SlideShare a Scribd company logo
1 of 80
Download to read offline
Mrinal Wadhwa, Ockam
Trust and the
Internet of Things
IoT will have an economic impact between
$4 trillion and $11 trillion, by 2025.
Source: McKinsey & Company
The digitization of the physical world
— or the Internet of Things — has opened up
tremendous new opportunities, across industries.
• Lower costs: helps detect wastage and identify
opportunities to improve efficiency of operations.
• Enhanced Safety: prevents accidents, creates a safer
environment for employees and reduces damage to
assets.
• Better Customer Experience: reduces human error,
improves quality, provides opportunities to personalize,
improves customer satisfaction.
• Higher Revenue: new revenue streams from new
connected solutions and services.
Source: Microsoft
Survey of 3,000 decision makers involved in IoT decisions at enterprise companies from
a range of industries
• Lower costs: helps detect wastage and identify
opportunities to improve efficiency of operations.
• Enhanced Safety: prevents accidents, creates a safer
environment for employees and reduces damage to
assets.
• Better Customer Experience: reduces human error,
improves quality, provides opportunities to personalize,
improves customer satisfaction.
• Higher Revenue: new revenue streams from new
connected solutions and services.
Unplanned downtime costs industrial manufacturers
an estimated $50 billion annually.
Source: IndustryWeek & Emerson
IoT-enabled predictive maintenance typically reduces
machine downtime by 30 to 50% and increases
machine life by 20 to 40%.
Source: McKinsey & Company
Source: Microsoft
Survey of 3,000 decision makers involved in IoT decisions at enterprise companies from
a range of industries
There is a large number of such
transformative opportunities, across
industries.
Internet of Things Edge Computing
Cloud ComputingArtificial Intelligence
To successfully leverage these opportunities we, typically,
require a convergence of technologies
• Ability to sense the physical world.
• Cheap, low latency ubiquitous connectivity to communicate the sensed data.
• Ability to store and analyze large amounts of data.
• Algorithms that detect significant events.
• Algorithms that learn and improve decision quality using this data.
• Systems that automate and make these decisions at the right time.
• Ability to actuate decisions in the physical world.
InfluxData platform excels at many of the components
needed for this convergence.
• IoT data is time series data.
• IoT data streams require real-time processing.
• Self contained binaries are easy to deploy and
manage in edge computing environments.
• Telegraf makes it easy to collect from many
machine data sources.
TICK Stack
Since these use-cases are transformative, they are also usually
mission-critical for the business.
For our IoT solutions to be adopted, they must be
reliable, dependable, trustworthy.
Mrinal Wadhwa [Ockam] | Trust and the Internet of Things | InfluxDays Virtual Experience NA 2020
Mrinal Wadhwa [Ockam] | Trust and the Internet of Things | InfluxDays Virtual Experience NA 2020
Mrinal Wadhwa [Ockam] | Trust and the Internet of Things | InfluxDays Virtual Experience NA 2020
Mrinal Wadhwa [Ockam] | Trust and the Internet of Things | InfluxDays Virtual Experience NA 2020
Something is fundamentally wrong.
It is too difficult and too expensive to build/maintain
secure and private IoT systems.
Without security and privacy our IoT solution cannot be
reliable, dependable, trustworthy.
An entity should be granted the least amount of privilege necessary to complete its job.
Principle of
Least
Privilege.
The assumption that all systems and traffic within
a network boundary can be trusted is flawed.
A lot of people say their Industrial Control Systems
are air-gapped but what they mean is they think
they are air-gapped.
– Andrew Tierney: Pwning an oil rig, DEF CON 27
creativecommons.org/licenses/by/3.0/legalcode
youtube.com/watch?v=JoJ6uzIsQNs
96% share of unprotected industrial control traffic
The assumption that all systems and traffic within a
network boundary can be trusted is flawed.
Mrinal Wadhwa [Ockam] | Trust and the Internet of Things | InfluxDays Virtual Experience NA 2020
• The network is always assumed to be hostile.
• External and internal threats exist on the network at all times.
• Network locality is not sufficient for deciding trust in a network.
• Every device, user, and network flow is authenticated and authorized.
• Policies must be dynamic & calculated from as many sources of data as possible.
Zero Trust in network perimeters.
A zero trust network is built upon five fundamental assertions:
Security
The degree of resistance to encountering an unfortunate event.
Privacy
The ability of an individual or group to control the flow of information
about themselves.
Trust
The willingness of one party to rely on the actions of another party.
Security, Privacy and Trust are application layer concerns.
IoT application developers do not have easy to use tools,
libraries and infrastructure to granularly control these aspects
of their applications.
Open source tools for a device to communicate
securely, privately and trustfully with cloud services
and other devices.
github.com/ockam-network/ockam
The ability to move messages through a variety of IoT topologies.
Ockam
In a zero trust network, since there is no implicit trust in network boundaries trust must be
based on the identification, authentication and authorization of the sender of a message.
Trust must be rooted in:
Machine
Identity
The ability to safely generate, store and use unique cryptographic keys.
Ockam
In a zero trust network, all packets received on the network are immediately
suspicious. Strong cryptographic primitives must be used to validate that a
message was not tampered en-route.
All messages received on the network must be
checked for integrity.
Since the identity of the sender of a message is perceived from the contents of
