1 / 33

Trust Me, I’m an M2M Device

Trust Me, I’m an M2M Device. Noel Poore Architect, Oracle.

cutler
Download Presentation

Trust Me, I’m an M2M Device

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trust Me, I’m an M2M Device Noel Poore Architect, Oracle

  2. The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

  3. Program Agenda • The Internet of Things • Topic 2, Arial, 24 pt • Topic 3, Arial, 24 pt • Topic 4, Arial, 24 pt • Topic 5. More than 5 topics, add second agenda slide.

  4. What is M2M? • According to Wikipedia… Machine to Machine (M2M) refers to technologies that allow both wireless and wired systems to communicate with other devices of the same ability

  5. Internet of Things Different Services,Different Technologies Different Meanings for Everyone Miniaturization & advances in packaging technologies Advances in flash New class of powerfulbut low-cost & low-power MCUs Cloud-based services And the Word“SMART” Is Everywhere!

  6. IoT Is More Than M2M The Internet of Things (IoT) is about Machine to Entity (M2E): Machine to Machine: Automatic diagnostics for cars: Automatic information collection from your car’s engine management system and sending real-time alerts to drivers or service centers Machine to Infrastructure: Automatic bridge monitoring: Sensing and monitoring the structural integrity of a bridge in case of flooding Machine to Human: Automatic health monitoring for people: Implant monitoring services or disease management via implantable electronics Machine to Nature/Environment: Early detection of earthquakes: Distributed sensors to detect early tremors in specific places

  7. Slide Title: Arial, 28 PT, One-Line Subtitle: Arial, 20 pt, One-Line Max • Bullets are sentence case. Use Arial, 20 pt font. • Sub-bullets are Arial, 18 pt font. • Keep bullets short. • One idea per bullet. • No more than five bullets. • NOTE: Arial is the ONLY font that should be used in the Oracle corporate presentation template.Times and other serif fonts are not acceptable. To ensure that slides are properly formatted to this template, see pages 7 and 8 for instructions.

  8. IoT Architecture VALUE ADDED SERVICES M2M Area Network M2M / IoT Applications SERVICE ENABLEMENT M2M Core Service Capabilities Gateway M2M Area Network Direct Connection Client Application Devices

  9. IoT Use Case: Smart Home & Smart HealthPervasive Remote Monitoring and /or Control Human being’s vital statistics monitored via edge nodes communicating through body area network s(BAN) and personal area networks (PAN) Many other “things” in the smart home using local area network (LAN) All communicate with a home hub / gateway, which, in turn, communicates to the cloud via wide area networks (WAN) CLOUDMonitor Anywhere Power Home Hub WiredWAN NAN Wireless WAN PAN/BAN WAN HVAC LAN

  10. End-to-End Security is a Barrier for IoT Adoption “The horizontal evolution of M2M will require full end-to-end security. Significant efforts need to be invested into M2M application security in order for the M2M market to fully evolve. Whether this is through open source initiatives or standards development, the demand for increased M2M application security will have to be answered, and sooner rather than later.” ABI Research, M2M Dream Challenged by Alarming Security Concerns, Feb 2013 40% Of embedded systems and applications developers have not proactively addressed security in existing development projects 30% Median CAGR growth (2011-2014) in shipments of security solutions for industrial automation, medical devices, consumer electronics, automotive and retail Source: VDC Research Strategic Insights 2012: Embedded Software & Tools Market, Security Development & Runtime Solutions

  11. Insecure Devices and Services • Connected light bulbs with IP-based controller • Not enough attention paid to security • Inadequate hardware • Poorly thought through software • Saving on BOM cost may be a poor investment

  12. Internet as a Top Security Concern Testifying at the Senate Intelligence Committee’s annual hearing on worldwide threats, Director of National Intelligence James Clapper told lawmakers that terrorist groups are increasingly pursuing the ability to wage cyber attacks, which, if successful, could bring businesses and the government to a collapsing halt. “Our statement this year leads with cyber, and it’s hard to overemphasize its significance,” said Clapper, reading a statement on behalf of himself, FBI Director Robert Mueller, CIA Director John Brennan and National Counterterrorism Center Director Matthew Olsen. Despite the growing number of terror and nuclear related threats, officials and lawmakers concentrated much of their attention on cyber security — a signal that momentum is growing on Capitol Hill to try topass another bill on the issue. Intelligence Chiefs Warn that Cyber Attacks are Nation’s Top Security Threat By JordyYager and Carlo Munoz – 03/12/13 4;00 PM ET

  13. Privacy Who? The Internet is a Surveillance State By Bruce Schneier, Special to CNNupdated 2:04 PM EDT, Sat March 16, 2013 The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we’re being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks u s on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies trackedhis Internet useduring one 36-hour period. Facebook, for example, correlates your online behavior with your purchasing habits offline. And there’s more. There’s location data from your cell phone, there’s a record of your movements from closed-circuit TVs. In today’s world, governments and corporations are working together to keep things that way. Governments are happy to use the data corporations collect – occasionally demanding that they collect more and save it longer – to spy on us. And corporations are happy to buy data from governments. Together the powerful spy on the powerless, and they’re not going to give up their positions of power, despite what the people want.

