2. A simple, easy to use, online, B2B procurement
portal for purchasing products and services to
identify, minimise and manage the security
threat to business data.
www.riskfactory.com
3. Encryption Cracking Data Slurping
Cookies
Script Scrapers Script Kiddies Spyware
Mockingbirds Road Apples Zombie Spim
M alwar Botnets s
SQL Injection Spoofers
e
Google Stealth Bombs Port Scanning
Hacking Worm
Root Kits Backdoors s Pharmin
War
Crackers gEavesdropping
Steganography Driving
Denial of Service Attacks
X-Site Crawler
Ear Wigging
Scripting s
Phishing Man-in-the Middle
Adware Data Mining
Attacks
Suppression Screen Grabbers
Fingerprinting
Viruses Stripping Smurfing Social Engineering
5. Our Internet Based
On… …
• 60’s concepts, requirements &
funding
• 70’s computing environments
• 80’s operating systems,
applications, networks, and
programming languages
• 90’s security technology
• 2000’s operational and
business practices
6. The End is Neigh
In the next 2
years the
present IP
address space
(IPv4) will reach
its capacity.
7. Birth Follows Every
Death
It will be replaced by
IPv6 which has
addresses enough
(about 5x10 to the 28 th
power) for each of the
6.8 billion human
beings on the planet.
8. In Other Words...
Every human being on the planet could have their
own personal network the size of today’s internet.
9. Why?
• The Internet is preparing to leave its virtual
world and enter our physical world.
• IPv6 provides an infrastructure for
assigning IP addresses to physical “things”
• The networking of the virtual world to the
physical world
• The networking of “things”
• Evolution: from a network of
interconnected computers to a network of
interconnected objects …
11. Imagine
• What if you could put them all on your own
network?
• Have a complete inventory of everything you own
and know where it is – real-time?
• What if you could connect this network of your
things to other networks and interact?
• Life on this planet would be significantly and
profoundly changed.
• We’d never run out of anything.
• No more theft as we know it – we’d know exactly
where things are at any given movement
anywhere on the planet
12. Wake Up
• It’s all ready here
• Internet of Things (IoT)
• Concept founded by Auto-ID Centre at in
MIT back in 1999
• Phase 1 underway, bottom up, level-
specific functionality
• Internet Protocol for Smart Objects (IPSO)
Alliance founded 2008
13. IoT Characteristics
Pervasive: present throughout
Ubiquitous: everywhere at the same time
Evolving: constantly changing
Global: everywhere on this planet
16. First Things First
• Everything on the electrical grid - first
• Balance of power (grids)
– Plant to substations
– Substations to lines
– Lines – transformers
– Transformers to homes
17. Second Things Second
• Any “thing” with a power source to
any “thing” with a power source
and vice versa…
– Refrigerator to a television
– Toaster to smoke detector
– Fire alarms to ovens
– Smoke detectors to gas supplier
18. And Last But Not Least
• Any “person” to any “thing” or any person?
– You to your house
– You to your appliances
– You to your car
– You to your….
19. Communication is Key
• Need mobile “smart” communication
devices to connect:
– Things to things
– People to things
• IP Smart Objects (IPSO)
• RFID chip the leader
20. IoT Language
Hello: My UID is
1234567fa and my
challenge is X4665
Bonjour: My UID is
af7654321 and the
answer to your challenge
is Ab455839
22. Framework
Netless: is an anamorphic structure of nodes that is capable
of holding some amounts of digital data. each node is a small,
low-power wireless digital transponder. There is no permanent
network connection. Every time any node would appear in the
vicinity of any other node - they would establish a wireless link
and swap the data that was stored internally.
Keywords: permission-less, parasitic network, off-line data-
sharing, city-net, WAN, othernet, decentralized, node-network,
sneakernet, sensor-network, grassroots-network, wireless.
24. Soylent Green is People!
Newly developed ‘RFID
Powder’, as invisible as a
speck of dust: 0.05 mm x
0.05 x 0.005mm
Chips are packed with 128
bits of static memory,
enough to store a unique
38-digit ID number, 2.45
GHz, 1mW
Can be embed directly into
pieces of paper
Current favored application:
anti-counterfeiting
25. Already There
• Retail stores using RFID for
stock control
• Vehicles paying by RFID on
motorways
• Cows, Dogs, Cats, Sheep
implanted with RFID chips
• Consumer products from
cars and mobiles to
children’s tennis shoes now
equipped with GPS RFID
chips
26. Security Requirements
Can our current C.I.A. definition fit the IoT?
Pervasive: present throughout?
Ubiquitous: everywhere simultaneously?
Emerging: constantly evolving?
Global: everywhere on this planet?
28. IP Challenges
Packet spoofing
Network traffic analysis
Device analysis
Device spoofing
Encryption
Key distribution
Privacy protection
Identity protection
Identity and identifier
management
29. IPSO Challenges
• Devices are not reachable
– Most of the time a device is not
connected
• Devices can be lost and stolen
– Makes security difficult when the
device
is not connected
• Devices are not crypto-engines
– Strong security difficult without
processing power
• Devices have finite life
– Credentials need to be tied to lifetime
• Devices are transportable
– Will cross borders
• Devices need to be recognised by many
readers
30. Privacy Challenges
• What things you own
• Where you bought them
• The price you paid for
them
• Where they are located
• What you use them for
• How often you use them
• What they connect to
• Who they connect to
33. Professional Challenges
• See the bigger picture - now
• Anticipate the potential problems
• Security professionals are always
“catching up” to technology
• Step up. Consider the implications of
the
next world of networked things
• Prepare for it – now
• Lead - Don’t follow.
34. 26 Dover Street
London
United Kingdom
W1S 4LY
+44 (0)20 3586 1025
+44 (0)20 7763 7101(fax)
Hinweis der Redaktion
Give out cards
Give out cards
Oldest crime on record – not prostitution First recorded case of identity theft Bible: Genesis XXX