a message without a data integrity guarantee we have nothing and are forced
to place trust in the network boundary.
Ockam
Initiator Responder
Shared Secret Shared Secret
M1
M2
M3
The entities involved use Public Key Cryptography to authenticate
each other and agree on a shared secret.
Authenticated Key Exchange
Initiator Responder
Shared Secret Shared Secret
M1
M2
M3
The shared secret is then used as a key in Symmetric Key
Cryptography to maintain confidentiality and integrity of application
data.
Application Data - Authenticated Encryption
The entities involved use Public Key Cryptography to authenticate
each other and agree on a shared secret.
Authenticated Key Exchange
D
Encrypting a message on a device before transmitting it on the network limits
the exposure of that information to the trustworthiness of the sender and the
intended receiver of the message.
End-to-end encryption.
This is how we can apply the principle of least privilege.
Ockam
Ockam
Ockam
Ockam Libraries:
• Rust
• C
• Elixir
Ockam Add-Ons:
• Telegraf as an ExecD plugin
• InfluxDB
• Golang
• JavaScript/TypeScript
• Swift
• Kotlin/Java
• Kafka
Let’s see how Ockam can help in typical deployments that
combine InfluxData platform and IoT …
InfluxDB / InfluxDB Cloud
Telegraf
Improved logistics with
connected trucks.
Influx has two builtin
security mechanisms
Server-Only
Authentication
If a signed certificate is configured, a truck can establish trust that it is talking to the
intended instance of InfluxDB.
Let’s dig into how this trust in the InfluxDB server’s identity is established:
The device on the truck has a root trust store.
Let’s dig into how this trust in the InfluxDB server’s identity is established:
The device on the truck has a root trust store.
Typically, on Linux machines, this is the Mozilla Firefox browsers root store.
This has 148 trusted parties.
These 148 parties are free to create subordinate trusted parties, there are 1000s of trusted parties.
If the defaults are followed any one of these
1000s of parties could issue a seemingly valid
certificate that a truck would believe is about the
intended InfluxDB server.
Major certificate authority breaches happen.
Spoofed Server Identity
feistyduck.com/ssl-tls-and-pki-history
Mrinal Wadhwa [Ockam] | Trust and the Internet of Things | InfluxDays Virtual Experience NA 2020
This trust model is okay for web browsers
because they have to trust lots of websites and
they run complex infrastructure to identify
breaches and manage revocation.
IoT devices shouldn’t base their trust in
the WebPKI.
There should instead be an application controlled public key infrastructure that
manages key lifecycle, revocation and pinned chains of trust.
Ockam
Influx has two builtin
security mechanisms
Influx Tokens
Allows us to granularly control which measurements can be reported
by an entity that presents a specific token.
A sensor in truck one should only report measurements for truck one.
A pressure sensor should only report pressure.
In practice this presents some complex challenges for IoT systems:
Unique Tokens
• If we have 100000 trucks, we must somehow generate
and deliver a unique token to each truck.
If the token is not unique, truck one could report about
truck two - spoofed truck identity.
If the token is not unique, someone can steal one token and
create millions of fake trucks - sybil attack.
Storage:
• Authentication/Identity secrets should be hard to steal.
Revocation:
• If we suspect that a token has been compromised we need
some way to revoke that token and issue a new token.
We can’t render a truck unusable in the field.
Manually visiting a truck would be very costly.
Rotation:
• We need some way to frequently rotate tokens in order to
reduce the likely hood of a compromise.
Manually visiting all 100000 trucks would be very costly.
InfluxDB / InfluxDB Cloud
Telegraf
Improved logistics with
connected trucks.
InfluxDB / InfluxDB Cloud
Telegraf + OckamD (ExecD plugin)
Ockam Influx Add-On in a Sidecar
Ockam with Influx
Ockam as an ExecD plugin for Telegraf
Each truck can now have unique identity keys that are stored
safely in hardware and cannot be easily stolen.
Private keys never leave the secure environment.
Each truck is communicating over a secure channel that is:
• Mutually Authenticated
• Guarantees Data Integrity
• Guarantees Confidentiality
• End-to-end encrypted
• Lightweight
• Friendly to occasionally connected devices
• Provides Forward Secrecy, Key Compromise Impersonation protection etc.
The identity keys of the trucks have managed lifecycle - they can be
rotated and revoked based one simple policies.
InfluxDB / InfluxDB Cloud
Telegraf + OckamD (ExecD plugin)
Ockam Influx Add-On in a Sidecar
The Ockam Influx Add-On integrates with InfluxDB
API to get granular, short-lived, unique
authorization tokens and leases them to precisely
control which devices are authorized to report
which measurements.
Bootstrap/Enrollment
InfluxDB / InfluxDB Cloud
InfluxDB / InfluxDB Cloud
Pre-key Bundle
InfluxDB / InfluxDB Cloud
Pre-key Bundle
InfluxDB / InfluxDB Cloud
Ockam Enrollment Protocol:
Based on Extended Triple Diffie-Hellman or X3DH to
asynchronously bootstrap a mutually authenticated
secure channel.
Mutually authenticated, end-to-end encrypted, secure channel
Future protocols like enrollment:
• Secure Software Updates
• Find a lost device
Mrinal Wadhwa [Ockam] | Trust and the Internet of Things | InfluxDays Virtual Experience NA 2020
InfluxDB / InfluxDB CloudGateway
LPWAN UDP
End-to-end Encrypted Secure Channels
End-to-end Encrypted Secure Channels
End-to-end Encrypted Secure Channels
InfluxDB / InfluxDB CloudInfluxDB
Edge
pentestpartners.com/security-blog/super-systemic-iot-flaws/
Ockam
Ockam Libraries:
• Rust
• C
• Elixir
Ockam Add-Ons:
• Telegraf as an ExecD plugin
• InfluxDB
• Golang
• JavaScript/TypeScript
• Swift
• Kotlin/Java
• Kafka
The end result - dependable data in your InfluxDB.
github.com/ockam-network/ockam
Mrinal Wadhwa
twitter.com/mrinal
CTO, Ockam

