Recommended
More Related Content
What's hot
What's hot (20)
Similar to Building trust in IoT, by Gemalto
Similar to Building trust in IoT, by Gemalto (20)
Recently uploaded
Recently uploaded (20)
Building trust in IoT, by Gemalto
- 1. Gemalto Trusted Service – Bringing Trust to the IoT World SVP Mobile & IoT Services 13.10.2017
- 2. 2 The Internet of Things has great potential
- 3. 3 The Drone Economy With drones, a whole site can be mapped daily, in high detail, for as little as $25 a day.
- 4. 4 The Autonomous Vehicle Autonomous vehicles could save up to 50 minutes a day for drivers
- 5. 5 But “things” can go wrong
- 6. 6 The Dallas Sirens Attack 156 Emergency sirens went off at around midnight, leading to panic
- 7. 7 The Teddy who was a Spy Connected Teddy Bears leaked 2 million parent and kids message recordings 800,000 user account credentials leaked
- 8. 8 Hackers kill a jeep, remotely Hackers took control of the vehicle at 70mph; the driver lost total control of the car 1.4 million vehicles recalled to patch the vulnerability
- 9. 9 The Cameras broke the Internet A botnet attack disrupted services of Amazon, Twitter, Reddit, Netflix, to name a few 14,000 Internet domains stopped using this DNS after attack
- 11. Regulations are emerging across the globe 11 Internet of Things Cybersecurity Improvement Act introduced in U.S Congress EU considering a security label for certification of IoT devices Singapore released Cybersecurity Bill to public for Critical Information Infrastructures Cyberspace Administration of China (CAC) also introducing new cybersecurity laws Device manufacturers (OEM) and software developers will be affected by these regulations.
- 12. 12 Developers must understand how security works in IoT Solutions
- 13. It’s about (a) securing the device (b) securing the cloud 13 BIG DATA AT REST DATA LIFECYCLE DATA IN MOTION DATA IN MOTION SECURE THE DEVICE SECURE THE CLOUD Security needs to be built from the device to the cloud.
- 15. Multiple solutions for multiple needs 15 Tamper resistant hardware on dedicated chip. Dedicated hardware on generic processor Software only Mixed hard/software Dedicated hardware Security Impact on device Minimum security on generic processor Security solutions have to be adapted to the use-case LOGO LOGO IN BLACK LOGO COLOR VERSIONS LOGO ON BLACK Secure Element Embedded UICC Trusted Execution Environment
- 17. On-Premise and On-Demand 17 ENCRYPTION KEY MANAGEMENT AND PROTECTION IDENTITY AND ACCESS MANAGEMENT • Data-at-rest encryption • Data-in-motion encryption • Enterprise key lifecycle management • High assurance key protection • HSM orchestration and crypto operations • Access management • Multi-factor authentication • PKI credential management
- 18. 18 Alibaba & Gemalto: Securing IoT together
- 19. ID2 in action with Gemalto 19 Security Impact on device Software only Mixed hard/software Dedicated hardware Use Case: Smartphone Mobile Payment Endpoint Type: Complex Network Type: High bandwidth, public Security Level: High Secure Element
- 20. ID2 in action with Gemalto 20 Security Impact on device Software only Mixed hard/software Dedicated hardware Use Case: Smart Watch Mobile Payment Endpoint Type: Complex, size-constrained Network Type: High bandwidth, public Security Level: High Secure Element
- 21. ID2 in action with Gemalto 21 Security Impact on device Software only Mixed hard/software Dedicated hardware Use Case: Personal Drone Endpoint Type: Complex, highly mobile Network Type: High bandwidth, public Security Level: Medium* eSIM/ eUICC * For industrial drone, this could be High
- 22. ID2 in action with Gemalto 22 Security Impact on device Software only Mixed hard/software Dedicated hardware Use Case: Smart lighting – Street lamp Endpoint Type: Simple, resource constrained Network Type: Low bandwidth, private Security Level: Medium Use Case: Smart lighting – Gateway Endpoint Type: Complex, tamper-proof Network Type: High bandwidth, public Security Level: High LOGO LOGO IN BLACK LOGO COLOR VERSIONS LOGO ON BLACK Trusted Execution Environment Secure Element
- 23. Gemalto & Aliyun – Securing the Internet of Things 23 Trusted Application Manager Trusted Service Manager Trusted Key Manager HSM & Key Management Remote management of secure applications on mobile devices Remote administration of credentials on secure elements Remote management credentials for resource constrained networks and devices LOGO LOGO IN BLACK LOGO COLOR VERSIONS LOGO ON BLACK Aliyun – Alibaba Cloud
- 24. 24 About Gemalto
- 25. We enable trust in two interlocking ways… …by developing secure, innovative software. WE AUTHENTICATE PEOPLE AND DEVICES WE PROTECT DATA ACROSS NETWORKS AND THE CLOUD 25
- 26. Bringing trust to connected devices, payment, online banking, cloud access, transport ticketing, eGovernment, vehicle telematics, software licensing and more. We enable secure services in six main markets Enterprise Security Internet of ThingsMobileFinancial Services & Retail Government Software Monetization 26
Editor's Notes
- …for most part
- https://hbr.org/cover-story/2017/05/drones-go-to-work
- http://www.mckinsey.com/industries/automotive-and-assembly/our-insights/ten-ways-autonomous-driving-could-redefine-the-automotive-world
