Trust me i m an m2m device
This presentation is the property of its rightful owner.
Sponsored Links
1 / 33

Trust Me, I’m an M2M Device PowerPoint PPT Presentation


  • 117 Views
  • Uploaded on
  • Presentation posted in: General

Trust Me, I’m an M2M Device. Noel Poore Architect, Oracle.

Download Presentation

Trust Me, I’m an M2M Device

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Trust me i m an m2m device

Trust Me, I’m an M2M Device

Noel Poore

Architect, Oracle


Trust me i m an m2m device

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.


Program agenda

Program Agenda

  • The Internet of Things

  • Topic 2, Arial, 24 pt

  • Topic 3, Arial, 24 pt

  • Topic 4, Arial, 24 pt

  • Topic 5. More than 5 topics, add second agenda slide.


What is m2m

What is M2M?

  • According to Wikipedia…

    Machine to Machine (M2M) refers to technologies that allow both wireless and wired systems to communicate with other devices of the same ability


Internet of things

Internet of Things

Different Services,Different Technologies

Different Meanings for Everyone

Miniaturization & advances in packaging technologies

Advances in flash

New class of powerfulbut low-cost & low-power MCUs

Cloud-based services

And the Word“SMART”

Is Everywhere!


Iot is more than m2m

IoT Is More Than M2M

The Internet of Things (IoT) is about Machine to Entity (M2E):

Machine to Machine:

Automatic diagnostics for cars: Automatic information collection from your car’s engine management system and sending real-time alerts to drivers or service centers

Machine to Infrastructure:

Automatic bridge monitoring: Sensing and monitoring the structural integrity of a

bridge in case of flooding

Machine to Human:

Automatic health monitoring for people: Implant monitoring services or disease management via implantable electronics

Machine to Nature/Environment:

Early detection of earthquakes: Distributed sensors to detect early tremors in specific places


Slide title arial 28 pt one line

Slide Title: Arial, 28 PT, One-Line

Subtitle: Arial, 20 pt, One-Line Max

  • Bullets are sentence case. Use Arial, 20 pt font.

    • Sub-bullets are Arial, 18 pt font.

  • Keep bullets short.

  • One idea per bullet.

  • No more than five bullets.

  • NOTE: Arial is the ONLY font that should be used in the Oracle corporate presentation template.Times and other serif fonts are not acceptable.

To ensure that slides are properly formatted to this template, see pages 7 and 8 for instructions.


Iot architecture

IoT Architecture

VALUE ADDED SERVICES

M2M Area Network

M2M / IoT Applications

SERVICE ENABLEMENT

M2M Core

Service Capabilities

Gateway

M2M Area Network

Direct Connection

Client Application

Devices


Iot use case smart home smart health pervasive remote monitoring and or control

IoT Use Case: Smart Home & Smart HealthPervasive Remote Monitoring and /or Control

Human being’s vital statistics monitored via edge nodes communicating through body area network s(BAN) and personal area networks (PAN)

Many other “things” in the smart home using local area network (LAN)

All communicate with a home hub / gateway, which, in turn, communicates to the cloud via wide area networks (WAN)

CLOUDMonitor Anywhere

Power

Home Hub

WiredWAN

NAN

Wireless WAN

PAN/BAN

WAN

HVAC

LAN


End to end security is a barrier for iot adoption

End-to-End Security is a Barrier for IoT Adoption

“The horizontal evolution of M2M will require full end-to-end security. Significant efforts need to be invested into M2M application security in order for the M2M market to fully evolve. Whether this is through open source initiatives or standards development, the demand for increased M2M application security will have to be answered, and sooner rather than later.”

ABI Research, M2M Dream Challenged by Alarming Security Concerns, Feb 2013

40%

Of embedded systems and applications developers have not proactively addressed security in existing development projects

30%

Median CAGR growth (2011-2014) in shipments of security solutions for industrial automation, medical devices, consumer electronics, automotive and retail

Source: VDC Research

Strategic Insights 2012: Embedded Software & Tools Market, Security Development & Runtime Solutions


Insecure devices and services

Insecure Devices and Services

  • Connected light bulbs with IP-based controller

  • Not enough attention paid to security

  • Inadequate hardware

  • Poorly thought through software

  • Saving on BOM cost may be a poor investment


Internet as a top security concern

Internet as a Top Security Concern

Testifying at the Senate Intelligence Committee’s annual hearing on worldwide threats, Director of National Intelligence James Clapper told lawmakers that terrorist groups are increasingly pursuing the ability to wage cyber attacks, which, if successful, could bring businesses and the government to a collapsing halt.

“Our statement this year leads with cyber, and it’s hard to overemphasize its significance,” said Clapper, reading a statement on behalf of himself, FBI Director Robert Mueller, CIA Director John Brennan and National Counterterrorism Center Director Matthew Olsen.

Despite the growing number of terror and nuclear related threats, officials and lawmakers concentrated much of their attention on cyber security — a signal that momentum is growing on Capitol Hill to try topass another bill on the issue.

Intelligence Chiefs Warn that Cyber Attacks are Nation’s Top Security Threat

By JordyYager and Carlo Munoz – 03/12/13 4;00 PM ET


Privacy who

Privacy Who?

The Internet is a Surveillance State

By Bruce Schneier, Special to CNNupdated 2:04 PM EDT, Sat March 16, 2013

The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we’re being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks u s on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies trackedhis Internet useduring one 36-hour period.

