Tackling Data Security and Privacy Challenges of the IoT
1. TACKLING DATA SECURITY AND
PRIVACY CHALLENGES OF THE IOT
Björn Peters
Head of Segment M2M/IoT – Exceet Secure Solutions
06-10-2016
2. 2
The digitization of the economy, also known as machine-to-machine (M2M), the Internet of Things
(IoT) or Industry 4.0, is happening as we speak. In an age when objects, people and organizations
exchange data automatically, security becomes the decisive success factor. This means that for
professional applications, it is vital to create a digital sphere of trust.
In this context, exceet Secure Solutions speaks of the digital identification and authentication of all
participants and objects, as well as secure end-to-end encryption of all communication.
How? With the aid of Trusted Ecosystems.
“
“
MOTIVATION
3. 3
„Automation pyramid“
First step:
Continous integration &
digitalization
Vision Industrie 4.0:
Decentralized
controlled modules (no
conventional hirarchy)
ERP
MES
Automation technics
(SPS, Sensoren,
Aktoren)
MES as an
information hub
Different
planning and
control Applications
production processes
with different
control components
Internet of Services
Internet of Things („Cyber-
Physical“ Systems)
IT ARCHITECTURE IS CHANGING
7. 7
AGENDA
• Firma XY
Security Is A
Barrier In Each
IoT Project
Security Is A
Barrier In Each
IoT Project
>50% of our IoT projects have middle or high security needs
Today enterprises are forced to realize individual security solutions
For data driven business models trust is vital
Authorities drive stronger regulation to enable trust in markets
An easy adoptable secure IOT solution helps the market to develop
1
2
3
4
5
8. 8
Approach:
Systematic derivation and formulation of all relevant
categories for attack scenarios.
Allocation of attack potentials.
Attack scenarios result from a threat to a specific object due
to an exploitation of vulnerability by an attacker.
Objective & Result:
Specific, clearly formulated attack scenarios and associated
attack potentials as basis for security analysis.
INITIAL CONSIDERATIONS
Asset – Protected Object – Development Phase –
Environmental Assumptions
Threat AttackerVulnerability
Attack Scenario and Attack Potential
Threat and Vulnerability Analysis
IoT and Security / Smart & Secure: The Secure Approach To Digital Transformation
THREAT AN VULNERABILITY ANALYSIS
10. 10
1010/14/2016I exceet Secure Solutions I Slide
VALUE CHAIN
• Closed trusted ecosystem
Established solution
in Germany.
Reduced complexity due
to unique exceet portfolio.
100% Vendor agnostic.
11. 11
1110/14/2016I exceet Secure Solutions I Slide
THE TRUSTED INDUSTRIALIZED IOT SOLUTION
• Fully integrated
Trusted Management
• Unique identification
• Mutual authentication
• End-2-End encryption
• Secure software &
configuration management
• Rights & rules management
Trusted Platform
• Full support of
the IoT Platform
• Fully integrated
• Business process
• support
• Business logic aligned
Secure Element
• Hardware-based
and tamper resistant
storage
• Form factor agnostic
• Lifecycle management
of the Secure Element
14. 14
AGENDA
• Firma XY
Security Is No
Question Of
Willingness.
It’s A Question
Of Readiness.
Security Is No
Question Of
Willingness.
It’s A Question
Of Readiness.
15. exceet Secure Solutions AG
Rethelstraße 47
40237 Düsseldorf
Germany
Björn Peters
Head of Segment M2M/IoT
Phone: +49 211 436989 35
Email: bjoern.peters@exceet.de
Web: www.exceet-secure-solutions.de