SlideShare a Scribd company logo

RIPE Atlas: Ethical, Security and Legal Considerations of Running an IoT Network

RIPE NCC
RIPE NCC

Presentation given by Mirjam Kühne and Ivo Dijkhuis at 56th TF-CSIRT Meeting, Tallinn, Estonia on 21 January 2019

Technology
1 of 17
Download to read offline
21 January 2019 | 56th TF-CSIRT, Tallinn, Estonia RIPE Atlas Ethical, Security and Legal Aspects of Running an IoT Network Mirjam Kühne, Senior Community Builder Ivo Dijkhuis, Information Security Officer
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 RIRs Around the World
RIPE Atlas
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 RIPE Atlas is a global, open, distributed Internet measurement platform, consisting of thousands of measurement devices that measure Internet connectivity in real time. (wikipedia) RIPE Atlas
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Measuring Internet access disruptions: - Internet Access Disruptions in Turkey - Internet Access Disruption in Gambia • Measuring DNS censorship and hijacking: - Using DNS Servers in Iran - DNS Censorship • Monitoring connectivity problems: - Monitoring Game Service Connectivity - Measuring Cloud Connectivity - Debugging Network Connectivity Problems RIPE Atlas Use Cases
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • 10,000 probes and 400 anchors connected worldwide • 5.6% IPv4 ASes and 9% IPv6 ASes covered • 181 countries covered • 7,000 measurements per second RIPE Atlas in Numbers
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Low, cheap barrier of entry • Active measurements only - Probes do not observe user traffic • Data, API, tools, source code: FREE and OPEN • Set of measurement types limited - Ping, trace route, SSL/TLS, NTP, HTTP (limited) • Strong community involvement from the start Design Principles
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • No bandwidth measurement - Other platforms provide that service • HTTP measurements only towards RIPE Atlas anchors because otherwise: - It would rely on the hosts’ bandwidth - Might put volunteer hosts at risk • Encourage our users to think about ethical consequences - https://labs.ripe.net/Members/kistel/ethics-of-ripe-atlas-measurements Ethical Considerations
Securing RIPE Atlas
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 RIPE Atlas Architecture !10
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Prevent re-use and re-purposing of probes - Decided against Trusted Platform Model (TPM) - Instead, we use cheap devices and discourage reusing them - Accepting possible loss of probes • Initialisation procedure before distribution - Off-the-shelf firmware gets replaced with RIPE Atlas firmware - Generating and registering individual keys - Testing Limiting Consequences (1/2)
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Trust anchors installed on all probes - Two-way authentication; unique SSH key for probes used for identification • Regular firmware updates - All firmware updates are signed - Pre-installed public keys to verify firmware signature before upgrading • Mechanisms to detect unwanted behaviour - Outliers or protocol violations • No direct services to host or network - No local configuration possible; reduces network-based attack surface Limiting Consequences (2/2)
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Done in a “lazy fashion” - Upgraded next time they connect to RIPE Atlas infrastructure - We have means to force them to upgrade faster • Each upgrade is cryptographically verified Firmware Upgrades
Legal Aspects of RIPE Atlas
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Radio Equipment Directive (2014/53/EU) • Mandatory requirements for everything that has a radio - Basis in health and safety, together with interoperability - Also applies when you communicate via other means (e.g. WiFI, GPS, Bluetooth) • Self-assessment on compliance - Using CE mark to indicate you’re safe - Ex-post compliance testing in (external) labs by regulator - Non-compliance can result in EU-wide recall Legal Considerations (1/2)
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Directive has a few “optional” requirements - 3.3.d: Do not harm the network or misuse network resources - 3.3.e: Protection of personal data and privacy - 3.3.f: Protection from fraud - 3.3.i: Only compliant software can be loaded • Can be activated by means of a Delegated Act - Decision by European Commission Legal Considerations (2/2)
I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • IETF draft document: BCP for Securing IoT Devices https://tools.ietf.org/html/draft-moore-iot-security-bcp-01 • RIPE Atlas: https://atlas.ripe.net https://labs.ripe.net/Members/kistel/ripe-atlas-probes-as-iot-devices https://labs.ripe.net/Members/kistel/ripe-atlas-architecture-how-we- manage-our-probes Best Current Practices

Recommended

T063500000200201 ppte
T063500000200201 ppteT063500000200201 ppte
T063500000200201 ppteyasinalimohammed
 
