Trust me i m an m2m device
1 / 33

- PowerPoint PPT Presentation

  • Uploaded on

Trust Me, I’m an M2M Device. Noel Poore Architect, Oracle.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about '' - cutler

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Trust me i m an m2m device
Trust Me, I’m an M2M Device

Noel Poore

Architect, Oracle

Trust me i m an m2m device

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

Program agenda
Program Agenda direction.

  • The Internet of Things

  • Topic 2, Arial, 24 pt

  • Topic 3, Arial, 24 pt

  • Topic 4, Arial, 24 pt

  • Topic 5. More than 5 topics, add second agenda slide.

What is m2m
What is M2M? direction.

  • According to Wikipedia…

    Machine to Machine (M2M) refers to technologies that allow both wireless and wired systems to communicate with other devices of the same ability

Internet of things
Internet of Things direction.

Different Services,Different Technologies

Different Meanings for Everyone

Miniaturization & advances in packaging technologies

Advances in flash

New class of powerfulbut low-cost & low-power MCUs

Cloud-based services

And the Word“SMART”

Is Everywhere!

Iot is more than m2m
IoT Is More Than M2M direction.

The Internet of Things (IoT) is about Machine to Entity (M2E):

Machine to Machine:

Automatic diagnostics for cars: Automatic information collection from your car’s engine management system and sending real-time alerts to drivers or service centers

Machine to Infrastructure:

Automatic bridge monitoring: Sensing and monitoring the structural integrity of a

bridge in case of flooding

Machine to Human:

Automatic health monitoring for people: Implant monitoring services or disease management via implantable electronics

Machine to Nature/Environment:

Early detection of earthquakes: Distributed sensors to detect early tremors in specific places

Slide title arial 28 pt one line
Slide Title: Arial, 28 direction. PT, One-Line

Subtitle: Arial, 20 pt, One-Line Max

  • Bullets are sentence case. Use Arial, 20 pt font.

    • Sub-bullets are Arial, 18 pt font.

  • Keep bullets short.

  • One idea per bullet.

  • No more than five bullets.

  • NOTE: Arial is the ONLY font that should be used in the Oracle corporate presentation template.Times and other serif fonts are not acceptable.

To ensure that slides are properly formatted to this template, see pages 7 and 8 for instructions.

Iot architecture
IoT Architecture direction.


M2M Area Network

M2M / IoT Applications


M2M Core

Service Capabilities


M2M Area Network

Direct Connection

Client Application


Iot use case smart home smart health pervasive remote monitoring and or control
IoT Use Case: Smart Home & Smart Health direction. Pervasive Remote Monitoring and /or Control

Human being’s vital statistics monitored via edge nodes communicating through body area network s(BAN) and personal area networks (PAN)

Many other “things” in the smart home using local area network (LAN)

All communicate with a home hub / gateway, which, in turn, communicates to the cloud via wide area networks (WAN)

CLOUDMonitor Anywhere


Home Hub



Wireless WAN





End to end security is a barrier for iot adoption
End-to-End Security is a Barrier for IoT Adoption direction.

“The horizontal evolution of M2M will require full end-to-end security. Significant efforts need to be invested into M2M application security in order for the M2M market to fully evolve. Whether this is through open source initiatives or standards development, the demand for increased M2M application security will have to be answered, and sooner rather than later.”

ABI Research, M2M Dream Challenged by Alarming Security Concerns, Feb 2013


Of embedded systems and applications developers have not proactively addressed security in existing development projects


Median CAGR growth (2011-2014) in shipments of security solutions for industrial automation, medical devices, consumer electronics, automotive and retail

Source: VDC Research

Strategic Insights 2012: Embedded Software & Tools Market, Security Development & Runtime Solutions

Insecure devices and services
Insecure Devices and Services direction.

  • Connected light bulbs with IP-based controller

  • Not enough attention paid to security

  • Inadequate hardware

  • Poorly thought through software

  • Saving on BOM cost may be a poor investment

Internet as a top security concern
Internet direction. as a Top Security Concern

Testifying at the Senate Intelligence Committee’s annual hearing on worldwide threats, Director of National Intelligence James Clapper told lawmakers that terrorist groups are increasingly pursuing the ability to wage cyber attacks, which, if successful, could bring businesses and the government to a collapsing halt.

“Our statement this year leads with cyber, and it’s hard to overemphasize its significance,” said Clapper, reading a statement on behalf of himself, FBI Director Robert Mueller, CIA Director John Brennan and National Counterterrorism Center Director Matthew Olsen.

Despite the growing number of terror and nuclear related threats, officials and lawmakers concentrated much of their attention on cyber security — a signal that momentum is growing on Capitol Hill to try topass another bill on the issue.

Intelligence Chiefs Warn that Cyber Attacks are Nation’s Top Security Threat

By JordyYager and Carlo Munoz – 03/12/13 4;00 PM ET

Privacy who
Privacy Who? direction.