  14. Information must be secure and trusted • Information needs to be • Timely • Most information has to be up-to-date to be useful • Confidential • Information owner needs to be able to control access to information • Integrity assured • Assurance that information is complete and authentic • If the data can’t be trusted, the entire service paradigm breaks down

  15. Top Challenges in IoT Security VALUE ADDED SERVICES • Non-repudiation • Confidentiality • Integrity • Anonymity • Weak trust relationships M2M Area Network • Electrical • Tampering • Physical M2M / IoT Applications SERVICE ENABLEMENT M2M Core Service Capabilities Gateway M2M Area Network Direct Connection Client Application Devices Device Domain Network Domain

  16. Challenges in IoT Security Electrical Over/under voltage Power analysis Frequency analysis Electrostatic discharge Circuit probing Tampering Change functionality Secure boot Flash protection Device Domain • Physical • Temperature variation (into extremes) • Temperature analysis • De-processing • System theft • Partial destruction • Hardware addition/substitution

  17. Challenges in IoT Security Non-repudiation Mutual authentication Digital signatures Identity verification Confidentiality Secure data transfer Protection of data from unauthorized eavesdropping Network Domain • Integrity • Data integrity verification • Protection of data from unauthorized modifications • Exclusivity • Anonymity • Protection of device identity from unauthorized network eavesdropping

  18. Challenges in IoT Security Weak trust relationships Network Domain Devices supplied by service provider Devices owned by end user Cellular/wired network IoT Service Providers Strong trust relationship Devices owned by end user or supplied by operator Weak trust relationship

  19. Trust Critical factor for IoT success • Unless consumers can trust IoT devices, there will not be mass adoption • Need to develop “implicit” trust • You don’t worry about your snail mail • Trust requires security at all levels • Hardware • Network • Data • Application

  20. Example of MCU System Security Hardware random number generator Protected flash memory Encrypted communications BAN PAN LAN WAN Memory protection unit Optional external memory system Flash Integrated Flash Peripherals Restrict external code accesses CPU DRAM SRAM Hardware cryptographic acceleration Tamper detection, Secure RTC Unique chip identifier Secure key storage, Unique chip ID

  21. Graphic Section Divider

  22. Oracle’s Internet of Things Platform Complete, Best in Class & Engineered Together M2M APPLICATION Java on ANY Device or Gateway Faster, portable and more reliable development Oracle Middleware and Database Performance, scalability, security, integration MIDDLEWARE NETWORK CLOUD NETWORK CLOUD DEVICE GATEWAY DATABASE Oracle Engineered Systems to deliver cloud services and manage Big Data ENGINEEDED SYSTEMS, SERVERS & STORAGE ORACLE INTERNAL ONLY

  23. IoT Conceptual Architecture Device Identity Management Device Identity & Access Governance Smart Sensor Device Communications Management Device Management Core Network Wired Sensor Big Data Regional Network Gateway Capillary Networks WSN Data Routing & Analysis RDBMS/NoSQL Wireless Sensor Enterprise Service Bus & Business Intelligence Intranet DMZ WSN: Wireless Sensor Network

  24. Oracle IoT Security Solution Key Features Onboarding & Enrollment • Mutual authentication between devices and server • Confidentiality of data transfer over multi-protocol networks • Device data management • Governance of trust relationships in IoT networks • Device applications provisioning & management Authentication & Authorization Device Metadata & Control Policy & Key Management Application Management & Provisioning

  25. Device Management • Must be remote • “Man with USB stick in pocket” is not the right admin model • Must be secure • Must be scalable • Must work with “sleeping devices”

  26. Identity • Important for managing entities within an IoT solution • Device • Tenant • Application • Secure device registration process • Central management of policies, relationships and rules • Key management on a massive scale

  27. Multi-tenancy • Applications from many different vendors • Need to be separated • But able to share when required

  28. Trusted Execution Environment • Secure element integrated into the chipset • Separated from the rich OS • Can store secrets and use them to operate on data • Secrets never leave the TEE • Secure local storage of trust information

  29. Conclusion • Trust is key for IoT • Everything has to be secure to enable implicit trust • Identity is one ingredient for securing IoT and building trust

More Related