International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...
International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...
International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...APNIC
 
EENA2019: Track1 session1 _The future of emergency response today (...)_Jessi...
EENA2019: Track1 session1 _The future of emergency response today (...)_Jessi...EENA2019: Track1 session1 _The future of emergency response today (...)_Jessi...
EENA2019: Track1 session1 _The future of emergency response today (...)_Jessi...EENA (European Emergency Number Association)
 
EENA 2018 - Satellite applications for emergency response, search and rescue
EENA 2018 - Satellite applications for emergency response, search and rescueEENA 2018 - Satellite applications for emergency response, search and rescue
EENA 2018 - Satellite applications for emergency response, search and rescueEENA (European Emergency Number Association)
 
Existing example of V2I (IPIS)
Existing example of V2I (IPIS)Existing example of V2I (IPIS)
Existing example of V2I (IPIS)Ahmed Shehab
 
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...techUK
 
Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options techUK
 
EENA 2018 - NEXES on the path to Next Generation Emergency Services – The NG ...
EENA 2018 - NEXES on the path to Next Generation Emergency Services – The NG ...EENA 2018 - NEXES on the path to Next Generation Emergency Services – The NG ...
EENA 2018 - NEXES on the path to Next Generation Emergency Services – The NG ...EENA (European Emergency Number Association)
 

Recommended

T063500000200201 ppte
T063500000200201 ppteT063500000200201 ppte
T063500000200201 ppteyasinalimohammed
 
International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...
International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...
International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...APNIC
 
EENA2019: Track1 session1 _The future of emergency response today (...)_Jessi...
EENA2019: Track1 session1 _The future of emergency response today (...)_Jessi...EENA2019: Track1 session1 _The future of emergency response today (...)_Jessi...
EENA2019: Track1 session1 _The future of emergency response today (...)_Jessi...EENA (European Emergency Number Association)
 
EENA 2018 - Satellite applications for emergency response, search and rescue
EENA 2018 - Satellite applications for emergency response, search and rescueEENA 2018 - Satellite applications for emergency response, search and rescue
EENA 2018 - Satellite applications for emergency response, search and rescueEENA (European Emergency Number Association)
 
Existing example of V2I (IPIS)
Existing example of V2I (IPIS)Existing example of V2I (IPIS)
Existing example of V2I (IPIS)Ahmed Shehab
 
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...
Anil Shukla - QinetiQ - spectrum policy forum-framework_qinetiq_030518_intro_...techUK
 
Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options Abhaya Sumanasena - Real Wireless - Spectrum Options
Abhaya Sumanasena - Real Wireless - Spectrum Options techUK
 
EENA 2018 - NEXES on the path to Next Generation Emergency Services – The NG ...
EENA 2018 - NEXES on the path to Next Generation Emergency Services – The NG ...EENA 2018 - NEXES on the path to Next Generation Emergency Services – The NG ...
EENA 2018 - NEXES on the path to Next Generation Emergency Services – The NG ...EENA (European Emergency Number Association)
 
Context-aware Automotive Intrusion Detection using Reference Models
Context-aware Automotive Intrusion Detection using Reference ModelsContext-aware Automotive Intrusion Detection using Reference Models
Context-aware Automotive Intrusion Detection using Reference ModelsArmin Wasicek
 
EENA 2021 - Improving public safety with smart cities and Internet of Things ...
EENA 2021 - Improving public safety with smart cities and Internet of Things ...EENA 2021 - Improving public safety with smart cities and Internet of Things ...
EENA 2021 - Improving public safety with smart cities and Internet of Things ...EENA (European Emergency Number Association)
 
Strenthening Critical Internet Infrastructure
Strenthening Critical Internet InfrastructureStrenthening Critical Internet Infrastructure
Strenthening Critical Internet InfrastructureFrancis Amaning
 
EENA 2018 - GRALLE, a EU initiative for a Galileo-based Emergency Warning Sys...
EENA 2018 - GRALLE, a EU initiative for a Galileo-based Emergency Warning Sys...EENA 2018 - GRALLE, a EU initiative for a Galileo-based Emergency Warning Sys...
EENA 2018 - GRALLE, a EU initiative for a Galileo-based Emergency Warning Sys...EENA (European Emergency Number Association)
 
Cyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanCyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanTWCA
 
