Security & Identity in AllJoyn 14.06

download Security & Identity in AllJoyn 14.06

of 23

  • date post

    27-Aug-2014

  • Category

    Software

  • view

    394

  • download

    5

TAGS:

Embed Size (px)

description

My presentation for Cloud Identity Summit 2014. I will be talking about the security and identity features that AllJoyn offers in it's 14.06 release.

Transcript of Security & Identity in AllJoyn 14.06

  • Identity & Security In AllJoyn 14.06 Tim Kellogg Saturday, July 19 2014
  • https://github.com/tkellogg/alljoyn-examples https://github.com/tkellogg/alljoyn- core/tree/master/alljoyn_core/src
  • Embedded Security
  • Mitsubishi EMI Incident (2003) Brakes disabled when given 1000-10000x legal levels of EMI radiation Car thinks brakes are locked, so it releases All within limits required by law
  • Slammer Worm (2003) Nuclear plant safety monitoring disabled for 5 hours The business value of access to the data within the control center worth the risk of open connections between the control center and the corporate network Unpatched MSSQL Server
  • Hello, my name is Bruce Schneier and I think routers are super duper easy to hack, mostly because you nerds never patch the software https://www.schneier.com/essays/archives/2014/01/the _internet_of_thin.html
  • University of Washington Study (2010) We demonstrate that an attacker who is able to infiltrate virtually any Electronic Control Unit (ECU) can leverage this ability to completely circumvent a broad array of safety-critical systems http://www.autosec.org/pubs/cars- oakland2010.pdf
  • Hey, check it out! I made my own encryption algorithm
  • Embedded Needs Rails Software Updates Security & Identity Communication Media Streaming User Interfaces
  • Distributed Bus
  • Distributed Bus
  • Security
  • Auth Listeners ALLJOYN_RSA_KEYX X.509 certificates ALLJOYN_SRP_KEYX Show Random PIN ALLJOYN_SRP_LOGON preset U/P table ALLJOYN_ECDHE_NULL ALLJOYN_ECDHE_PSK ALLJOYN_ECDHE_ECDSA DSA
  • ALLJOYN_RSA_KEYX RSA = Asymmetric key encryption X.509 certificates Trusted Certificate Authority
  • SRP_KEYX & SRP_LOGON Threshold Cryptography No trust required to establish a secure connection LOGON = Username & Password KEYX = A PIN is displayed
  • ALLJOYN_SRP_KEYX
  • ECDHE Elliptic Curve (EC) Cryptography DHE = Diffie-Hellman key Exchange Symmetric key encryption
  • ALLJOYN_ECDHE_NULL Elliptic Curve Encryption No verification of identity
  • ALLJOYN_ECDHE_PSK PSK = Pre-Shared Key Service already has the clients public key A password may also be used
  • ALLJOYN_ECDHE_ECDSA ECDSA Elliptic Curve Digital Signature Algorithm Certificate shows identity
  • Questions? @kellogh Practical Internet of Things

Recommended

Kiva Allgood Vice President, Business Development, Smart ... ... Industrial AllJoyn Wi-Fi Cellular Wired
Kiva Allgood Vice President, Business Development, Smart ... ... Industrial AllJoyn Wi-Fi Cellular Wired
Putting Security in Identity-as-a-Service
Putting Security in Identity-as-a-Service
Project Initiation Plan - Identity Management at CIT Project Initiation Plan IT Security/Identity Management Project Name: Alumni Provisioning ... OIT IT Security/Identity Management
Project Initiation Plan - Identity Management at CIT Project Initiation Plan IT Security/Identity Management Project Name: Alumni Provisioning ... OIT IT Security/Identity Management
BLSTK REPLAY N°10 - Semaine du 14.06 au 20.06
BLSTK REPLAY N°10 - Semaine du 14.06 au 20.06
Lecture 14.06.ppt
Lecture 14.06.ppt
Security & Identity for the Internet of Things Webinar
Security & Identity for the Internet of Things Webinar
Computer Security: Data and Identity Management - Theft Security 1 3/28/2017 Computer Security: Data and Identity Management Data Security - Identity Theft:
Computer Security: Data and Identity Management - Theft Security 1 3/28/2017 Computer Security: Data and Identity Management Data Security - Identity Theft:
Dynamic Identity Federation using Security Assertion ... Dynamic Identity Federation using Security
Dynamic Identity Federation using Security Assertion ... Dynamic Identity Federation using Security
THE IDENTITY DEFINED SECURITY ALLIANCE
THE IDENTITY DEFINED SECURITY ALLIANCE
Identity, Credential, and Access Management Federal CIO Council Information Security and Identity Management Committee The Future of Federal Identity Management.
Identity, Credential, and Access Management Federal CIO Council Information Security and Identity Management Committee The Future of Federal Identity Management.
Introduction to AllJoyn
Introduction to AllJoyn
HOW TO EXTEND IDENTITY SECURITY TO YOUR API'S
HOW TO EXTEND IDENTITY SECURITY TO YOUR API'S
Kansas City 14.06
Kansas City 14.06
security union annex - European Commission Enhancing the security features of national identity cards
security union annex - European Commission Enhancing the security features of national identity cards
Extending IBM Security Identity Manager
Extending IBM Security Identity Manager
Jornada Formativa Qualcomm y Movilforum: Alljoyn
Jornada Formativa Qualcomm y Movilforum: Alljoyn
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of Things
NetIQ Identity Manager Security Guide “Preventing Clickjacking Attacks in Identity Managerâ€‌ on page
NetIQ Identity Manager Security Guide “Preventing Clickjacking Attacks in Identity Managerâ€‌ on page
IDENTITY SOLUTIONS: Security Beyond the Perimeter IDENTITY SOLUTIONS: Security Beyond the Perimeter
IDENTITY SOLUTIONS: Security Beyond the Perimeter IDENTITY SOLUTIONS: Security Beyond the Perimeter
Identity Management (IdM) Solution - PwC .Identity Management (IdM) Solution ... information security
Identity Management (IdM) Solution - PwC .Identity Management (IdM) Solution ... information security
View more