More Related Content

More from InfluxData

Gain Better Observability with OpenTelemetry and InfluxDB
Gain Better Observability with OpenTelemetry and InfluxDB Gain Better Observability with OpenTelemetry and InfluxDB
Gain Better Observability with OpenTelemetry and InfluxDB InfluxData
 
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...InfluxData
 
How Delft University's Engineering Students Make Their EV Formula-Style Race ...
How Delft University's Engineering Students Make Their EV Formula-Style Race ...How Delft University's Engineering Students Make Their EV Formula-Style Race ...
How Delft University's Engineering Students Make Their EV Formula-Style Race ...InfluxData
 
Introducing InfluxDB’s New Time Series Database Storage Engine
Introducing InfluxDB’s New Time Series Database Storage EngineIntroducing InfluxDB’s New Time Series Database Storage Engine
Introducing InfluxDB’s New Time Series Database Storage EngineInfluxData
 
Start Automating InfluxDB Deployments at the Edge with balena
Start Automating InfluxDB Deployments at the Edge with balena Start Automating InfluxDB Deployments at the Edge with balena
Start Automating InfluxDB Deployments at the Edge with balena InfluxData
 
Understanding InfluxDB’s New Storage Engine
Understanding InfluxDB’s New Storage EngineUnderstanding InfluxDB’s New Storage Engine
Understanding InfluxDB’s New Storage EngineInfluxData
 
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDBStreamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDBInfluxData
 
Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...
Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...
Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...InfluxData
 
Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022
Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022
Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022InfluxData
 
Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022InfluxData
 
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...InfluxData
 
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022InfluxData
 
Paul Dix [InfluxData] The Journey of InfluxDB | InfluxDays 2022
Paul Dix [InfluxData] The Journey of InfluxDB | InfluxDays 2022Paul Dix [InfluxData] The Journey of InfluxDB | InfluxDays 2022
Paul Dix [InfluxData] The Journey of InfluxDB | InfluxDays 2022InfluxData
 
Jay Clifford [InfluxData] | Tips & Tricks for Analyzing IIoT in Real-Time | I...
Jay Clifford [InfluxData] | Tips & Tricks for Analyzing IIoT in Real-Time | I...Jay Clifford [InfluxData] | Tips & Tricks for Analyzing IIoT in Real-Time | I...
Jay Clifford [InfluxData] | Tips & Tricks for Analyzing IIoT in Real-Time | I...InfluxData
 
Brian Gilmore [InfluxData] | Use Case: IIoT Overview | InfluxDays 2022
Brian Gilmore [InfluxData] | Use Case: IIoT Overview | InfluxDays 2022Brian Gilmore [InfluxData] | Use Case: IIoT Overview | InfluxDays 2022
Brian Gilmore [InfluxData] | Use Case: IIoT Overview | InfluxDays 2022InfluxData
 
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...InfluxData
 
Gilmore, Palani [InfluxData] | Use Case: Crypto & Fintech | InfluxDays 2022
Gilmore, Palani [InfluxData] | Use Case: Crypto & Fintech | InfluxDays 2022Gilmore, Palani [InfluxData] | Use Case: Crypto & Fintech | InfluxDays 2022
Gilmore, Palani [InfluxData] | Use Case: Crypto & Fintech | InfluxDays 2022InfluxData
 
Charles Mahler [InfluxData] | Use Case: Networking Monitoring | InfluxDays 2022
Charles Mahler [InfluxData] | Use Case: Networking Monitoring | InfluxDays 2022Charles Mahler [InfluxData] | Use Case: Networking Monitoring | InfluxDays 2022
Charles Mahler [InfluxData] | Use Case: Networking Monitoring | InfluxDays 2022InfluxData
 
Anais Dotis-Georgiou [InfluxData] | Becoming a Flux Pro | InfluxDays 2022
Anais Dotis-Georgiou [InfluxData] | Becoming a Flux Pro | InfluxDays 2022Anais Dotis-Georgiou [InfluxData] | Becoming a Flux Pro | InfluxDays 2022
Anais Dotis-Georgiou [InfluxData] | Becoming a Flux Pro | InfluxDays 2022InfluxData
 
Michael Hall [InfluxData] | Become an InfluxDB Pro in 20 Minutes | InfluxDays...
Michael Hall [InfluxData] | Become an InfluxDB Pro in 20 Minutes | InfluxDays...Michael Hall [InfluxData] | Become an InfluxDB Pro in 20 Minutes | InfluxDays...
Michael Hall [InfluxData] | Become an InfluxDB Pro in 20 Minutes | InfluxDays...InfluxData
 

More from InfluxData (20)

Gain Better Observability with OpenTelemetry and InfluxDB
Gain Better Observability with OpenTelemetry and InfluxDB Gain Better Observability with OpenTelemetry and InfluxDB
Gain Better Observability with OpenTelemetry and InfluxDB
 
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
 
How Delft University's Engineering Students Make Their EV Formula-Style Race ...
How Delft University's Engineering Students Make Their EV Formula-Style Race ...How Delft University's Engineering Students Make Their EV Formula-Style Race ...
How Delft University's Engineering Students Make Their EV Formula-Style Race ...
 
Introducing InfluxDB’s New Time Series Database Storage Engine
Introducing InfluxDB’s New Time Series Database Storage EngineIntroducing InfluxDB’s New Time Series Database Storage Engine
Introducing InfluxDB’s New Time Series Database Storage Engine
 
Start Automating InfluxDB Deployments at the Edge with balena
Start Automating InfluxDB Deployments at the Edge with balena Start Automating InfluxDB Deployments at the Edge with balena
Start Automating InfluxDB Deployments at the Edge with balena
 
Understanding InfluxDB’s New Storage Engine
Understanding InfluxDB’s New Storage EngineUnderstanding InfluxDB’s New Storage Engine
Understanding InfluxDB’s New Storage Engine
 
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDBStreamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
 
Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...
Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...
Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...
 
Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022
Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022
Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022
 
Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022
 
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
 
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
 
Paul Dix [InfluxData] The Journey of InfluxDB | InfluxDays 2022
Paul Dix [InfluxData] The Journey of InfluxDB | InfluxDays 2022Paul Dix [InfluxData] The Journey of InfluxDB | InfluxDays 2022
Paul Dix [InfluxData] The Journey of InfluxDB | InfluxDays 2022
 
Jay Clifford [InfluxData] | Tips & Tricks for Analyzing IIoT in Real-Time | I...
Jay Clifford [InfluxData] | Tips & Tricks for Analyzing IIoT in Real-Time | I...Jay Clifford [InfluxData] | Tips & Tricks for Analyzing IIoT in Real-Time | I...
Jay Clifford [InfluxData] | Tips & Tricks for Analyzing IIoT in Real-Time | I...
 
Brian Gilmore [InfluxData] | Use Case: IIoT Overview | InfluxDays 2022
Brian Gilmore [InfluxData] | Use Case: IIoT Overview | InfluxDays 2022Brian Gilmore [InfluxData] | Use Case: IIoT Overview | InfluxDays 2022
Brian Gilmore [InfluxData] | Use Case: IIoT Overview | InfluxDays 2022
 
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
 
Gilmore, Palani [InfluxData] | Use Case: Crypto & Fintech | InfluxDays 2022
Gilmore, Palani [InfluxData] | Use Case: Crypto & Fintech | InfluxDays 2022Gilmore, Palani [InfluxData] | Use Case: Crypto & Fintech | InfluxDays 2022
Gilmore, Palani [InfluxData] | Use Case: Crypto & Fintech | InfluxDays 2022
 
Charles Mahler [InfluxData] | Use Case: Networking Monitoring | InfluxDays 2022
Charles Mahler [InfluxData] | Use Case: Networking Monitoring | InfluxDays 2022Charles Mahler [InfluxData] | Use Case: Networking Monitoring | InfluxDays 2022
Charles Mahler [InfluxData] | Use Case: Networking Monitoring | InfluxDays 2022
 
Anais Dotis-Georgiou [InfluxData] | Becoming a Flux Pro | InfluxDays 2022
Anais Dotis-Georgiou [InfluxData] | Becoming a Flux Pro | InfluxDays 2022Anais Dotis-Georgiou [InfluxData] | Becoming a Flux Pro | InfluxDays 2022
Anais Dotis-Georgiou [InfluxData] | Becoming a Flux Pro | InfluxDays 2022
 
Michael Hall [InfluxData] | Become an InfluxDB Pro in 20 Minutes | InfluxDays...
Michael Hall [InfluxData] | Become an InfluxDB Pro in 20 Minutes | InfluxDays...Michael Hall [InfluxData] | Become an InfluxDB Pro in 20 Minutes | InfluxDays...
Michael Hall [InfluxData] | Become an InfluxDB Pro in 20 Minutes | InfluxDays...
 

Recently uploaded

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 

Recently uploaded (20)

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 

Mrinal Wadhwa [Ockam] | Trust and the Internet of Things | InfluxDays Virtual Experience NA 2020