Internet Measurements of the COVID-19 Pandemic
Internet Measurements of the COVID-19 PandemicInternet Measurements of the COVID-19 Pandemic
Internet Measurements of the COVID-19 PandemicRIPE NCC
 
EENA2019: Track2 session6 AML in Norway_Sven Bruun
EENA2019: Track2 session6 AML in Norway_Sven BruunEENA2019: Track2 session6 AML in Norway_Sven Bruun
EENA2019: Track2 session6 AML in Norway_Sven BruunEENA (European Emergency Number Association)
 
EENA 2018 - The use of the cloud and data to reduce response times and increa...
EENA 2018 - The use of the cloud and data to reduce response times and increa...EENA 2018 - The use of the cloud and data to reduce response times and increa...
EENA 2018 - The use of the cloud and data to reduce response times and increa...EENA (European Emergency Number Association)
 
Connected roadways external launch feb26 revised_final.ptx
Connected roadways external launch feb26 revised_final.ptxConnected roadways external launch feb26 revised_final.ptx
Connected roadways external launch feb26 revised_final.ptxbrigel529
 
EENA2021: Industry session by Carbyne: Cloud Call Management that Meets Your ...
EENA2021: Industry session by Carbyne: Cloud Call Management that Meets Your ...EENA2021: Industry session by Carbyne: Cloud Call Management that Meets Your ...
EENA2021: Industry session by Carbyne: Cloud Call Management that Meets Your ...EENA (European Emergency Number Association)
 
Demo Smart City Lab Amsterdam
Demo Smart City Lab AmsterdamDemo Smart City Lab Amsterdam
Demo Smart City Lab Amsterdamsimcipresentation
 
EENA 2018 - Facilitating communications between PSAPs throughout Europe
EENA 2018 - Facilitating communications between PSAPs throughout EuropeEENA 2018 - Facilitating communications between PSAPs throughout Europe
EENA 2018 - Facilitating communications between PSAPs throughout EuropeEENA (European Emergency Number Association)
 
EENA 2021 - Implementing Public Warning Systems (3/3)
EENA 2021 - Implementing Public Warning Systems (3/3)EENA 2021 - Implementing Public Warning Systems (3/3)
EENA 2021 - Implementing Public Warning Systems (3/3)EENA (European Emergency Number Association)
 
Tech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingTech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingJisc
 
Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
Infosec 2014: Finding and Understanding the Risk Impact of Firewall ChangesInfosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
Infosec 2014: Finding and Understanding the Risk Impact of Firewall ChangesSkybox Security
 
Internet Governance Community Use Slide Deck from ARIN
Internet Governance Community Use Slide Deck from ARINInternet Governance Community Use Slide Deck from ARIN
Internet Governance Community Use Slide Deck from ARINARIN
 
Ensuring solution performance in large-scale smart installations”, Showcase t...
Ensuring solution performance in large-scale smart installations”, Showcase t...Ensuring solution performance in large-scale smart installations”, Showcase t...
Ensuring solution performance in large-scale smart installations”, Showcase t...Landis+Gyr
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
Jarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 CallsJarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 CallsMustafa Jarrar
 
Anil Shukla, QinetiQ, Spectrum Resiliance - Intro
Anil Shukla, QinetiQ, Spectrum Resiliance - IntroAnil Shukla, QinetiQ, Spectrum Resiliance - Intro
Anil Shukla, QinetiQ, Spectrum Resiliance - IntrotechUK
 
Cybersecurity isaca
Cybersecurity isacaCybersecurity isaca
Cybersecurity isacaAntoine Vigneron
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 

More Related Content

What's hot

Context-aware Automotive Intrusion Detection using Reference Models
Context-aware Automotive Intrusion Detection using Reference ModelsContext-aware Automotive Intrusion Detection using Reference Models
Context-aware Automotive Intrusion Detection using Reference ModelsArmin Wasicek
 
Strenthening Critical Internet Infrastructure
Strenthening Critical Internet InfrastructureStrenthening Critical Internet Infrastructure
Strenthening Critical Internet InfrastructureFrancis Amaning
 
Cyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanCyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanTWCA
 
Internet Measurements of the COVID-19 Pandemic
Internet Measurements of the COVID-19 PandemicInternet Measurements of the COVID-19 Pandemic
Internet Measurements of the COVID-19 PandemicRIPE NCC
 
