CIS 2015- Practical Identity in the IoT Era- Morteza Ansari
-
Upload
cloudidsummit -
Category
Technology
-
view
78 -
download
1
Transcript of CIS 2015- Practical Identity in the IoT Era- Morteza Ansari
Practical Identity in the
IoT Era
Morteza Ansari
• Trustworthiness Integrity Tamperproof Anti-cloning
• Device identity & identity context
• Provisioning & associated life cycle
• Authorization and access
• Bridging modern & legacy
• …
System Integrator Owner Operator
OEM
OEM System Integrator
Owner
Operator
App
…
App App
Operator System Integrator
OEM
OEM System Integrator
Owner
Operator
…
App App
Operator System Integrator
OEM
OEM System Integrator
Owner
Operator
…
✓ Read diagnostic data ✓ Run diagnostic routines ✗ Read movement ✗ Write movement ? Update firmware
✓ Read diagnostic data ✓ Run diagnostic routines ✗ Read movement ✗ Write movement ✗ Read program ? Update firmware
✓ Read diagnostic data ✓ Run diagnostic routines ✗ Read movement ✗ Write movement ✗ Read program ? Update firmware
✓ Read diagnostic data ✓ Run diagnostic routines ✗ Read movement ✗ Write movement ✗ Read program ? Update firmware
✓ Read diagnostic data ✓ Run diagnostic routines ✗ Read movement ✗ Write movement ✗ Read program ? Update firmware
✓ Read diagnostic data ✓ Run diagnostic routines ✗ Read movement ✗ Write movement ✗ Read program ? Update firmware
✓ Read diagnostic data ✓ Run diagnostic routines ✗ Read movement ✗ Write movement ✗ Read program ? Update firmware
✓ Read diagnostic data ✓ Run diagnostic routines ✗ Read movement ✗ Write movement ✗ Read program ? Update firmware
Location
Network
Trustworthiness
Calibration
Health
…
• Bridging legacy & modern
• Not all devices are created equal
• Life expectancy of industrial devices
• IT vs. OT
• Access: Remote locations Unreliable connectivity Low bandwidth Very complex failure scenarios
• Privacy!
• Too static, too fragile, too vulnerable
• Device identity context
• Risk based policies
• Dynamic & continuous identity
• Standardization
• Identity life cycle
• Identity ó security