Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

IoT Security Elements

4,631 views

Published on

Confidentiality, Integrity and Availability are the foundation on which our IoT solutions are based. #identity #authentication #encryption

Published in: Business

IoT Security Elements

  1. 1. M2M / IoT Security Eurotech's Everyware IoT Security Elements Overview 23 September 2015 Robert Andres
  2. 2. M2M / IoT Security The confidentiality, integrity, and availability of our customers’ data and IoT infrastructure is of the utmost importance to Eurotech, as is maintaining our customers’ trust and confidence. Security therefore is an important aspect of everything we do… Eurotech Security & Privacy Statement
  3. 3. M2M / IoT Security Holistic Approach is required… M2M Communication Infrastructure Device Firmware / Application Business Application Sensors & Device Hardware Business Application Integration • Every company / organization can be a target • Security has to be fundamental part of the overall architecture • Security technology best practice has to take into account the specific aspects of distributed, unattended, mobile systems / devices • Security has to be implemented end-to-end and in the individual elements
  4. 4. M2M / IoT Security Enemies Everywhere, Many Reasons … Attackers / Hackers Profiles: • Hackers (white hat) • Cracker (black hat, criminal) • Script Kiddies • Competitors • Criminal Organizations • Governments Financial, Business, Political Motives • Espionage, industrial espionage • Sabotage, disruption of business • Theft, fraud (also resources) • Manipulation • Cyberwar Intangible Motives • Curiosity • Revenge, infamy • Self-worth Harm, Steal, Play
  5. 5. M2M / IoT Security Attackers / Hackers Targets Quality, Performance, Availability, Reputation • Service interruption & malfunction • Manipulation of equipment, actuators • Damage to image and financial results Know-How, Intellectual Property • Data • Code • Process information Resources • Systems / distributed systems • Bandwidth Attackers / Hackers Profiles: • Hackers (white hat) • Cracker (black hat, criminal) • Script Kiddies • Competitors • Criminal Organizations • Governments Harm, Steal, Play
  6. 6. Everyware Security Architecture Foundation for IoT Security • Device has a validated identity • IoT platform has a validated identity • Mutual authentication for communication • Encrypted and signed messages • Secure execution environment (devices & IoT platform) • Secure software management / distribution • State-of-the art network & system security (firewall, hardening) • Role based access control • Secure management access
  7. 7. Everyware Security Architecture Underling Principles • Build solutions based on open and industry standards • Leveraging proven IT/enterprise/Internet class security technologies and partnerships • Including security, scalability and resiliency in design from day one • Security technology best practice has to take into account the specific aspects of distributed, unattended, mobile systems / devices • Security has to be implemented end-to-end and in the individual elements • Encapsulate the complexity of an end-to-end security solution • Continuous testing and auditing
  8. 8. M2M / IoT Security Security Focus Points Things Gateways / Smart Devices IoT / OT Platform Application IoT Device Cloud Security •Authentication (verified) •PKI / certificate management •Trusted execution environment •Network security / firewall •Access control (role based) •… IoT Device Security • Authentication (verified) • Service discovery / provisioning / pairing • Trusted execution environment • Network security / firewall • Secure Boot Communication Security • Authentication (verified) • Encryption • Message integrity • MitM protection • DNS spoofing protection
  9. 9. M2M / IoT Security Strong Authentication / Trust Anchors / Verification @ Things Gateways / Smart Devices IoT / OT Platform Application DNSSEC / DANE Infrastructure
  10. 10. M2M / IoT Security Authentication: Alternatives Many alternatives of identification / authentication can be found, not all of them are suitable for M2M/IoT in terms of functionality, security level and scalability: • ID (just identification, no proof of anything) • Username and Password • Biometric solutions • One-time Password • API Key • TPM based solutions • Public Key Infrastructure (PKI) PKI is widely recognized as the one of the strongest authentication mechanism