Connected roadways external launch feb26 revised_final.ptx
Connected roadways external launch feb26 revised_final.ptxConnected roadways external launch feb26 revised_final.ptx
Connected roadways external launch feb26 revised_final.ptxbrigel529
 
Demo Smart City Lab Amsterdam
Demo Smart City Lab AmsterdamDemo Smart City Lab Amsterdam
Demo Smart City Lab Amsterdamsimcipresentation
 
Tech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingTech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingJisc
 
Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
Infosec 2014: Finding and Understanding the Risk Impact of Firewall ChangesInfosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
Infosec 2014: Finding and Understanding the Risk Impact of Firewall ChangesSkybox Security
 
Internet Governance Community Use Slide Deck from ARIN
Internet Governance Community Use Slide Deck from ARINInternet Governance Community Use Slide Deck from ARIN
Internet Governance Community Use Slide Deck from ARINARIN
 
Ensuring solution performance in large-scale smart installations”, Showcase t...
Ensuring solution performance in large-scale smart installations”, Showcase t...Ensuring solution performance in large-scale smart installations”, Showcase t...
Ensuring solution performance in large-scale smart installations”, Showcase t...Landis+Gyr
 

What's hot (17)

Context-aware Automotive Intrusion Detection using Reference Models
Context-aware Automotive Intrusion Detection using Reference ModelsContext-aware Automotive Intrusion Detection using Reference Models
Context-aware Automotive Intrusion Detection using Reference Models
 
EENA 2021 - Improving public safety with smart cities and Internet of Things ...
EENA 2021 - Improving public safety with smart cities and Internet of Things ...EENA 2021 - Improving public safety with smart cities and Internet of Things ...
EENA 2021 - Improving public safety with smart cities and Internet of Things ...
 
Strenthening Critical Internet Infrastructure
Strenthening Critical Internet InfrastructureStrenthening Critical Internet Infrastructure
Strenthening Critical Internet Infrastructure
 
EENA 2018 - GRALLE, a EU initiative for a Galileo-based Emergency Warning Sys...
EENA 2018 - GRALLE, a EU initiative for a Galileo-based Emergency Warning Sys...EENA 2018 - GRALLE, a EU initiative for a Galileo-based Emergency Warning Sys...
EENA 2018 - GRALLE, a EU initiative for a Galileo-based Emergency Warning Sys...
 
Cyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillanCyber Security for SCADA and Networks - Sean McMillan
Cyber Security for SCADA and Networks - Sean McMillan
 
Internet Measurements of the COVID-19 Pandemic
Internet Measurements of the COVID-19 PandemicInternet Measurements of the COVID-19 Pandemic
Internet Measurements of the COVID-19 Pandemic
 
EENA2019: Track2 session6 AML in Norway_Sven Bruun
EENA2019: Track2 session6 AML in Norway_Sven BruunEENA2019: Track2 session6 AML in Norway_Sven Bruun
EENA2019: Track2 session6 AML in Norway_Sven Bruun
 
EENA 2018 - The use of the cloud and data to reduce response times and increa...
EENA 2018 - The use of the cloud and data to reduce response times and increa...EENA 2018 - The use of the cloud and data to reduce response times and increa...
EENA 2018 - The use of the cloud and data to reduce response times and increa...
 
Connected roadways external launch feb26 revised_final.ptx
Connected roadways external launch feb26 revised_final.ptxConnected roadways external launch feb26 revised_final.ptx
Connected roadways external launch feb26 revised_final.ptx
 
EENA2021: Industry session by Carbyne: Cloud Call Management that Meets Your ...
EENA2021: Industry session by Carbyne: Cloud Call Management that Meets Your ...EENA2021: Industry session by Carbyne: Cloud Call Management that Meets Your ...
EENA2021: Industry session by Carbyne: Cloud Call Management that Meets Your ...
 
