SlideShare ist ein Scribd-Unternehmen logo

Eurotech IoT Security Elements

Eurotech
Eurotech

This document discusses security considerations for M2M and IoT systems. It notes that security must be implemented holistically across the entire architecture, including at the device, communication, and application layers. PKI is recommended for authentication. The document outlines various threats and motivations for attackers. It then describes Eurotech's Everyware IoT security elements, which include X.509 certificate management, encrypted and authenticated messaging using MQTT, tenant segregation, secure access to interfaces and consoles, a secure execution environment on devices and platforms, and remote management using VPN. Auditing and penetration testing are also performed.

Business
1 von 30
Downloaden Sie, um offline zu lesen
M2M / IoT Security Eurotech's Everyware IoT Security Elements Overview 23 September 2015 Robert Andres
M2M / IoT Security The confidentiality, integrity, and availability of our customers’ data and IoT infrastructure is of the utmost importance to Eurotech, as is maintaining our customers’ trust and confidence. Security therefore is an important aspect of everything we do… Eurotech Security & Privacy Statement
M2M / IoT Security Holistic Approach is required… M2M Communication Infrastructure Device Firmware / Application Business Application Sensors & Device Hardware Business Application Integration • Every company / organization can be a target • Security has to be fundamental part of the overall architecture • Security technology best practice has to take into account the specific aspects of distributed, unattended, mobile systems / devices • Security has to be implemented end-to-end and in the individual elements
M2M / IoT Security Enemies Everywhere, Many Reasons … Attackers / Hackers Profiles: • Hackers (white hat) • Cracker (black hat, criminal) • Script Kiddies • Competitors • Criminal Organizations • Governments Financial, Business, Political Motives • Espionage, industrial espionage • Sabotage, disruption of business • Theft, fraud (also resources) • Manipulation • Cyberwar Intangible Motives • Curiosity • Revenge, infamy • Self-worth Harm, Steal, Play
M2M / IoT Security Attackers / Hackers Targets Quality, Performance, Availability, Reputation • Service interruption & malfunction • Manipulation of equipment, actuators • Damage to image and financial results Know-How, Intellectual Property • Data • Code • Process information Resources • Systems / distributed systems • Bandwidth Attackers / Hackers Profiles: • Hackers (white hat) • Cracker (black hat, criminal) • Script Kiddies • Competitors • Criminal Organizations • Governments Harm, Steal, Play
Everyware Security Architecture Foundation for IoT Security • Device has a validated identity • IoT platform has a validated identity • Mutual authentication for communication • Encrypted and signed messages • Secure execution environment (devices & IoT platform) • Secure software management / distribution • State-of-the art network & system security (firewall, hardening) • Role based access control • Secure management access
Everyware Security Architecture Underling Principles • Build solutions based on open and industry standards • Leveraging proven IT/enterprise/Internet class security technologies and partnerships • Including security, scalability and resiliency in design from day one • Security technology best practice has to take into account the specific aspects of distributed, unattended, mobile systems / devices • Security has to be implemented end-to-end and in the individual elements • Encapsulate the complexity of an end-to-end security solution • Continuous testing and auditing
M2M / IoT Security Security Focus Points Things Gateways / Smart Devices IoT / OT Platform Application IoT Device Cloud Security •Authentication (verified) •PKI / certificate management •Trusted execution environment •Network security / firewall •Access control (role based) •… IoT Device Security • Authentication (verified) • Service discovery / provisioning / pairing • Trusted execution environment • Network security / firewall • Secure Boot Communication Security • Authentication (verified) • Encryption • Message integrity • MitM protection • DNS spoofing protection
M2M / IoT Security Strong Authentication / Trust Anchors / Verification @ Things Gateways / Smart Devices IoT / OT Platform Application DNSSEC / DANE Infrastructure
M2M / IoT Security Authentication: Alternatives Many alternatives of identification / authentication can be found, not all of them are suitable for M2M/IoT in terms of functionality, security level and scalability: • ID (just identification, no proof of anything) • Username and Password • Biometric solutions • One-time Password • API Key • TPM based solutions • Public Key Infrastructure (PKI) PKI is widely recognized as the one of the strongest authentication mechanism
M2M / IoT Security Authentication: Public Key Infrastructure PKI is widely recognized as one of the the strongest authentication mechanism • Trusted and well established technology • High level of standardization and interoperability • Very scalable • Allows for mutual authentication • Can be used for many applications, including: • Signing messages • Signing documents • Logon & authentication • Certificates / keys in files and tokens • CA / root of trust options • CA-Signed • Self-Signed Certificates
M2M / IoT Security Certificate Based Authentication in Everyware Cloud Everyware Cloud Authentication Foundation • Integrated X.509 certificate management / PKI • Individual certificates per device / service • Foundation for using cryptographic methods most effectively • Based on industry and open standards
The Eurotech IoT Approach : E2E Security Aspects Overview Application Infrastructure Application Layer Communication Infrastructure Field Infrastructure MQTT M2M Integration Platform Client Device HW Communication Infrastructure API´s Communication channels / sessions M2M/IoT Integration Platform - Deployment options / infrastructure - SW architecture and elements Communication channels / sessions - SSL/TLS - Pairing Infrastructure security aspects - SIM card management Multi-Service Gateway - Hardware - SW architecture and elements Field technology, protocols, communication All levels: - Authentication / root of trust - Integrity / hardening of solution - Efficiency (unattended, distributed) - Best practice processes Security Assessment, Testing and Validation (3rd party)
EDC Security Overview (Everyware Cloud, Public Cloud Offering) • Secure Transmission of Data. All MQTT traffic is encrypted over an SSL connection. All Console access is exclusively available over an encrypted HTTPS connection. All REST API access is exclusively available over an encrypted HTTPS connection. • Physical Access to Data. AWS’s data centers are state of the art, utilizing innovative architectural and engineering approaches. • Logical Access to Data Store. All databases are protected through strict firewall rules from external access and they are only accessible from the mid-tier machines. In the database, data is segregated by account through a unique tenant Id. At the MQTT broker, broker data and traffic is segregated between accounts using virtual machine segregation.
