Security - Your Thing is pwnd - Security Challenges for IoT - Thursday, July 10, 2014

  • By Mohamed Usama Mansoor
  • 10 Jul, 2014
Archived Content
This article is provided for historical perspective only, and may not reflect current conditions. Please refer to relevant product page for more up-to-date product information and resources.

The Internet of Things and Machine to Machine are growing areas, and security and privacy are prime issues. The session will look at multiple aspects of this:

  • Hardware challenges
  • Network and encryption
  • Software and cloud challenges
  • Identity and Access Control

In this session we will examine the security challenges around using IoT and M2M devices with protocols such as HTTP, MQTT & CoAP. Paul Fremantle, CTO and Co-Founder of WSO2 will address encryption, federated identity and authorization models. On the topic of encryption, we’ll examine securing MQTT with TLS, challenges with Arduino, and using hardware encryption for microcontrollers. A key privacy requirement for user-centric IoT use cases will be giving users control over how their things collect and share data. On the Internet, protocols like OAuth 2.0, OpenID Connect & User Managed Access have been defined to enable a privacy-respecting user consent & authorization model. We'll look at the issues with applying these protocols to the M2M world and review existing proposals & activity for extending the above M2M protocols to include federated identity concepts.

If you are building a Thing, using an internet connected Thing, or working with data from Things, This session is for you.

  • The importance of security in the rapidly growing IoT space
  • How to defend against hacking of Things
  • Three rules for IoT security
  • Creating best practise for IoT security
Paul Fremantle Co-founder & CTO, WSO2 Paul co-founded WSO2 in 2005 in order to reinvent the way enterprise middleware is developed, sold, delivered and supported through an open source model. In his current role as CTO, he spearheads WSO2′s overall product strategy. Previously, he served as WSO2 vice president of technical sales where he led the development of the groundbreaking WSO2 Enterprise Service Bus. In 2008, Paul was recognized by InfoWorld among the Top 25 CTOs. Prior to WSO2, Paul was a senior technical staff member at IBM for nine years, where he created the Web Services Gateway and led the team that developed and shipped it as part of the WebSphere Application Server. He also was on the team that put the Service Integration Bus technology into WebSphere Application Server 6. Additionally, Paul was the key WebSphere technical sales lead for Europe, working closely with development to manage beta programs, develop training materials, and enable first-of-a-kind J2EE projects.