Demo Smart City Lab Amsterdam
Demo Smart City Lab AmsterdamDemo Smart City Lab Amsterdam
Demo Smart City Lab Amsterdam
 
EENA 2018 - Facilitating communications between PSAPs throughout Europe
EENA 2018 - Facilitating communications between PSAPs throughout EuropeEENA 2018 - Facilitating communications between PSAPs throughout Europe
EENA 2018 - Facilitating communications between PSAPs throughout Europe
 
EENA 2021 - Implementing Public Warning Systems (3/3)
EENA 2021 - Implementing Public Warning Systems (3/3)EENA 2021 - Implementing Public Warning Systems (3/3)
EENA 2021 - Implementing Public Warning Systems (3/3)
 
Tech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharingTech 2 Tech: increasing security posture and threat intelligence sharing
Tech 2 Tech: increasing security posture and threat intelligence sharing
 
Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
Infosec 2014: Finding and Understanding the Risk Impact of Firewall ChangesInfosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
Infosec 2014: Finding and Understanding the Risk Impact of Firewall Changes
 
Internet Governance Community Use Slide Deck from ARIN
Internet Governance Community Use Slide Deck from ARINInternet Governance Community Use Slide Deck from ARIN
Internet Governance Community Use Slide Deck from ARIN
 
Ensuring solution performance in large-scale smart installations”, Showcase t...
Ensuring solution performance in large-scale smart installations”, Showcase t...Ensuring solution performance in large-scale smart installations”, Showcase t...
Ensuring solution performance in large-scale smart installations”, Showcase t...
 

Similar to RIPE Atlas: Ethical, Security and Legal Considerations of Running an IoT Network

Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
Jarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 CallsJarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 CallsMustafa Jarrar
 
Anil Shukla, QinetiQ, Spectrum Resiliance - Intro
Anil Shukla, QinetiQ, Spectrum Resiliance - IntroAnil Shukla, QinetiQ, Spectrum Resiliance - Intro
Anil Shukla, QinetiQ, Spectrum Resiliance - IntrotechUK
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada securityYulia Rotar
 
Analysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeAnalysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeFrancesco Faenzi
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorEuropean Services Institute
 
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...Benjamin Ang
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityCableLabs
 
20140626 science meets business business cluster semiconductors
20140626 science meets business business cluster semiconductors20140626 science meets business business cluster semiconductors
20140626 science meets business business cluster semiconductorsSMBBV
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber securityAurobindo Nayak
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsKenny Huang Ph.D.
 
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...JunSeok Seo
 
Session 2 ure_changingrules_final
Session 2 ure_changingrules_finalSession 2 ure_changingrules_final
Session 2 ure_changingrules_finalTRPC Pte Ltd
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuNixu Corporation
 
Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin Massimiliano Masi
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 

Similar to RIPE Atlas: Ethical, Security and Legal Considerations of Running an IoT Network (20)

Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
 
Jarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 CallsJarrar: Future Internet in Horizon 2020 Calls
Jarrar: Future Internet in Horizon 2020 Calls
 
Anil Shukla, QinetiQ, Spectrum Resiliance - Intro
Anil Shukla, QinetiQ, Spectrum Resiliance - IntroAnil Shukla, QinetiQ, Spectrum Resiliance - Intro
Anil Shukla, QinetiQ, Spectrum Resiliance - Intro
 
Cybersecurity isaca
Cybersecurity isacaCybersecurity isaca
Cybersecurity isaca
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada security
 
Analysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in EuropeAnalysis of exposed ICS//SCADA/IoT systems in Europe
Analysis of exposed ICS//SCADA/IoT systems in Europe
 
Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity Critical Infrastructure and Cybersecurity
Critical Infrastructure and Cybersecurity
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation Sector
 
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
Are you the I in CII? Cybersecurity Bill public consultation by Internet Soci...
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
 
20140626 science meets business business cluster semiconductors
20140626 science meets business business cluster semiconductors20140626 science meets business business cluster semiconductors
20140626 science meets business business cluster semiconductors
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber security
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
 
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
 
Session 2 ure_changingrules_final
Session 2 ure_changingrules_finalSession 2 ure_changingrules_final
Session 2 ure_changingrules_final
 
Mitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo NixuMitre ATT&CK by Mattias Almeflo Nixu
Mitre ATT&CK by Mattias Almeflo Nixu
 
Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller
 

More from RIPE NCC

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryRIPE NCC
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionRIPE NCC
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in TechRIPE NCC
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfRIPE NCC
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISRIPE NCC
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopRIPE NCC
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfRIPE NCC
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfRIPE NCC
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsRIPE NCC
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing SecurityRIPE NCC
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfRIPE NCC
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasRIPE NCC
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasRIPE NCC
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet InfrastructureRIPE NCC
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenRIPE NCC
 

More from RIPE NCC (20)