- https://hbr.org/cover-story/2017/05/drones-go-to-work Drone economics are classically disruptive. Already drones can accomplish in hours tasks that take people days. They can provide deeply detailed visual data for a tiny fraction of the cost of acquiring the same data by other means. They’re becoming crucial in workplace safety, removing people from precarious processes such as cell-tower inspection. And they offer, literally, a new view into business: Their low-overhead perspective is bringing new insights and capabilities to fields and factories alike. The construction industry is the world’s second largest (after agriculture), worth $8 trillion a year. But it’s remarkably inefficient. The typical commercial construction project runs 80% over budget and 20 months behind schedule, according to McKinsey. On-screen, in the architect’s CAD file, everything looks perfect. But on-site, in the mud and dust, things are different. And the difference between concept and reality is where about $3 trillion of that $8 trillion gets lost, in a cascade of change orders, rework, and schedule slips. Drones are meant to close that gap. The one buzzing outside my window, taking passes at the site, is capturing images with a high-performance camera mounted on a precision gimbal. It’s taking regular photos (albeit at very high resolution), which are sent to the cloud and, using photogrammetry techniques to derive geometries from visual data, are turned into photo-realistic 2-D and 3-D models. (Google does the same thing in Google Maps, at lower resolution and with data that might be two or three years old. To see this, switch to Google Earth view and click on the “3-D” button.) In the construction site trailer, the drone’s data shows up by mid-morning as an overhead view of the site, which can be zoomed in for detail the size of a U.S. quarter or rotated at any angle, like a video game or virtual reality scene. Superimposed on the scans are the CAD files used to guide the construction — an “as designed” view overlaid on an “as built” view. It’s like an augmented reality lens into what should be versus what is, and the difference between the two can be worth thousands of dollars a day in cost savings on each site — billions across the industry. So the site superintendent monitors progress daily.
- https://www.engadget.com/2017/04/14/dallas-siren-hack-coming-to-a-city-near-you/
- https://motherboard.vice.com/en_us/article/pgwean/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings A company that sells “smart” teddy bears leaked 800,000 user account credentials—and then hackers locked it and held it for ransom
- https://www.wired.com/2015/07/jeep-hack-chrysler-recalls-1-4m-vehicles-bug-fix/ Chrysler announced that it’s issuing a formal recall for 1.4 million vehicles that may be affected by a hackable software vulnerability in Chrysler’s Uconnect dashboard computers.
- https://www.wired.com/2016/12/botnet-broke-internet-isnt-going-away/ WHEN THE BOTNET named Mirai first appeared in September, it announced its existence with dramatic flair. After flooding a prominent security journalist's website with traffic from zombie Internet of Things devices, it managed to make much of the internet unavailable for millions of people by overwhelming Dyn, a company that provides a significant portion of the US internet's backbone. Since then, the number attacks have only increased. What's increasingly clear is that Mirai is a powerfully disruptive force. What's increasingly not? How to stop it. Mirai is a type of malware that automatically finds Internet of Things devices to infect and conscripts them into a botnet—a group of computing devices that can be centrally controlled. From there this IoT army can be used to mount distributed denial of service (DDoS) attacks in which a firehose of junk traffic floods a target's servers with malicious traffic. In just the past few weeks, Mirai disrupted internet service for more than 900,000 Deutsche Telekom customers in Germany, and infected almost 2,400 TalkTalk routers in the UK. This week, researchers published evidencethat 80 models of Sony cameras are vulnerable to a Mirai takeover.
- U.S Bill on IoT Security: https://www.warner.senate.gov/public/index.cfm/2017/8/enators-introduce-bipartisan-legislation-to-improve-cybersecurity-of-internet-of-things-iot-devices EC considering “Trusted IoT” label: https://ec.europa.eu/digital-single-market/en/news/internet-things-privacy-security-workshop Singapore Cybersecurity Bill: http://www.straitstimes.com/singapore/singapore-releases-omnibus-cybersecurity-bill-for-public-consultation China Cybersecurity Laws: https://www.theregister.co.uk/2017/06/01/china_cybersecurity_law/
- The developer community needs to understand that security cannot be thought of in isolation. It’s a mix of securing the device and the cloud – that’s how you achieve the security of an IoT “solution”. The more connected devices out there, the greater will be the surge of data. We present the lifecycle of data in a connected use case through one of the fastest growing connected technology industry – the connected car. Self-driving and autonomous vehicles, in particular, are much closer to reality than most people think. By 2020 one in five cars on the road worldwide will have some form of wireless connection – managing everything from entertainment, driver’s personal diaries to routes and security to speed controls and accident reports. Data at rest is the data either exists locally within a device or in a cloud resource. This could be the vehicle’s data residing the car computer or the data that has been sent back and now stored in the cloud infrastructure of the vehicle manufacturer. Data in motion is that data that is in transit. This data could be moving from one vehicle to the other (for example, proximity between vehicles), or it could be data that is being exchanged over a cellular network between the car and some cloud resource.
- Let’s look at a few examples of ID2 in motion for different use cases.
- Let’s look at a few examples of ID2 in motion for different use cases.