EDC Security Overview (Everyware Cloud, Public Cloud Offering) • Identity and Access Management. Confidentiality and integrity are ensured through a role based access control model and access control lists which follow the Principle of Least Privilege and are enforced through all the layers of the architecture. Each account manages a list of users and controls the user’s credentials. Everyware Cloud has a configurable lockout policy per account, which may blocks user’s credentials after a certain number of failed login attempts. Logins to Everyware Console can be further protected through the use of a Two Factor Authentication (2FA). Everyware Cloud does support individual device certificate based authentication to support also customer managed PKI solutions • Vulnerability Management. Independent certified security firm performs remote vulnerability assessments, including network/host and applications. Eurotech will ensure Internal and External vulnerability scanning is conducted quarterly and after any major changes to the environment, and remediates any critical security issues found within a reasonable time frame and report the results of the remediation. 15
The Eurotech IoT Approach : E2E Overview System Infrastructure Application Infrastructure Layer Application Layer Communication Infrastructure Field Infrastructure MQTT M2M Integration Platform Client Device HW Device, Gateway, OS, Security Device Application Framework Certifications, etc Aggregators & On- Premise Platforms M2M Integration / Application Enablement / Device and Application Management Platform SIM Card & Communication Infrastructure Management Optimum M2M / IoT Protocols Public Cloud Private Cloud Sensors, HMIs, Actuators, etc. aPaaS SaaS Enterprise Applications Big Data Databases Analytics Enterprise IT Mining CEP ERP CRM …. Communication Infrastructure
The M2M Integration Platform Remote Access / VPN M2M Integration Platform @ Alerts Control Center MQTT (Always-On) VPN On-Demand VPN Server Applications Remote Access Devices
An Introduction to EDC Security – Upcoming Versions of EC & ESF Everyware Device Cloud - Security
EDC Security Elements @ Integrated Certificate Management / PKI • Certificate Management – Dedicated administrative web panel – Standard X509 certificate format – Certificate chain support – Certificate validations and export functionalities – Trusted message server signed digest over MQTT – EDC jobs to provision, renew and revoke certificates • Integrity • Authenticity • Non-repudiation of origin Ensures:
EDC Security Elements @ Secure Messaging / MQTT • All MQTT traffic is encrypted over an SSL connection. • Data messages are subject to an algorithm of data transformation: data must be serialized before being transmitted with the same protocol that is used by the receiver (subscriber) to be de-serialized. • Device Management Messages published by EC are signed to guarantee authenticity and message integrity.
EDC Security Elements @ Tenant Segregation • Secure multi-tenant implementation • At the MQTT broker, broker data and traffic is segregated between accounts using virtual machine segregation • All data (telemetrics, device events,…) are archived in a Big Data (no SQL) database and kept isolated by Virtual Private DB
EDC Security Elements @ Access to Console over encrypted HTTPS only • Secure enforced passwords (12 chars long complex password) • Password stored one-way-encrypted only • Configurable lock-out policy per account • Option: Two factor authentication based on one-time-password via QR code on mobile phone + username & password
EDC Security Elements @ Secure Programmable Interfaces • Programmable interfaces (REST API, WEBSOCKETS) available exclusively over an encrypted HTTPS connection
• The MQTT connection is always initiated by the gateway and remains always open. The opening session is an outbound MQTT connection from the local area network, possibly behind the firewall, towards Everyware Cloud. • At all points only minimal number of open ports (MQTT, HTTPS, SSL, VPN) • All databases in Everyware Cloud are protected through strict firewall rules from external access and they are only accessible from the mid-tier machines. • Devices are firewall protected EDC Security Elements Firewall Protection and reduced “attack footprint” @
• OSGi Security: Signed Bundles Checks (Integrity, Authenticity) • ESF Security Manager • Environment Integrity Checks • Environment Hardening • Allowed Jar Signatures • Allowed Bundle Access • Device Unique Master Password (Code Obfuscation, String Encryption) • Encrypted Configuration Storage • SSL Mutual Authentication • Device Management Checks (Integrity, Authenticity) • Remote Certificate Management EDC Security Elements @ Secure Execution Environment (Device, ESF)
EDC Security Elements • OSGi Security – Signed Bundles Checks • Integrity • Authenticity • ESF Security Manager – Environment Integrity Checks – Environment Hardening – Allowed Jar Signatures – Allowed Bundle Access – Device Unique Master Password • Code Obfuscation • String Encryption – Encrypted Configuration Storage – SSL Mutual Authentication – Device Management Checks • Integrity • Authenticity – Remote Certificate Management ESF Java SE Embedded OSGi ESF Security ESF Security Manager ESF Certificate Manager ESF SSL Manager ESF Bundles Application JKS ESF JKS SSL Encrypted Configuration Snapshots ESF Security Manager Overview
EDC Security Elements @ Remote Management / VPN • Secure administrator initiated transparent IP connection between remote systems and devices in the field • Gateways behind firewalls can be reached • No IP addressing conflicts prevent or complicate the establishment of connections • Using the established MQTT channel for initiating the VPN connection from the remote device (openVPN, soon IPSEC)
EDC Security Elements @ Auditing / Penetration Testing • Eurotech performs regularly vulnerability assessments, like Code Injection, Cross Site Request Forgery, credentials stealing, etc…, including network/host and applications. • Eurotech ensures internal and external vulnerability scanning is conducted periodically and after any major changes to the environment
EDC Security Overview (Subset, Examples) EC 4.0 Device to Cloud to Application Security Architecture •X.509 Certificate based authentication •Integrated PKI / Certificate management Security “in the Cloud” (IoT / OT Platform) •Allowed traffic is secure and authenticated •Application / Interface servers: no ports open other than 443 (HTTPS) •Secure cloud infrastructure •Signed Code / secure execution environment Securing Device to Cloud (Communication Security) •Allowed traffic is secure and authenticated •Broker / infrastructure / perimeter defense – Firewalling – All in-bound ports other than Broker ports are closed • Everyware VPN service Securing the Device •Firewall •OSGi / Signed Code / secure execution environment •Secure Boot on Hardware Java VM Code Linux
www.eurotech.com Thank You!