Facebook, for example, correlates your online behavior with your purchasing habits offline. And there’s more. There’s location data from your cell phone, there’s a record of your movements from closed-circuit TVs.

In today’s world, governments and corporations are working together to keep things that way. Governments are happy to use the data corporations collect – occasionally demanding that they collect more and save it longer – to spy on us. And corporations are happy to buy data from governments. Together the powerful spy on the powerless, and they’re not going to give up their positions of power, despite what the people want.


Information must be secure and trusted

Information must be secure and trusted

  • Information needs to be

    • Timely

      • Most information has to be up-to-date to be useful

    • Confidential

      • Information owner needs to be able to control access to information

    • Integrity assured

      • Assurance that information is complete and authentic

  • If the data can’t be trusted, the entire service paradigm breaks down


Top challenges in iot security

Top Challenges in IoT Security

VALUE ADDED SERVICES

  • Non-repudiation

  • Confidentiality

  • Integrity

  • Anonymity

  • Weak trust relationships

M2M Area Network

  • Electrical

  • Tampering

  • Physical

M2M / IoT Applications

SERVICE ENABLEMENT

M2M Core

Service Capabilities

Gateway

M2M Area Network

Direct Connection

Client Application

Devices

Device Domain

Network Domain


Challenges in iot security

Challenges in IoT Security

Electrical

Over/under voltage

Power analysis

Frequency analysis

Electrostatic discharge

Circuit probing

Tampering

Change functionality

Secure boot

Flash protection

Device Domain

  • Physical

    • Temperature variation (into extremes)

    • Temperature analysis

    • De-processing

    • System theft

    • Partial destruction

    • Hardware addition/substitution


Challenges in iot security1

Challenges in IoT Security

Non-repudiation

Mutual authentication

Digital signatures

Identity verification

Confidentiality

Secure data transfer

Protection of data from unauthorized eavesdropping

Network Domain

  • Integrity

    • Data integrity verification

    • Protection of data from unauthorized modifications

    • Exclusivity

  • Anonymity

    • Protection of device identity from unauthorized network eavesdropping


Challenges in iot security2

Challenges in IoT Security

Weak trust relationships

Network Domain

Devices supplied by service provider

Devices owned by end user

Cellular/wired network

IoT Service Providers

Strong trust relationship

Devices owned by end user or supplied by operator

Weak trust relationship


Trust

Trust

Critical factor for IoT success

  • Unless consumers can trust IoT devices, there will not be mass adoption

  • Need to develop “implicit” trust

    • You don’t worry about your snail mail

  • Trust requires security at all levels

    • Hardware

    • Network

    • Data

    • Application


Example of mcu system security

Example of MCU System Security

Hardware random number generator

Protected flash memory

Encrypted communications

BAN

PAN

LAN

WAN

Memory protection unit

Optional external memory system

Flash

Integrated

Flash

Peripherals

Restrict external code accesses

CPU

DRAM

SRAM

Hardware cryptographic acceleration

Tamper detection,

Secure RTC

Unique chip identifier

Secure key storage,

Unique chip ID


Graphic section divider

Graphic Section Divider


Oracle s internet of things platform

Oracle’s Internet of Things Platform

Complete, Best in Class & Engineered Together

M2M APPLICATION

Java on ANY Device or Gateway

Faster, portable and more reliable development

Oracle Middleware and Database

Performance, scalability, security, integration

MIDDLEWARE

NETWORK

CLOUD

NETWORK

CLOUD

DEVICE

GATEWAY

DATABASE

Oracle Engineered Systems to deliver cloud services and manage Big Data

ENGINEEDED SYSTEMS,

SERVERS & STORAGE

ORACLE INTERNAL ONLY


Iot conceptual architecture

IoT Conceptual Architecture

Device Identity Management

Device Identity & Access Governance

Smart Sensor

Device Communications Management

Device Management

Core Network

Wired Sensor

Big Data

Regional Network

Gateway

Capillary Networks

WSN

Data Routing & Analysis

RDBMS/NoSQL

Wireless Sensor

Enterprise Service Bus & Business Intelligence

Intranet

DMZ

WSN: Wireless Sensor Network


Oracle iot security solution

Oracle IoT Security Solution

Key Features

Onboarding & Enrollment

  • Mutual authentication between devices and server

  • Confidentiality of data transfer over multi-protocol networks

  • Device data management

  • Governance of trust relationships in IoT networks

  • Device applications provisioning & management

Authentication & Authorization

Device Metadata & Control

Policy & Key Management

Application Management & Provisioning


Device management

Device Management

  • Must be remote

    • “Man with USB stick in pocket” is not the right admin model

  • Must be secure

  • Must be scalable

  • Must work with “sleeping devices”


Identity

Identity

  • Important for managing entities within an IoT solution

    • Device

    • Tenant

    • Application

  • Secure device registration process

  • Central management of policies, relationships and rules

  • Key management on a massive scale


Multi tenancy

Multi-tenancy

  • Applications from many different vendors

  • Need to be separated

  • But able to share when required


Trusted execution environment

Trusted Execution Environment

  • Secure element integrated into the chipset

  • Separated from the rich OS

  • Can store secrets and use them to operate on data

  • Secrets never leave the TEE

  • Secure local storage of trust information


Conclusion

Conclusion

  • Trust is key for IoT

  • Everything has to be secure to enable implicit trust

  • Identity is one ingredient for securing IoT and building trust


  • Login