IoT Seminar (Jan. 2016) - (8) amit shah - certifying security and managing things


Published on

Slides from the OMA and oneM2M IoT Seminar on January 21, 2016

Speaker 8:
Amit Shah, VP, IOT R&D
 Company, Alcatel-Lucent
Presentation Title: “Certifying, Securing and Managing things”

Amit Shah is a senior technical executive with demonstrated expertise in building and managing multi-country product organizations with 23 years of experience. Created highly scalable cloud based solutions for wireless industry that are deployed at major tier 1 operators and scale to support 100+ million end points. Worked with various industry bodies to grow and promote wireless standards and played key role in building solutions using these standards.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

IoT Seminar (Jan. 2016) - (8) amit shah - certifying security and managing things

  1. 1. 1 Removing barriers to entry Bridging the gap between standards and developers in the IoT space Amit A. Shah VP R&D, IoT, Nokia San Diego, January 2016 Connecting the next billion - people and things This presentation contains only public
  2. 2. 2 © Nokia 2016 Connected things Programmable things Many things 2 3 1 • Improving people's lives through automation, enhanced connectivity and intelligence • Helping industries to become more efficient, agile and real-time Mobile internet with 5 bn people connected by 2020 Fixed internet with 1 bn places connected by 2005 Programmable World with 50 bn things connected by 2025 While the past has been about connecting people, the future is about connecting things – improving personal life, optimizing business processes
  3. 3. 3 © Nokia 2016 The growth opportunity for IoT Expected number of IoT devices shipped in 2020 2.8B Smart Mobile 6% CAGR IoT Source: Gartner, 2015 0.6 B Industrial 1.8B Smart City 1.6B Smart Home 1.1B Auto. 58% CAG R 21% CAGR 54% CAGR 43% CAGR New ecosystems and business models are emerging
  4. 4. 4 © Nokia 2016 Two Scenarios of IoT Market Growth Open Data and Objects The future Reach Smart Everything SaaS M2M Applications Internet / broadband Mobile Telephony Sensors & Actuators Networks Fixed Telephony Networks Mobile internet Today Risk
  5. 5. 5 © Nokia 2016 So what can go wrong?
  6. 6. 6 © Nokia 2016 The Internet of (hacked) Things on the rise As the number of connected devices rises - so does the value created from the data - so does the risk for abuse, and security breaches July 2015 1.4 million Chryslers recalled October 2014 Millions of smart meters in Spain compromised February 2015 2.2 million BMWs impacted
  7. 7. 7 © Nokia 2016 Why is it happening? Many sources of data (sensors) are unmanaged and the transport network is un-trusted 1. Intercept and manipulate data in transit - Man in the middle attack 2. Compromise the device: Direct access, side loading, remote access Untrusted network Value?? IP IOT applications and analytics Data connectivity Data Broken chain of trust Unmanaged data source
  8. 8. 8 © Nokia 2016 How to solve it? Manage endpoints (sensors) to establish trust using best practices 1. 2-way authentication 2. Signed software delivery from trusted source to ensure authenticity 3. Certificates, keys, encryption IP IOT applications and analytics ‘Secure’ data connectivity Device management DM Data Secure connection Value Managed data source
  9. 9. 9 © Nokia 2016 Standards and best practices OMA Light Weight M2M (LWM2M) • Client Servier Architecture for M2M • Designed for (battery) constrained devices - Simple, low footprint, BW efficient • Both device management (incl FOTA) and business data • Based on CoAP (IETF) • DTLS-based security • Transport-agnostic - Generic restful protocol on top of UDP or SMS • More then just a protocol - REST resources and management procedures on top of CoAP - Resource model and semantic (server, device, firmware, reboot, …) - A set of Use Cases (bootstrap, register, device mngt and sevice enablement, data observation/notification) AAA Device management Application Managed remote asset Secure&BWefficient LWM2M server LWM2M client Objects M2M device LWM2M CoAP DTLS UDP Objects SMS Stack • Efficient payload • CoAP protocol • DTLS security • UDP or SMS bearer Interfaces • Bootstrapping • Registration • Object/resource access • Reporting
  10. 10. 10 © Nokia 2016 Nokia Device Certification Program • The Nokika Program uses standards based verification testing • Enables providers/carriers to have their devices tested and validated for interoperability prior to deployment • Over 15000+ devices tested from 100+ of the world’s top device and technology manufacturers participate in the program: Internet gateway devices, M2M gateways, automotive units, mobile handsets, chipsets, client protocol stacks, set-top boxes, VoIP ATAs and phones, WiMAX devices, Femtocells, USB dongles, NAS devices, Homeplug, ONTs Nokia knowledge base OMA-DM/CP devices TR069 devices LWM2M devices Device requirements Scope, test plans Nokia verification and certification Nokia device management OEM self verification
  11. 11. 11 © Nokia 2016 Simplified work flow Start testing Look at logs, test as often as needed Sign-Up at our cloud based secure portal Tell us about the “thing” you are certifying Access is granted Download test resultCertification Complete Go over the results
  12. 12. 12 © Nokia 2016 • Connect to • Tell us about what you are testing • Register • Start testing • It is completely FREE! How do I access this service?
  13. 13. 13 © Nokia 2016 Nokia Program members 15.000+ devices tested to date
  14. 14. 22/01/2016 © Nokia 2016