Empfohlen

Iot architecture
Iot architectureIot architecture
Iot architectureAnam Iqbal
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
IoT Security
IoT SecurityIoT Security
IoT SecurityNarudom Roongsiriwong, CISSP
 
Introduction to IoT Architectures and Protocols
Introduction to IoT Architectures and ProtocolsIntroduction to IoT Architectures and Protocols
Introduction to IoT Architectures and ProtocolsAbdullah Alfadhly
 
Iot Security
Iot SecurityIot Security
Iot SecurityMAITREYA MISRA
 
M2M Communication
M2M CommunicationM2M Communication
M2M CommunicationFabMinds
 
Application Layer Protocols for the IoT
Application Layer Protocols for the IoTApplication Layer Protocols for the IoT
Application Layer Protocols for the IoTDamien Magoni
 

Empfohlen

Iot architecture
Iot architectureIot architecture
Iot architectureAnam Iqbal
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)Sanjay Kumar (Seeking options outside India)
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoTVasco Veloso
 
IoT Security
IoT SecurityIoT Security
IoT SecurityNarudom Roongsiriwong, CISSP
 
Introduction to IoT Architectures and Protocols
Introduction to IoT Architectures and ProtocolsIntroduction to IoT Architectures and Protocols
Introduction to IoT Architectures and ProtocolsAbdullah Alfadhly
 
Iot Security
Iot SecurityIot Security
Iot SecurityMAITREYA MISRA
 
M2M Communication
M2M CommunicationM2M Communication
M2M CommunicationFabMinds
 
Application Layer Protocols for the IoT
Application Layer Protocols for the IoTApplication Layer Protocols for the IoT
Application Layer Protocols for the IoTDamien Magoni
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT SecuritySHAAMILIVARSAGV
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
IoT Communication Protocols
IoT Communication ProtocolsIoT Communication Protocols
IoT Communication ProtocolsPradeep Kumar TS
 
IoT Architecture
IoT ArchitectureIoT Architecture
IoT ArchitectureNaseeba P P
 
Protocols for IoT
Protocols for IoTProtocols for IoT
Protocols for IoTAmit Dev
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of thingssreelekha appakondappagari
 
Data enrichment
Data enrichmentData enrichment
Data enrichmentFabMinds
 
IOT privacy and Security
IOT privacy and SecurityIOT privacy and Security
IOT privacy and Securitynoornabi16
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Domain specific IoT
Domain specific IoTDomain specific IoT
Domain specific IoTLippo Group Digital
 
Iot presentation
Iot presentationIot presentation
Iot presentationhuma742446
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)Ameer Sameer
 
IoT and its Applications
IoT and its ApplicationsIoT and its Applications
IoT and its ApplicationsAbdulla Shaheen
 
Emergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewEmergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewSelvaraj Kesavan
 
Iot architecture
Iot architectureIot architecture
Iot architectureNiranjan Kumar
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocolssiva rama
 
MQTT IOT Protocol Introduction
MQTT IOT Protocol IntroductionMQTT IOT Protocol Introduction
MQTT IOT Protocol IntroductionPrem Sanil
 
IOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxIOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxDRREC
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issuesAnastasios Economides
 

Weitere ähnliche Inhalte

Was ist angesagt?

Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT SecuritySHAAMILIVARSAGV
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT SecurityCAS
 
IoT Communication Protocols
IoT Communication ProtocolsIoT Communication Protocols
IoT Communication ProtocolsPradeep Kumar TS
 
IoT Architecture
IoT ArchitectureIoT Architecture
IoT ArchitectureNaseeba P P
 
Protocols for IoT
Protocols for IoTProtocols for IoT
Protocols for IoTAmit Dev
 
Data enrichment
Data enrichmentData enrichment
Data enrichmentFabMinds
 
IOT privacy and Security
IOT privacy and SecurityIOT privacy and Security
IOT privacy and Securitynoornabi16
 
Network Security
Network SecurityNetwork Security
Network SecurityManoj Singh
 
Iot presentation
Iot presentationIot presentation
Iot presentationhuma742446
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)Ameer Sameer
 
IoT and its Applications
IoT and its ApplicationsIoT and its Applications
IoT and its ApplicationsAbdulla Shaheen
 
Emergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewEmergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewSelvaraj Kesavan
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocolssiva rama
 
MQTT IOT Protocol Introduction
MQTT IOT Protocol IntroductionMQTT IOT Protocol Introduction
MQTT IOT Protocol IntroductionPrem Sanil
 
IOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxIOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxDRREC
 

Was ist angesagt? (20)

Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
 
Fundamentals of IoT Security
Fundamentals of IoT SecurityFundamentals of IoT Security
Fundamentals of IoT Security
 
Introduction to IoT Security
Introduction to IoT SecurityIntroduction to IoT Security
Introduction to IoT Security
 
IoT Communication Protocols
IoT Communication ProtocolsIoT Communication Protocols
IoT Communication Protocols
 
IoT Architecture
IoT ArchitectureIoT Architecture
IoT Architecture
 
Protocols for IoT
Protocols for IoTProtocols for IoT
Protocols for IoT
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
 
Data enrichment
Data enrichmentData enrichment
Data enrichment
 
IOT privacy and Security
IOT privacy and SecurityIOT privacy and Security
IOT privacy and Security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Domain specific IoT
Domain specific IoTDomain specific IoT
Domain specific IoT
 
Iot presentation
Iot presentationIot presentation
Iot presentation
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)
 
IoT and its Applications
IoT and its ApplicationsIoT and its Applications
IoT and its Applications
 
Emergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overviewEmergence of cloud computing and internet of things an overview
Emergence of cloud computing and internet of things an overview
 
Iot architecture
Iot architectureIot architecture
Iot architecture
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocols
 
MQTT IOT Protocol Introduction
MQTT IOT Protocol IntroductionMQTT IOT Protocol Introduction
MQTT IOT Protocol Introduction
 