The Internet is a Surveillance State

By Bruce Schneier, Special to CNNupdated 2:04 PM EDT, Sat March 16, 2013

The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we’re being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks u s on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies trackedhis Internet useduring one 36-hour period.

Facebook, for example, correlates your online behavior with your purchasing habits offline. And there’s more. There’s location data from your cell phone, there’s a record of your movements from closed-circuit TVs.

In today’s world, governments and corporations are working together to keep things that way. Governments are happy to use the data corporations collect – occasionally demanding that they collect more and save it longer – to spy on us. And corporations are happy to buy data from governments. Together the powerful spy on the powerless, and they’re not going to give up their positions of power, despite what the people want.

Information must be secure and trusted
Information must be secure and trusted direction.

  • Information needs to be

    • Timely

      • Most information has to be up-to-date to be useful

    • Confidential

      • Information owner needs to be able to control access to information

    • Integrity assured

      • Assurance that information is complete and authentic

  • If the data can’t be trusted, the entire service paradigm breaks down

Top challenges in iot security
Top Challenges in IoT Security direction.


  • Non-repudiation

  • Confidentiality

  • Integrity

  • Anonymity

  • Weak trust relationships

M2M Area Network

  • Electrical

  • Tampering

  • Physical

M2M / IoT Applications


M2M Core

Service Capabilities


M2M Area Network

Direct Connection

Client Application


Device Domain

Network Domain

Challenges in iot security
Challenges in IoT Security direction.


Over/under voltage

Power analysis

Frequency analysis

Electrostatic discharge

Circuit probing


Change functionality

Secure boot

Flash protection

Device Domain

  • Physical

    • Temperature variation (into extremes)

    • Temperature analysis

    • De-processing

    • System theft

    • Partial destruction

    • Hardware addition/substitution

Challenges in iot security1
Challenges in IoT Security direction.


Mutual authentication

Digital signatures

Identity verification


Secure data transfer

Protection of data from unauthorized eavesdropping

Network Domain

  • Integrity

    • Data integrity verification

    • Protection of data from unauthorized modifications

    • Exclusivity

  • Anonymity

    • Protection of device identity from unauthorized network eavesdropping

Challenges in iot security2
Challenges in IoT Security direction.

Weak trust relationships

Network Domain

Devices supplied by service provider

Devices owned by end user

Cellular/wired network

IoT Service Providers

Strong trust relationship

Devices owned by end user or supplied by operator

Weak trust relationship

Trust direction.

Critical factor for IoT success

  • Unless consumers can trust IoT devices, there will not be mass adoption

  • Need to develop “implicit” trust

    • You don’t worry about your snail mail

  • Trust requires security at all levels

    • Hardware

    • Network

    • Data

    • Application

Example of mcu system security
Example of MCU System Security direction.

Hardware random number generator

Protected flash memory

Encrypted communications





Memory protection unit

Optional external memory system





Restrict external code accesses




Hardware cryptographic acceleration

Tamper detection,

Secure RTC

Unique chip identifier

Secure key storage,

Unique chip ID

Graphic section divider
Graphic direction. Section Divider

Oracle s internet of things platform
Oracle’s Internet of Things Platform direction.

Complete, Best in Class & Engineered Together


Java on ANY Device or Gateway

Faster, portable and more reliable development

Oracle Middleware and Database

Performance, scalability, security, integration









Oracle Engineered Systems to deliver cloud services and manage Big Data




Iot conceptual architecture
IoT Conceptual Architecture direction.

Device Identity Management

Device Identity & Access Governance

Smart Sensor

Device Communications Management

Device Management

Core Network

Wired Sensor

Big Data

Regional Network


Capillary Networks


Data Routing & Analysis


Wireless Sensor

Enterprise Service Bus & Business Intelligence



WSN: Wireless Sensor Network

Oracle iot security solution
Oracle IoT Security Solution direction.

Key Features

Onboarding & Enrollment

  • Mutual authentication between devices and server

  • Confidentiality of data transfer over multi-protocol networks

  • Device data management

  • Governance of trust relationships in IoT networks

  • Device applications provisioning & management

Authentication & Authorization

Device Metadata & Control

Policy & Key Management

Application Management & Provisioning

Device management
Device Management direction.

  • Must be remote

    • “Man with USB stick in pocket” is not the right admin model

  • Must be secure

  • Must be scalable

  • Must work with “sleeping devices”

Identity direction.

  • Important for managing entities within an IoT solution

    • Device

    • Tenant

    • Application

  • Secure device registration process

  • Central management of policies, relationships and rules

  • Key management on a massive scale

Multi tenancy
Multi-tenancy direction.

  • Applications from many different vendors

  • Need to be separated

  • But able to share when required

Trusted execution environment
Trusted Execution Environment direction.

  • Secure element integrated into the chipset

  • Separated from the rich OS

  • Can store secrets and use them to operate on data

  • Secrets never leave the TEE

  • Secure local storage of trust information

Conclusion direction.

  • Trust is key for IoT

  • Everything has to be secure to enable implicit trust

  • Identity is one ingredient for securing IoT and building trust