • Don’t rely on obscurity

14. Hardware Recommendation #2 • Unlocking a single device should risk only that device’s data

15. The Network

16. Direct network vs Gateway model

17. Crypto on small devices • Practical Considerations and Implementation Experiences in Securing Smart Object Networks – http://tools.ietf.org/html/draft-aks-crypto-sensors-02

18. Key distribution

19. Ubertooth http://ubertooth.sourceforge.net/ https://www.usenix.org/conference/woot13/ workshop-program/presentation/ryan

20.

21. IDENTITY IS THE NEW PERIMETER

22. Passwords • Passwords suck for humans • They suck even more for devices

23.

24. Why Federated Identity for IoT? • Can enable a meaningful consent mechanism for sharing of device data • Giving a device a token to use on API calls better than giving it a password – Revokable – Granular • May be relevant for both – Device to cloud – Cloud to app

25. More information http://pzf.fremantle.org/2013/11/using-oauth- 20-with-mqtt.html http://siot-workshop.org/

26.

27. Reference Architecture for the Internet of Things http://freo.me/iotra

28. Re-active vs Realtime Pro-Active Web Architecture • Re-active • 10k-100k connections • Pull-based • Human interactions • Some APIs • Creating Big Data IoT Architecture • Push-based • 100k-1m connections • No human interaction • Autonomic • API driven • Creating even bigger datasets

29. Real time stream processing 1 million events/s on 4 servers in Amazon EC2

30. 30 Analytics

31. Identity Management

32. Device Management (Generally available Q1/2015)

33. APIs and API Management eBay handles 6 billion messages a day through WSO2 That is 4 million a minute

34. * Develop Once – Deploy Everywhere Public WSO2 Cloud Hybrid/Private PaaS Managed Cloud On AWS On-Premise

35. DOESN’T EVERYONE SAY “JUST USE MY OPEN PLATFORM”?

36. Really Actually Open • 100% Open Source (no bait and switch!) • Heterogenous • Polyglot • Interoperable • Modular and based on OSGi • Extensible • API-driven https://www.flickr.com/photos/jmarty/

37. Summary • Think about security from the start • Build a federated and secure model of Identity for Things • Create Autonomic models that deliver value that surprises and delights customers • Use Big Data Analytics and the Lambda Architecture to understand your customers • Be Open!

IoT World - creating a secure robust IoT reference architecture

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a IoT World - creating a secure robust IoT reference architecture

Similar a IoT World - creating a secure robust IoT reference architecture (20)

Más de Paul Fremantle

Más de Paul Fremantle (17)

Último

Último (20)

IoT World - creating a secure robust IoT reference architecture