IOT PROTOCOLS.pptx
IOT PROTOCOLS.pptxIOT PROTOCOLS.pptx
IOT PROTOCOLS.pptx
 

Andere mochten auch

The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of ThingsForgeRock
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-gInternet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-gMohan Kumar G
 
Internet of Things and its applications
Internet of Things and its applicationsInternet of Things and its applications
Internet of Things and its applicationsPasquale Puzio
 
February 2016 Webinar Series - Best Practices for IoT Security in the Cloud
February 2016 Webinar Series - Best Practices for IoT Security in the CloudFebruary 2016 Webinar Series - Best Practices for IoT Security in the Cloud
February 2016 Webinar Series - Best Practices for IoT Security in the CloudAmazon Web Services
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and ChallengesOWASP Delhi
 
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)Amazon Web Services
 
Internet of Things: Challenges and Issues
Internet of Things: Challenges and IssuesInternet of Things: Challenges and Issues
Internet of Things: Challenges and Issuesrjain51
 
Internet of Things
Internet of ThingsInternet of Things
Internet of ThingsVala Afshar
 
IoT - IT 423 ppt
IoT - IT 423 pptIoT - IT 423 ppt
IoT - IT 423 pptMhae Lyn
 
What exactly is the "Internet of Things"?
What exactly is the "Internet of Things"?What exactly is the "Internet of Things"?
What exactly is the "Internet of Things"?Dr. Mazlan Abbas
 
Best Practices with IoT Security - February Online Tech Talks
Best Practices with IoT Security - February Online Tech TalksBest Practices with IoT Security - February Online Tech Talks
Best Practices with IoT Security - February Online Tech TalksAmazon Web Services
 
Best Practices for IoT Security in the Cloud
Best Practices for IoT Security in the CloudBest Practices for IoT Security in the Cloud
Best Practices for IoT Security in the CloudAmazon Web Services
 
Best Practices for IoT Security in the Cloud
Best Practices for IoT Security in the CloudBest Practices for IoT Security in the Cloud
Best Practices for IoT Security in the CloudAmazon Web Services
 
IoT End-to-End Security Overview
IoT End-to-End Security OverviewIoT End-to-End Security Overview
IoT End-to-End Security OverviewAmazon Web Services
 
What is the Internet of Things?
What is the Internet of Things?What is the Internet of Things?
What is the Internet of Things?Felix Grovit
 

Andere mochten auch (20)

The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT security
 
Overview of IoT and Security issues
Overview of IoT and Security issuesOverview of IoT and Security issues
Overview of IoT and Security issues
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of Things
 
The Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security IssuesThe Internet of Things: Privacy and Security Issues
The Internet of Things: Privacy and Security Issues
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and Solutions
 
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-gInternet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
Internet-of-things- (IOT) - a-seminar - ppt - by- mohan-kumar-g
 
Internet of Things and its applications
Internet of Things and its applicationsInternet of Things and its applications
Internet of Things and its applications
 
February 2016 Webinar Series - Best Practices for IoT Security in the Cloud
February 2016 Webinar Series - Best Practices for IoT Security in the CloudFebruary 2016 Webinar Series - Best Practices for IoT Security in the Cloud
February 2016 Webinar Series - Best Practices for IoT Security in the Cloud
 
IoT Security Risks and Challenges
IoT Security Risks and ChallengesIoT Security Risks and Challenges
IoT Security Risks and Challenges
 
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
AWS re:Invent 2016: IoT Security: The New Frontiers (IOT302)
 
Internet of Things: Challenges and Issues
Internet of Things: Challenges and IssuesInternet of Things: Challenges and Issues
Internet of Things: Challenges and Issues
 
Internet of Things
Internet of ThingsInternet of Things
Internet of Things
 
IoT - IT 423 ppt
IoT - IT 423 pptIoT - IT 423 ppt
IoT - IT 423 ppt
 
What exactly is the "Internet of Things"?
What exactly is the "Internet of Things"?What exactly is the "Internet of Things"?
What exactly is the "Internet of Things"?
 
Best Practices with IoT Security - February Online Tech Talks
Best Practices with IoT Security - February Online Tech TalksBest Practices with IoT Security - February Online Tech Talks
Best Practices with IoT Security - February Online Tech Talks
 
Best Practices for IoT Security in the Cloud
Best Practices for IoT Security in the CloudBest Practices for IoT Security in the Cloud
Best Practices for IoT Security in the Cloud
 
Best Practices for IoT Security in the Cloud
Best Practices for IoT Security in the CloudBest Practices for IoT Security in the Cloud
Best Practices for IoT Security in the Cloud
 
IoT End-to-End Security Overview
IoT End-to-End Security OverviewIoT End-to-End Security Overview
IoT End-to-End Security Overview
 
What is the Internet of Things?
What is the Internet of Things?What is the Internet of Things?
What is the Internet of Things?
 

Ähnlich wie Eurotech IoT Security Elements

BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017Micro Focus
 
Encapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT SolutionsEncapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT SolutionsEurotech
 
From IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity DivideFrom IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity DividePriyanka Aash
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VRISC-V International
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdfdhanywahyudi17
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Rivetz - A blockchain smartphone's secret sauce
Rivetz - A blockchain smartphone's secret sauceRivetz - A blockchain smartphone's secret sauce
Rivetz - A blockchain smartphone's secret sauceRivetz
 
Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Eurotech
 
Provable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsProvable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsRivetz
 
Cybersecurity for Building Controls and Smart Buildings
Cybersecurity for Building Controls and Smart BuildingsCybersecurity for Building Controls and Smart Buildings
Cybersecurity for Building Controls and Smart BuildingsVeridify Security
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
Field-to-Cloud Technology Building Blocks enabling a Sports Medical Solution....
Field-to-Cloud Technology Building Blocks enabling a Sports Medical Solution....Field-to-Cloud Technology Building Blocks enabling a Sports Medical Solution....
Field-to-Cloud Technology Building Blocks enabling a Sports Medical Solution....Eurotech
 
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
#MFSummit2016 Secure: Is your mainframe less secure than your fileserverMicro Focus
 
Block Armour Brochure
Block Armour BrochureBlock Armour Brochure
Block Armour BrochureBlock Armour
 