  • 1. Mrinal Wadhwa, Ockam Trust and the Internet of Things
  • 2. IoT will have an economic impact between $4 trillion and $11 trillion, by 2025. Source: McKinsey & Company
  • 3. The digitization of the physical world — or the Internet of Things — has opened up tremendous new opportunities, across industries.
  • 4. • Lower costs: helps detect wastage and identify opportunities to improve efficiency of operations. • Enhanced Safety: prevents accidents, creates a safer environment for employees and reduces damage to assets. • Better Customer Experience: reduces human error, improves quality, provides opportunities to personalize, improves customer satisfaction. • Higher Revenue: new revenue streams from new connected solutions and services.
  • 5. Source: Microsoft Survey of 3,000 decision makers involved in IoT decisions at enterprise companies from a range of industries • Lower costs: helps detect wastage and identify opportunities to improve efficiency of operations. • Enhanced Safety: prevents accidents, creates a safer environment for employees and reduces damage to assets. • Better Customer Experience: reduces human error, improves quality, provides opportunities to personalize, improves customer satisfaction. • Higher Revenue: new revenue streams from new connected solutions and services.
  • 6. Unplanned downtime costs industrial manufacturers an estimated $50 billion annually. Source: IndustryWeek & Emerson
  • 7. IoT-enabled predictive maintenance typically reduces machine downtime by 30 to 50% and increases machine life by 20 to 40%. Source: McKinsey & Company
  • 8. Source: Microsoft Survey of 3,000 decision makers involved in IoT decisions at enterprise companies from a range of industries There is a large number of such transformative opportunities, across industries.
  • 9. Internet of Things Edge Computing Cloud ComputingArtificial Intelligence To successfully leverage these opportunities we, typically, require a convergence of technologies • Ability to sense the physical world. • Cheap, low latency ubiquitous connectivity to communicate the sensed data. • Ability to store and analyze large amounts of data. • Algorithms that detect significant events. • Algorithms that learn and improve decision quality using this data. • Systems that automate and make these decisions at the right time. • Ability to actuate decisions in the physical world.
  • 10. InfluxData platform excels at many of the components needed for this convergence. • IoT data is time series data. • IoT data streams require real-time processing. • Self contained binaries are easy to deploy and manage in edge computing environments. • Telegraf makes it easy to collect from many machine data sources. TICK Stack
  • 11. Since these use-cases are transformative, they are also usually mission-critical for the business. For our IoT solutions to be adopted, they must be reliable, dependable, trustworthy.
  • 16. Something is fundamentally wrong. It is too difficult and too expensive to build/maintain secure and private IoT systems. Without security and privacy our IoT solution cannot be reliable, dependable, trustworthy.
  • 17. An entity should be granted the least amount of privilege necessary to complete its job. Principle of Least Privilege.
  • 18. The assumption that all systems and traffic within a network boundary can be trusted is flawed.
  • 19. A lot of people say their Industrial Control Systems are air-gapped but what they mean is they think they are air-gapped. – Andrew Tierney: Pwning an oil rig, DEF CON 27 creativecommons.org/licenses/by/3.0/legalcode youtube.com/watch?v=JoJ6uzIsQNs
  • 20. 96% share of unprotected industrial control traffic
  • 21. The assumption that all systems and traffic within a network boundary can be trusted is flawed.
  • 23. • The network is always assumed to be hostile. • External and internal threats exist on the network at all times. • Network locality is not sufficient for deciding trust in a network. • Every device, user, and network flow is authenticated and authorized. • Policies must be dynamic & calculated from as many sources of data as possible. Zero Trust in network perimeters. A zero trust network is built upon five fundamental assertions:
  • 24. Security The degree of resistance to encountering an unfortunate event.
  • 25. Privacy The ability of an individual or group to control the flow of information about themselves.
  • 26. Trust The willingness of one party to rely on the actions of another party.
  • 27. Security, Privacy and Trust are application layer concerns. IoT application developers do not have easy to use tools, libraries and infrastructure to granularly control these aspects of their applications.
  • 28. Open source tools for a device to communicate securely, privately and trustfully with cloud services and other devices. github.com/ockam-network/ockam
  • 29. The ability to move messages through a variety of IoT topologies. Ockam
  • 30. In a zero trust network, since there is no implicit trust in network boundaries trust must be based on the identification, authentication and authorization of the sender of a message. Trust must be rooted in: Machine Identity
  • 31. The ability to safely generate, store and use unique cryptographic keys. Ockam