  11. 11. M2M / IoT Security Authentication: Public Key Infrastructure PKI is widely recognized as one of the the strongest authentication mechanism • Trusted and well established technology • High level of standardization and interoperability • Very scalable • Allows for mutual authentication • Can be used for many applications, including: • Signing messages • Signing documents • Logon & authentication • Certificates / keys in files and tokens • CA / root of trust options • CA-Signed • Self-Signed Certificates
  12. 12. M2M / IoT Security Certificate Based Authentication in Everyware Cloud Everyware Cloud Authentication Foundation • Integrated X.509 certificate management / PKI • Individual certificates per device / service • Foundation for using cryptographic methods most effectively • Based on industry and open standards
  13. 13. The Eurotech IoT Approach : E2E Security Aspects Overview Application Infrastructure Application Layer Communication Infrastructure Field Infrastructure MQTT M2M Integration Platform Client Device HW Communication Infrastructure API´s Communication channels / sessions M2M/IoT Integration Platform - Deployment options / infrastructure - SW architecture and elements Communication channels / sessions - SSL/TLS - Pairing Infrastructure security aspects - SIM card management Multi-Service Gateway - Hardware - SW architecture and elements Field technology, protocols, communication All levels: - Authentication / root of trust - Integrity / hardening of solution - Efficiency (unattended, distributed) - Best practice processes Security Assessment, Testing and Validation (3rd party)
  14. 14. EDC Security Overview (Everyware Cloud, Public Cloud Offering) • Secure Transmission of Data. All MQTT traffic is encrypted over an SSL connection. All Console access is exclusively available over an encrypted HTTPS connection. All REST API access is exclusively available over an encrypted HTTPS connection. • Physical Access to Data. AWS’s data centers are state of the art, utilizing innovative architectural and engineering approaches. • Logical Access to Data Store. All databases are protected through strict firewall rules from external access and they are only accessible from the mid-tier machines. In the database, data is segregated by account through a unique tenant Id. At the MQTT broker, broker data and traffic is segregated between accounts using virtual machine segregation.
  15. 15. EDC Security Overview (Everyware Cloud, Public Cloud Offering) • Identity and Access Management. Confidentiality and integrity are ensured through a role based access control model and access control lists which follow the Principle of Least Privilege and are enforced through all the layers of the architecture. Each account manages a list of users and controls the user’s credentials. Everyware Cloud has a configurable lockout policy per account, which may blocks user’s credentials after a certain number of failed login attempts. Logins to Everyware Console can be further protected through the use of a Two Factor Authentication (2FA). Everyware Cloud does support individual device certificate based authentication to support also customer managed PKI solutions • Vulnerability Management. Independent certified security firm performs remote vulnerability assessments, including network/host and applications. Eurotech will ensure Internal and External vulnerability scanning is conducted quarterly and after any major changes to the environment, and remediates any critical security issues found within a reasonable time frame and report the results of the remediation. 15
  16. 16. The Eurotech IoT Approach : E2E Overview System Infrastructure Application Infrastructure Layer Application Layer Communication Infrastructure Field Infrastructure MQTT M2M Integration Platform Client Device HW Device, Gateway, OS, Security Device Application Framework Certifications, etc Aggregators & On- Premise Platforms M2M Integration / Application Enablement / Device and Application Management Platform SIM Card & Communication Infrastructure Management Optimum M2M / IoT Protocols Public Cloud Private Cloud Sensors, HMIs, Actuators, etc. aPaaS SaaS Enterprise Applications Big Data Databases Analytics Enterprise IT Mining CEP ERP CRM …. Communication Infrastructure
  17. 17. The M2M Integration Platform Remote Access / VPN M2M Integration Platform @ Alerts Control Center MQTT (Always-On) VPN On-Demand VPN Server Applications Remote Access Devices
  18. 18. An Introduction to EDC Security – Upcoming Versions of EC & ESF Everyware Device Cloud - Security
  19. 19. EDC Security Elements @ Integrated Certificate Management / PKI • Certificate Management – Dedicated administrative web panel – Standard X509 certificate format – Certificate chain support – Certificate validations and export functionalities – Trusted message server signed digest over MQTT – EDC jobs to provision, renew and revoke certificates • Integrity • Authenticity • Non-repudiation of origin Ensures:
  20. 20. EDC Security Elements @ Secure Messaging / MQTT • All MQTT traffic is encrypted over an SSL connection. • Data messages are subject to an algorithm of data transformation: data must be serialized before being transmitted with the same protocol that is used by the receiver (subscriber) to be de-serialized. • Device Management Messages published by EC are signed to guarantee authenticity and message integrity.
  21. 21. EDC Security Elements @ Tenant Segregation • Secure multi-tenant implementation • At the MQTT broker, broker data and traffic is segregated between accounts using virtual machine segregation • All data (telemetrics, device events,…) are archived in a Big Data (no SQL) database and kept isolated by Virtual Private DB
  22. 22. EDC Security Elements @ Access to Console over encrypted HTTPS only • Secure enforced passwords (12 chars long complex password) • Password stored one-way-encrypted only • Configurable lock-out policy per account • Option: Two factor authentication based on one-time-password via QR code on mobile phone + username & password
  23. 23. EDC Security Elements @ Secure Programmable Interfaces • Programmable interfaces (REST API, WEBSOCKETS) available exclusively over an encrypted HTTPS connection
  24. 24. • The MQTT connection is always initiated by the gateway and remains always open. The opening session is an outbound MQTT connection from the local area network, possibly behind the firewall, towards Everyware Cloud. • At all points only minimal number of open ports (MQTT, HTTPS, SSL, VPN) • All databases in Everyware Cloud are protected through strict firewall rules from external access and they are only accessible from the mid-tier machines. • Devices are firewall protected EDC Security Elements Firewall Protection and reduced “attack footprint” @
  25. 25. • OSGi Security: Signed Bundles Checks (Integrity, Authenticity) • ESF Security Manager • Environment Integrity Checks • Environment Hardening • Allowed Jar Signatures • Allowed Bundle Access • Device Unique Master Password (Code Obfuscation, String Encryption) • Encrypted Configuration Storage • SSL Mutual Authentication • Device Management Checks (Integrity, Authenticity) • Remote Certificate Management EDC Security Elements @ Secure Execution Environment (Device, ESF)
  26. 26. EDC Security Elements • OSGi Security – Signed Bundles Checks • Integrity • Authenticity • ESF Security Manager – Environment Integrity Checks – Environment Hardening – Allowed Jar Signatures – Allowed Bundle Access – Device Unique Master Password • Code Obfuscation • String Encryption – Encrypted Configuration Storage – SSL Mutual Authentication – Device Management Checks • Integrity • Authenticity – Remote Certificate Management ESF Java SE Embedded OSGi ESF Security ESF Security Manager ESF Certificate Manager ESF SSL Manager ESF Bundles Application JKS ESF JKS SSL Encrypted Configuration Snapshots ESF Security Manager Overview
  27. 27. EDC Security Elements @ Remote Management / VPN • Secure administrator initiated transparent IP connection between remote systems and devices in the field • Gateways behind firewalls can be reached • No IP addressing conflicts prevent or complicate the establishment of connections • Using the established MQTT channel for initiating the VPN connection from the remote device (openVPN, soon IPSEC)
  28. 28. EDC Security Elements @ Auditing / Penetration Testing • Eurotech performs regularly vulnerability assessments, like Code Injection, Cross Site Request Forgery, credentials stealing, etc…, including network/host and applications. • Eurotech ensures internal and external vulnerability scanning is conducted periodically and after any major changes to the environment
  29. 29. EDC Security Overview (Subset, Examples) EC 4.0 Device to Cloud to Application Security Architecture •X.509 Certificate based authentication •Integrated PKI / Certificate management Security “in the Cloud” (IoT / OT Platform) •Allowed traffic is secure and authenticated •Application / Interface servers: no ports open other than 443 (HTTPS) •Secure cloud infrastructure •Signed Code / secure execution environment Securing Device to Cloud (Communication Security) •Allowed traffic is secure and authenticated •Broker / infrastructure / perimeter defense – Firewalling – All in-bound ports other than Broker ports are closed • Everyware VPN service Securing the Device •Firewall •OSGi / Signed Code / secure execution environment •Secure Boot on Hardware Java VM Code Linux
  30. 30. www.eurotech.com Thank You!

×