Block Armour Brochure
Block Armour BrochureBlock Armour Brochure
Block Armour BrochureFloyd DCosta
 
how to implement an IoT architecture
how to implement an IoT architecturehow to implement an IoT architecture
how to implement an IoT architectureRoberto Siagri
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the EnterpriseWill Adams
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systemsAlan Tatourian
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 

Ähnlich wie Eurotech IoT Security Elements (20)

BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
 
Encapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT SolutionsEncapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT Solutions
 
From IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity DivideFrom IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity Divide
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Rivetz - A blockchain smartphone's secret sauce
Rivetz - A blockchain smartphone's secret sauceRivetz - A blockchain smartphone's secret sauce
Rivetz - A blockchain smartphone's secret sauce
 
Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation
 
Provable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain TransactionsProvable Device Cybersecurity in Blockchain Transactions
Provable Device Cybersecurity in Blockchain Transactions
 
Cybersecurity for Building Controls and Smart Buildings
Cybersecurity for Building Controls and Smart BuildingsCybersecurity for Building Controls and Smart Buildings
Cybersecurity for Building Controls and Smart Buildings
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 
IoT-Device-Security.pptx
IoT-Device-Security.pptxIoT-Device-Security.pptx
IoT-Device-Security.pptx
 
Field-to-Cloud Technology Building Blocks enabling a Sports Medical Solution....
Field-to-Cloud Technology Building Blocks enabling a Sports Medical Solution....Field-to-Cloud Technology Building Blocks enabling a Sports Medical Solution....
Field-to-Cloud Technology Building Blocks enabling a Sports Medical Solution....
 
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
#MFSummit2016 Secure: Is your mainframe less secure than your fileserver
 
Block Armour Brochure
Block Armour BrochureBlock Armour Brochure
Block Armour Brochure
 
Block Armour Brochure
Block Armour BrochureBlock Armour Brochure
Block Armour Brochure
 
how to implement an IoT architecture
how to implement an IoT architecturehow to implement an IoT architecture
how to implement an IoT architecture
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the Enterprise
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 

Mehr von Eurotech

Integrating electrical systems easily – accelerating the path towards sustain...
Integrating electrical systems easily – accelerating the path towards sustain...Integrating electrical systems easily – accelerating the path towards sustain...
Integrating electrical systems easily – accelerating the path towards sustain...Eurotech
 
Enabling supply chain flexibility and IoT scale with zero touch provisioning
Enabling supply chain flexibility and IoT scale with zero touch provisioningEnabling supply chain flexibility and IoT scale with zero touch provisioning
Enabling supply chain flexibility and IoT scale with zero touch provisioningEurotech
 
Automatic People and Passenger Counters
Automatic People and Passenger CountersAutomatic People and Passenger Counters
Automatic People and Passenger CountersEurotech
 
IoT Solutions Made Simple with Everyware IoT
IoT Solutions Made Simple with Everyware IoTIoT Solutions Made Simple with Everyware IoT
IoT Solutions Made Simple with Everyware IoTEurotech
 
Intelligent IoT gateway: pushing analytics at the edge
Intelligent IoT gateway: pushing analytics at the edgeIntelligent IoT gateway: pushing analytics at the edge
Intelligent IoT gateway: pushing analytics at the edgeEurotech
 
Eclipse kura in industry 4.0 david woodard
Eclipse kura in industry 4.0 david woodardEclipse kura in industry 4.0 david woodard
Eclipse kura in industry 4.0 david woodardEurotech
 
Building IoT Mashups for Industry 4.0 with Eclipse Kura and Kura Wires
Building IoT Mashups for Industry 4.0 with Eclipse Kura and Kura WiresBuilding IoT Mashups for Industry 4.0 with Eclipse Kura and Kura Wires
Building IoT Mashups for Industry 4.0 with Eclipse Kura and Kura WiresEurotech
 
OSGi and Java in Industrial IoT
OSGi and Java in Industrial IoTOSGi and Java in Industrial IoT
OSGi and Java in Industrial IoTEurotech
 
IoT Solutions for Smart Energy Smart Grid and Smart Utility Applications
IoT Solutions for Smart Energy Smart Grid and Smart Utility ApplicationsIoT Solutions for Smart Energy Smart Grid and Smart Utility Applications
IoT Solutions for Smart Energy Smart Grid and Smart Utility ApplicationsEurotech
 
Vivere del Cambiamento: tracciare la rotta verso l'industria 4.0
Vivere del Cambiamento: tracciare la rotta verso l'industria 4.0Vivere del Cambiamento: tracciare la rotta verso l'industria 4.0
Vivere del Cambiamento: tracciare la rotta verso l'industria 4.0Eurotech
 
Real World IoT Architectures and Projects with Eclipse IoT
Real World IoT Architectures and Projects with Eclipse IoTReal World IoT Architectures and Projects with Eclipse IoT
Real World IoT Architectures and Projects with Eclipse IoTEurotech
 
L’IoT industriale e i vantaggi competitivi della trasformazione digitale
L’IoT industriale e i vantaggi competitivi della trasformazione digitale L’IoT industriale e i vantaggi competitivi della trasformazione digitale
L’IoT industriale e i vantaggi competitivi della trasformazione digitale Eurotech
 
Reshaping Business Through IoT: Key Technology Factors to Consider
Reshaping Business Through IoT: Key Technology Factors to ConsiderReshaping Business Through IoT: Key Technology Factors to Consider
Reshaping Business Through IoT: Key Technology Factors to ConsiderEurotech
 
Industrial IoT Mayhem? Java IoT Gateways to the Rescue
Industrial IoT Mayhem? Java IoT Gateways to the RescueIndustrial IoT Mayhem? Java IoT Gateways to the Rescue
Industrial IoT Mayhem? Java IoT Gateways to the RescueEurotech
 
Eurotech and Red Hat collaboration simplifies Internet of Things integration ...
Eurotech and Red Hat collaboration simplifies Internet of Things integration ...Eurotech and Red Hat collaboration simplifies Internet of Things integration ...
Eurotech and Red Hat collaboration simplifies Internet of Things integration ...Eurotech
 
