Security - Your Thing is pwnd - Security Challenges for IoT - Thursday, July 10, 2014
By Mohamed Usama Mansoor
- 10 Jul, 2014
The Internet of Things and Machine to Machine are growing areas, and security and privacy are prime issues. The session will look at multiple aspects of this:
- Hardware challenges
- Network and encryption
- Software and cloud challenges
- Identity and Access Control
In this session we will examine the security challenges around using IoT and M2M devices with protocols such as HTTP, MQTT & CoAP. Paul Fremantle, CTO and Co-Founder of WSO2 will address encryption, federated identity and authorization models. On the topic of encryption, we’ll examine securing MQTT with TLS, challenges with Arduino, and using hardware encryption for microcontrollers. A key privacy requirement for user-centric IoT use cases will be giving users control over how their things collect and share data. On the Internet, protocols like OAuth 2.0, OpenID Connect & User Managed Access have been defined to enable a privacy-respecting user consent & authorization model. We'll look at the issues with applying these protocols to the M2M world and review existing proposals & activity for extending the above M2M protocols to include federated identity concepts.
If you are building a Thing, using an internet connected Thing, or working with data from Things, This session is for you.
- The importance of security in the rapidly growing IoT space
- How to defend against hacking of Things
- Three rules for IoT security
- Creating best practise for IoT security