1 / 6

Towards a Secure Internet of Things Future Internet Assembly Budapest, May 2011

Towards a Secure Internet of Things Future Internet Assembly Budapest, May 2011. Oscar Garcia- Morchon ( oscar.garcia@philips.com ). Distributed Sensor Systems - Philips Research Europe. Things and the Thing Lifecycle?. Manufactured. Reconfiguration SW Update. Installed. Removal.

tea
Download Presentation

Towards a Secure Internet of Things Future Internet Assembly Budapest, May 2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Towards a SecureInternet of ThingsFuture Internet Assembly Budapest, May 2011 Oscar Garcia-Morchon (oscar.garcia@philips.com) Distributed Sensor Systems - Philips Research Europe

  2. Things and the Thing Lifecycle? Manufactured Reconfiguration SW Update Installed Removal Commissioned Appl Reconfiguration Decommissioned Operational Operational time “Ubiquitous computing“ (1991, Mark Weiser)

  3. Security in the IoT(*) IoT Domain (e.g, based on CoAP/6LoWPAN or ZigBee) Security architecture Gateway Secure IoT Internet Guidelines & Standards Applications and Security What do we actually need? System shall/should/may use…? How does everything work together? (*) Garcia-Morchon, O., Keoh, SL., Kumar, S.,Hummen, R., Struik, R.: “Internet Draft: Security Considerations in the Internet of Things” CORE, IETF, March 2011.

  4. Security Architecture (1/2) Gateway Configuration entity IoT Domain (e.g, based on CoAP/6LoWPAN or ZigBee) Internet Node B Node A

  5. Security Architecture (2/2) Distributed vs Centralized ?? Attackers launch resource exhaustion attack IoT Domain (e.g, based on CoAP/6LoWPAN or ZigBee) Gateway E2E Security? Internet IP ↔ IoT translation Group management and secure multicast F(ID,y); ID=hash(Entity’s Name)

  6. Topics for discussion…and to keep in mind Manufactured Reconfiguration SW Update Installed Removal Commissioned Appl Reconfiguration Decommissioned Security architecture Operational Operational time Identity & key management Distributed or centralized Secure IoT Incremental deployment E2E vs local Availability Group security Mobility Dependability Bootstrapping & operation Application and Security Guidelines & Standards Privacy-aware design 95/46/EC Confidentiality IDS Revocation NISTIR 7628 Authentication HIPAA NIST Integrity Accountability Freshness FIPS 140-2 Access control Risk Assessment & Design Antivirus (Stuxnet)

More Related