Real World IoT Architecture Use Cases
Real World IoT Architecture Use CasesReal World IoT Architecture Use Cases
Real World IoT Architecture Use CasesEurotech
 
Simplify Internet of Things with an Intelligent Gateway
Simplify Internet of Things with an Intelligent GatewaySimplify Internet of Things with an Intelligent Gateway
Simplify Internet of Things with an Intelligent GatewayEurotech
 
Internet of Things: a reality check
Internet of Things: a reality check Internet of Things: a reality check
Internet of Things: a reality check Eurotech
 
IoT the driver of Business Innovation: better products, new services and...
IoT the driver of Business Innovation: better products, new services and...IoT the driver of Business Innovation: better products, new services and...
IoT the driver of Business Innovation: better products, new services and...Eurotech
 
HPC the new normal
HPC the new normalHPC the new normal
HPC the new normalEurotech
 

Mehr von Eurotech (20)

Integrating electrical systems easily – accelerating the path towards sustain...
Integrating electrical systems easily – accelerating the path towards sustain...Integrating electrical systems easily – accelerating the path towards sustain...
Integrating electrical systems easily – accelerating the path towards sustain...
 
Enabling supply chain flexibility and IoT scale with zero touch provisioning
Enabling supply chain flexibility and IoT scale with zero touch provisioningEnabling supply chain flexibility and IoT scale with zero touch provisioning
Enabling supply chain flexibility and IoT scale with zero touch provisioning
 
Automatic People and Passenger Counters
Automatic People and Passenger CountersAutomatic People and Passenger Counters
Automatic People and Passenger Counters
 
IoT Solutions Made Simple with Everyware IoT
IoT Solutions Made Simple with Everyware IoTIoT Solutions Made Simple with Everyware IoT
IoT Solutions Made Simple with Everyware IoT
 
Intelligent IoT gateway: pushing analytics at the edge
Intelligent IoT gateway: pushing analytics at the edgeIntelligent IoT gateway: pushing analytics at the edge
Intelligent IoT gateway: pushing analytics at the edge
 
Eclipse kura in industry 4.0 david woodard
Eclipse kura in industry 4.0 david woodardEclipse kura in industry 4.0 david woodard
Eclipse kura in industry 4.0 david woodard
 
Building IoT Mashups for Industry 4.0 with Eclipse Kura and Kura Wires
Building IoT Mashups for Industry 4.0 with Eclipse Kura and Kura WiresBuilding IoT Mashups for Industry 4.0 with Eclipse Kura and Kura Wires
Building IoT Mashups for Industry 4.0 with Eclipse Kura and Kura Wires
 
OSGi and Java in Industrial IoT
OSGi and Java in Industrial IoTOSGi and Java in Industrial IoT
OSGi and Java in Industrial IoT
 
IoT Solutions for Smart Energy Smart Grid and Smart Utility Applications
IoT Solutions for Smart Energy Smart Grid and Smart Utility ApplicationsIoT Solutions for Smart Energy Smart Grid and Smart Utility Applications
IoT Solutions for Smart Energy Smart Grid and Smart Utility Applications
 
Vivere del Cambiamento: tracciare la rotta verso l'industria 4.0
Vivere del Cambiamento: tracciare la rotta verso l'industria 4.0Vivere del Cambiamento: tracciare la rotta verso l'industria 4.0
Vivere del Cambiamento: tracciare la rotta verso l'industria 4.0
 
Real World IoT Architectures and Projects with Eclipse IoT
Real World IoT Architectures and Projects with Eclipse IoTReal World IoT Architectures and Projects with Eclipse IoT
Real World IoT Architectures and Projects with Eclipse IoT
 
L’IoT industriale e i vantaggi competitivi della trasformazione digitale
L’IoT industriale e i vantaggi competitivi della trasformazione digitale L’IoT industriale e i vantaggi competitivi della trasformazione digitale
L’IoT industriale e i vantaggi competitivi della trasformazione digitale
 
Reshaping Business Through IoT: Key Technology Factors to Consider
Reshaping Business Through IoT: Key Technology Factors to ConsiderReshaping Business Through IoT: Key Technology Factors to Consider
Reshaping Business Through IoT: Key Technology Factors to Consider
 
Industrial IoT Mayhem? Java IoT Gateways to the Rescue
Industrial IoT Mayhem? Java IoT Gateways to the RescueIndustrial IoT Mayhem? Java IoT Gateways to the Rescue
Industrial IoT Mayhem? Java IoT Gateways to the Rescue
 
Eurotech and Red Hat collaboration simplifies Internet of Things integration ...
Eurotech and Red Hat collaboration simplifies Internet of Things integration ...Eurotech and Red Hat collaboration simplifies Internet of Things integration ...
Eurotech and Red Hat collaboration simplifies Internet of Things integration ...
 
Real World IoT Architecture Use Cases
Real World IoT Architecture Use CasesReal World IoT Architecture Use Cases
Real World IoT Architecture Use Cases
 
Simplify Internet of Things with an Intelligent Gateway
Simplify Internet of Things with an Intelligent GatewaySimplify Internet of Things with an Intelligent Gateway
Simplify Internet of Things with an Intelligent Gateway
 
Internet of Things: a reality check
Internet of Things: a reality check Internet of Things: a reality check
Internet of Things: a reality check
 
IoT the driver of Business Innovation: better products, new services and...
IoT the driver of Business Innovation: better products, new services and...IoT the driver of Business Innovation: better products, new services and...
IoT the driver of Business Innovation: better products, new services and...
 
