Security & Identity in AllJoyn 14.06
date post
27-Aug-2014Category
Software
view
406download
5
Embed Size (px)
description
My presentation for Cloud Identity Summit 2014. I will be talking about the security and identity features that AllJoyn offers in it's 14.06 release.
Transcript of Security & Identity in AllJoyn 14.06
- Identity & Security In AllJoyn 14.06 Tim Kellogg Saturday, July 19 2014
- https://github.com/tkellogg/alljoyn-examples https://github.com/tkellogg/alljoyn- core/tree/master/alljoyn_core/src
- Embedded Security
- Mitsubishi EMI Incident (2003) Brakes disabled when given 1000-10000x legal levels of EMI radiation Car thinks brakes are locked, so it releases All within limits required by law
- Slammer Worm (2003) Nuclear plant safety monitoring disabled for 5 hours The business value of access to the data within the control center worth the risk of open connections between the control center and the corporate network Unpatched MSSQL Server
- Hello, my name is Bruce Schneier and I think routers are super duper easy to hack, mostly because you nerds never patch the software https://www.schneier.com/essays/archives/2014/01/the _internet_of_thin.html
- University of Washington Study (2010) We demonstrate that an attacker who is able to infiltrate virtually any Electronic Control Unit (ECU) can leverage this ability to completely circumvent a broad array of safety-critical systems http://www.autosec.org/pubs/cars- oakland2010.pdf
- Hey, check it out! I made my own encryption algorithm
- Embedded Needs Rails Software Updates Security & Identity Communication Media Streaming User Interfaces
- Distributed Bus
- Distributed Bus
- Security
- Auth Listeners ALLJOYN_RSA_KEYX X.509 certificates ALLJOYN_SRP_KEYX Show Random PIN ALLJOYN_SRP_LOGON preset U/P table ALLJOYN_ECDHE_NULL ALLJOYN_ECDHE_PSK ALLJOYN_ECDHE_ECDSA DSA
- ALLJOYN_RSA_KEYX RSA = Asymmetric key encryption X.509 certificates Trusted Certificate Authority
- SRP_KEYX & SRP_LOGON Threshold Cryptography No trust required to establish a secure connection LOGON = Username & Password KEYX = A PIN is displayed
- ALLJOYN_SRP_KEYX
- ECDHE Elliptic Curve (EC) Cryptography DHE = Diffie-Hellman key Exchange Symmetric key encryption
- ALLJOYN_ECDHE_NULL Elliptic Curve Encryption No verification of identity
- ALLJOYN_ECDHE_PSK PSK = Pre-Shared Key Service already has the clients public key A password may also be used
- ALLJOYN_ECDHE_ECDSA ECDSA Elliptic Curve Digital Signature Algorithm Certificate shows identity
- Questions? @kellogh Practical Internet of Things