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet Registry
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate Action
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in Tech
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement Tools
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the Baltics
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing Security
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE Atlas
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement Services
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in Sweden
 

Recently uploaded

Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Recently uploaded (20)

Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

RIPE Atlas: Ethical, Security and Legal Considerations of Running an IoT Network

  • 1. 21 January 2019 | 56th TF-CSIRT, Tallinn, Estonia RIPE Atlas Ethical, Security and Legal Aspects of Running an IoT Network Mirjam Kühne, Senior Community Builder Ivo Dijkhuis, Information Security Officer
  • 2. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 RIRs Around the World
  • 4. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 RIPE Atlas is a global, open, distributed Internet measurement platform, consisting of thousands of measurement devices that measure Internet connectivity in real time. (wikipedia) RIPE Atlas
  • 5. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Measuring Internet access disruptions: - Internet Access Disruptions in Turkey - Internet Access Disruption in Gambia • Measuring DNS censorship and hijacking: - Using DNS Servers in Iran - DNS Censorship • Monitoring connectivity problems: - Monitoring Game Service Connectivity - Measuring Cloud Connectivity - Debugging Network Connectivity Problems RIPE Atlas Use Cases
  • 6. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • 10,000 probes and 400 anchors connected worldwide • 5.6% IPv4 ASes and 9% IPv6 ASes covered • 181 countries covered • 7,000 measurements per second RIPE Atlas in Numbers
  • 7. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Low, cheap barrier of entry • Active measurements only - Probes do not observe user traffic • Data, API, tools, source code: FREE and OPEN • Set of measurement types limited - Ping, trace route, SSL/TLS, NTP, HTTP (limited) • Strong community involvement from the start Design Principles
  • 8. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • No bandwidth measurement - Other platforms provide that service • HTTP measurements only towards RIPE Atlas anchors because otherwise: - It would rely on the hosts’ bandwidth - Might put volunteer hosts at risk • Encourage our users to think about ethical consequences - https://labs.ripe.net/Members/kistel/ethics-of-ripe-atlas-measurements Ethical Considerations
  • 10. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 RIPE Atlas Architecture !10
  • 11. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Prevent re-use and re-purposing of probes - Decided against Trusted Platform Model (TPM) - Instead, we use cheap devices and discourage reusing them - Accepting possible loss of probes • Initialisation procedure before distribution - Off-the-shelf firmware gets replaced with RIPE Atlas firmware - Generating and registering individual keys - Testing Limiting Consequences (1/2)
  • 12. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Trust anchors installed on all probes - Two-way authentication; unique SSH key for probes used for identification • Regular firmware updates - All firmware updates are signed - Pre-installed public keys to verify firmware signature before upgrading • Mechanisms to detect unwanted behaviour - Outliers or protocol violations • No direct services to host or network - No local configuration possible; reduces network-based attack surface Limiting Consequences (2/2)
  • 13. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Done in a “lazy fashion” - Upgraded next time they connect to RIPE Atlas infrastructure - We have means to force them to upgrade faster • Each upgrade is cryptographically verified Firmware Upgrades
  • 15. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Radio Equipment Directive (2014/53/EU) • Mandatory requirements for everything that has a radio - Basis in health and safety, together with interoperability - Also applies when you communicate via other means (e.g. WiFI, GPS, Bluetooth) • Self-assessment on compliance - Using CE mark to indicate you’re safe - Ex-post compliance testing in (external) labs by regulator - Non-compliance can result in EU-wide recall Legal Considerations (1/2)
  • 16. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • Directive has a few “optional” requirements - 3.3.d: Do not harm the network or misuse network resources - 3.3.e: Protection of personal data and privacy - 3.3.f: Protection from fraud - 3.3.i: Only compliant software can be loaded • Can be activated by means of a Delegated Act - Decision by European Commission Legal Considerations (2/2)
  • 17. I. Dijkhuis & M. Kühne | 56th TF-CSIRT | 21 January 2019 01 • IETF draft document: BCP for Securing IoT Devices https://tools.ietf.org/html/draft-moore-iot-security-bcp-01 • RIPE Atlas: https://atlas.ripe.net https://labs.ripe.net/Members/kistel/ripe-atlas-probes-as-iot-devices https://labs.ripe.net/Members/kistel/ripe-atlas-architecture-how-we- manage-our-probes Best Current Practices