HPC the new normal
HPC the new normalHPC the new normal
HPC the new normal
 

Kürzlich hochgeladen

0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsMichael W. Hawkins
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...lizamodels9
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRavindra Nath Shukla
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Lviv Startup Club
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Roland Driesen
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 

Kürzlich hochgeladen (20)

0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
HONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael HawkinsHONOR Veterans Event Keynote by Michael Hawkins
HONOR Veterans Event Keynote by Michael Hawkins
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Regression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear RegressionRegression analysis: Simple Linear Regression Multiple Linear Regression
Regression analysis: Simple Linear Regression Multiple Linear Regression
 
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Pune Just Call 9907093804 Top Class Call Girl Service Available
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...Boost the utilization of your HCL environment by reevaluating use cases and f...
Boost the utilization of your HCL environment by reevaluating use cases and f...
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 

Eurotech IoT Security Elements

  • 1. M2M / IoT Security Eurotech's Everyware IoT Security Elements Overview 23 September 2015 Robert Andres
  • 2. M2M / IoT Security The confidentiality, integrity, and availability of our customers’ data and IoT infrastructure is of the utmost importance to Eurotech, as is maintaining our customers’ trust and confidence. Security therefore is an important aspect of everything we do… Eurotech Security & Privacy Statement
  • 3. M2M / IoT Security Holistic Approach is required… M2M Communication Infrastructure Device Firmware / Application Business Application Sensors & Device Hardware Business Application Integration • Every company / organization can be a target • Security has to be fundamental part of the overall architecture • Security technology best practice has to take into account the specific aspects of distributed, unattended, mobile systems / devices • Security has to be implemented end-to-end and in the individual elements
  • 4. M2M / IoT Security Enemies Everywhere, Many Reasons … Attackers / Hackers Profiles: • Hackers (white hat) • Cracker (black hat, criminal) • Script Kiddies • Competitors • Criminal Organizations • Governments Financial, Business, Political Motives • Espionage, industrial espionage • Sabotage, disruption of business • Theft, fraud (also resources) • Manipulation • Cyberwar Intangible Motives • Curiosity • Revenge, infamy • Self-worth Harm, Steal, Play
  • 5. M2M / IoT Security Attackers / Hackers Targets Quality, Performance, Availability, Reputation • Service interruption & malfunction • Manipulation of equipment, actuators • Damage to image and financial results Know-How, Intellectual Property • Data • Code • Process information Resources • Systems / distributed systems • Bandwidth Attackers / Hackers Profiles: • Hackers (white hat) • Cracker (black hat, criminal) • Script Kiddies • Competitors • Criminal Organizations • Governments Harm, Steal, Play
  • 6. Everyware Security Architecture Foundation for IoT Security • Device has a validated identity • IoT platform has a validated identity • Mutual authentication for communication • Encrypted and signed messages • Secure execution environment (devices & IoT platform) • Secure software management / distribution • State-of-the art network & system security (firewall, hardening) • Role based access control • Secure management access
  • 7. Everyware Security Architecture Underling Principles • Build solutions based on open and industry standards • Leveraging proven IT/enterprise/Internet class security technologies and partnerships • Including security, scalability and resiliency in design from day one • Security technology best practice has to take into account the specific aspects of distributed, unattended, mobile systems / devices • Security has to be implemented end-to-end and in the individual elements • Encapsulate the complexity of an end-to-end security solution • Continuous testing and auditing
  • 8. M2M / IoT Security Security Focus Points Things Gateways / Smart Devices IoT / OT Platform Application IoT Device Cloud Security •Authentication (verified) •PKI / certificate management •Trusted execution environment •Network security / firewall •Access control (role based) •… IoT Device Security • Authentication (verified) • Service discovery / provisioning / pairing • Trusted execution environment • Network security / firewall • Secure Boot Communication Security • Authentication (verified) • Encryption • Message integrity • MitM protection • DNS spoofing protection
  • 9. M2M / IoT Security Strong Authentication / Trust Anchors / Verification @ Things Gateways / Smart Devices IoT / OT Platform Application DNSSEC / DANE Infrastructure
  • 10. M2M / IoT Security Authentication: Alternatives Many alternatives of identification / authentication can be found, not all of them are suitable for M2M/IoT in terms of functionality, security level and scalability: • ID (just identification, no proof of anything) • Username and Password • Biometric solutions • One-time Password • API Key • TPM based solutions • Public Key Infrastructure (PKI) PKI is widely recognized as the one of the strongest authentication mechanism
  • 11. M2M / IoT Security Authentication: Public Key Infrastructure PKI is widely recognized as one of the the strongest authentication mechanism • Trusted and well established technology • High level of standardization and interoperability • Very scalable • Allows for mutual authentication • Can be used for many applications, including: • Signing messages • Signing documents • Logon & authentication • Certificates / keys in files and tokens • CA / root of trust options • CA-Signed • Self-Signed Certificates
  • 12. M2M / IoT Security Certificate Based Authentication in Everyware Cloud Everyware Cloud Authentication Foundation • Integrated X.509 certificate management / PKI • Individual certificates per device / service • Foundation for using cryptographic methods most effectively • Based on industry and open standards
  • 13. The Eurotech IoT Approach : E2E Security Aspects Overview Application Infrastructure Application Layer Communication Infrastructure Field Infrastructure MQTT M2M Integration Platform Client Device HW Communication Infrastructure API´s Communication channels / sessions M2M/IoT Integration Platform - Deployment options / infrastructure - SW architecture and elements Communication channels / sessions - SSL/TLS - Pairing Infrastructure security aspects - SIM card management Multi-Service Gateway - Hardware - SW architecture and elements Field technology, protocols, communication All levels: - Authentication / root of trust - Integrity / hardening of solution - Efficiency (unattended, distributed) - Best practice processes Security Assessment, Testing and Validation (3rd party)
  • 14. EDC Security Overview (Everyware Cloud, Public Cloud Offering) • Secure Transmission of Data. All MQTT traffic is encrypted over an SSL connection. All Console access is exclusively available over an encrypted HTTPS connection. All REST API access is exclusively available over an encrypted HTTPS connection. • Physical Access to Data. AWS’s data centers are state of the art, utilizing innovative architectural and engineering approaches. • Logical Access to Data Store. All databases are protected through strict firewall rules from external access and they are only accessible from the mid-tier machines. In the database, data is segregated by account through a unique tenant Id. At the MQTT broker, broker data and traffic is segregated between accounts using virtual machine segregation.
  • 15. EDC Security Overview (Everyware Cloud, Public Cloud Offering) • Identity and Access Management. Confidentiality and integrity are ensured through a role based access control model and access control lists which follow the Principle of Least Privilege and are enforced through all the layers of the architecture. Each account manages a list of users and controls the user’s credentials. Everyware Cloud has a configurable lockout policy per account, which may blocks user’s credentials after a certain number of failed login attempts. Logins to Everyware Console can be further protected through the use of a Two Factor Authentication (2FA). Everyware Cloud does support individual device certificate based authentication to support also customer managed PKI solutions • Vulnerability Management. Independent certified security firm performs remote vulnerability assessments, including network/host and applications. Eurotech will ensure Internal and External vulnerability scanning is conducted quarterly and after any major changes to the environment, and remediates any critical security issues found within a reasonable time frame and report the results of the remediation. 15
  • 16. The Eurotech IoT Approach : E2E Overview System Infrastructure Application Infrastructure Layer Application Layer Communication Infrastructure Field Infrastructure MQTT M2M Integration Platform Client Device HW Device, Gateway, OS, Security Device Application Framework Certifications, etc Aggregators & On- Premise Platforms M2M Integration / Application Enablement / Device and Application Management Platform SIM Card & Communication Infrastructure Management Optimum M2M / IoT Protocols Public Cloud Private Cloud Sensors, HMIs, Actuators, etc. aPaaS SaaS Enterprise Applications Big Data Databases Analytics Enterprise IT Mining CEP ERP CRM …. Communication Infrastructure
  • 17. The M2M Integration Platform Remote Access / VPN M2M Integration Platform @ Alerts Control Center MQTT (Always-On) VPN On-Demand VPN Server Applications Remote Access Devices
  • 18. An Introduction to EDC Security – Upcoming Versions of EC & ESF Everyware Device Cloud - Security
  • 19. EDC Security Elements @ Integrated Certificate Management / PKI • Certificate Management – Dedicated administrative web panel – Standard X509 certificate format – Certificate chain support – Certificate validations and export functionalities – Trusted message server signed digest over MQTT – EDC jobs to provision, renew and revoke certificates • Integrity • Authenticity • Non-repudiation of origin Ensures:
  • 20. EDC Security Elements @ Secure Messaging / MQTT • All MQTT traffic is encrypted over an SSL connection. • Data messages are subject to an algorithm of data transformation: data must be serialized before being transmitted with the same protocol that is used by the receiver (subscriber) to be de-serialized. • Device Management Messages published by EC are signed to guarantee authenticity and message integrity.
  • 21. EDC Security Elements @ Tenant Segregation • Secure multi-tenant implementation • At the MQTT broker, broker data and traffic is segregated between accounts using virtual machine segregation • All data (telemetrics, device events,…) are archived in a Big Data (no SQL) database and kept isolated by Virtual Private DB
  • 22. EDC Security Elements @ Access to Console over encrypted HTTPS only • Secure enforced passwords (12 chars long complex password) • Password stored one-way-encrypted only • Configurable lock-out policy per account • Option: Two factor authentication based on one-time-password via QR code on mobile phone + username & password
  • 23. EDC Security Elements @ Secure Programmable Interfaces • Programmable interfaces (REST API, WEBSOCKETS) available exclusively over an encrypted HTTPS connection
  • 24. • The MQTT connection is always initiated by the gateway and remains always open. The opening session is an outbound MQTT connection from the local area network, possibly behind the firewall, towards Everyware Cloud. • At all points only minimal number of open ports (MQTT, HTTPS, SSL, VPN) • All databases in Everyware Cloud are protected through strict firewall rules from external access and they are only accessible from the mid-tier machines. • Devices are firewall protected EDC Security Elements Firewall Protection and reduced “attack footprint” @
  • 25. • OSGi Security: Signed Bundles Checks (Integrity, Authenticity) • ESF Security Manager • Environment Integrity Checks • Environment Hardening • Allowed Jar Signatures • Allowed Bundle Access • Device Unique Master Password (Code Obfuscation, String Encryption) • Encrypted Configuration Storage • SSL Mutual Authentication • Device Management Checks (Integrity, Authenticity) • Remote Certificate Management EDC Security Elements @ Secure Execution Environment (Device, ESF)
  • 26. EDC Security Elements • OSGi Security – Signed Bundles Checks • Integrity • Authenticity • ESF Security Manager – Environment Integrity Checks – Environment Hardening – Allowed Jar Signatures – Allowed Bundle Access – Device Unique Master Password • Code Obfuscation • String Encryption – Encrypted Configuration Storage – SSL Mutual Authentication – Device Management Checks • Integrity • Authenticity – Remote Certificate Management ESF Java SE Embedded OSGi ESF Security ESF Security Manager ESF Certificate Manager ESF SSL Manager ESF Bundles Application JKS ESF JKS SSL Encrypted Configuration Snapshots ESF Security Manager Overview
  • 27. EDC Security Elements @ Remote Management / VPN • Secure administrator initiated transparent IP connection between remote systems and devices in the field • Gateways behind firewalls can be reached • No IP addressing conflicts prevent or complicate the establishment of connections • Using the established MQTT channel for initiating the VPN connection from the remote device (openVPN, soon IPSEC)
  • 28. EDC Security Elements @ Auditing / Penetration Testing • Eurotech performs regularly vulnerability assessments, like Code Injection, Cross Site Request Forgery, credentials stealing, etc…, including network/host and applications. • Eurotech ensures internal and external vulnerability scanning is conducted periodically and after any major changes to the environment
  • 29. EDC Security Overview (Subset, Examples) EC 4.0 Device to Cloud to Application Security Architecture •X.509 Certificate based authentication •Integrated PKI / Certificate management Security “in the Cloud” (IoT / OT Platform) •Allowed traffic is secure and authenticated •Application / Interface servers: no ports open other than 443 (HTTPS) •Secure cloud infrastructure •Signed Code / secure execution environment Securing Device to Cloud (Communication Security) •Allowed traffic is secure and authenticated •Broker / infrastructure / perimeter defense – Firewalling – All in-bound ports other than Broker ports are closed • Everyware VPN service Securing the Device •Firewall •OSGi / Signed Code / secure execution environment •Secure Boot on Hardware Java VM Code Linux