  • 32. In a zero trust network, all packets received on the network are immediately suspicious. Strong cryptographic primitives must be used to validate that a message was not tampered en-route. All messages received on the network must be checked for integrity. Since the identity of the sender of a message is perceived from the contents of a message without a data integrity guarantee we have nothing and are forced to place trust in the network boundary.
  • 33. Ockam
  • 34. Initiator Responder Shared Secret Shared Secret M1 M2 M3 The entities involved use Public Key Cryptography to authenticate each other and agree on a shared secret. Authenticated Key Exchange
  • 35. Initiator Responder Shared Secret Shared Secret M1 M2 M3 The shared secret is then used as a key in Symmetric Key Cryptography to maintain confidentiality and integrity of application data. Application Data - Authenticated Encryption The entities involved use Public Key Cryptography to authenticate each other and agree on a shared secret. Authenticated Key Exchange D
  • 36. Encrypting a message on a device before transmitting it on the network limits the exposure of that information to the trustworthiness of the sender and the intended receiver of the message. End-to-end encryption. This is how we can apply the principle of least privilege.
  • 37. Ockam
  • 38. Ockam
  • 39. Ockam
  • 40. Ockam Libraries: • Rust • C • Elixir Ockam Add-Ons: • Telegraf as an ExecD plugin • InfluxDB • Golang • JavaScript/TypeScript • Swift • Kotlin/Java • Kafka
  • 41. Let’s see how Ockam can help in typical deployments that combine InfluxData platform and IoT …
  • 42. InfluxDB / InfluxDB Cloud Telegraf Improved logistics with connected trucks.
  • 43. Influx has two builtin security mechanisms
  • 44. Server-Only Authentication If a signed certificate is configured, a truck can establish trust that it is talking to the intended instance of InfluxDB.
  • 45. Let’s dig into how this trust in the InfluxDB server’s identity is established: The device on the truck has a root trust store.
  • 46. Let’s dig into how this trust in the InfluxDB server’s identity is established: The device on the truck has a root trust store. Typically, on Linux machines, this is the Mozilla Firefox browsers root store. This has 148 trusted parties. These 148 parties are free to create subordinate trusted parties, there are 1000s of trusted parties.
  • 47. If the defaults are followed any one of these 1000s of parties could issue a seemingly valid certificate that a truck would believe is about the intended InfluxDB server. Major certificate authority breaches happen. Spoofed Server Identity feistyduck.com/ssl-tls-and-pki-history
  • 49. This trust model is okay for web browsers because they have to trust lots of websites and they run complex infrastructure to identify breaches and manage revocation.
  • 50. IoT devices shouldn’t base their trust in the WebPKI. There should instead be an application controlled public key infrastructure that manages key lifecycle, revocation and pinned chains of trust. Ockam
  • 51. Influx has two builtin security mechanisms
  • 52. Influx Tokens Allows us to granularly control which measurements can be reported by an entity that presents a specific token. A sensor in truck one should only report measurements for truck one. A pressure sensor should only report pressure.
  • 53. In practice this presents some complex challenges for IoT systems:
  • 54. Unique Tokens • If we have 100000 trucks, we must somehow generate and deliver a unique token to each truck. If the token is not unique, truck one could report about truck two - spoofed truck identity. If the token is not unique, someone can steal one token and create millions of fake trucks - sybil attack.
  • 56. Revocation: • If we suspect that a token has been compromised we need some way to revoke that token and issue a new token. We can’t render a truck unusable in the field. Manually visiting a truck would be very costly.
  • 57. Rotation: • We need some way to frequently rotate tokens in order to reduce the likely hood of a compromise. Manually visiting all 100000 trucks would be very costly.
  • 58. InfluxDB / InfluxDB Cloud Telegraf Improved logistics with connected trucks.
  • 59. InfluxDB / InfluxDB Cloud Telegraf + OckamD (ExecD plugin) Ockam Influx Add-On in a Sidecar Ockam with Influx
  • 60. Ockam as an ExecD plugin for Telegraf
  • 61. Each truck can now have unique identity keys that are stored safely in hardware and cannot be easily stolen. Private keys never leave the secure environment.
  • 62. Each truck is communicating over a secure channel that is: • Mutually Authenticated • Guarantees Data Integrity • Guarantees Confidentiality • End-to-end encrypted • Lightweight • Friendly to occasionally connected devices • Provides Forward Secrecy, Key Compromise Impersonation protection etc.
  • 63. The identity keys of the trucks have managed lifecycle - they can be rotated and revoked based one simple policies.
  • 64. InfluxDB / InfluxDB Cloud Telegraf + OckamD (ExecD plugin) Ockam Influx Add-On in a Sidecar The Ockam Influx Add-On integrates with InfluxDB API to get granular, short-lived, unique authorization tokens and leases them to precisely control which devices are authorized to report which measurements.
  • 67. InfluxDB / InfluxDB Cloud Pre-key Bundle
  • 68. InfluxDB / InfluxDB Cloud Pre-key Bundle
  • 69. InfluxDB / InfluxDB Cloud Ockam Enrollment Protocol: Based on Extended Triple Diffie-Hellman or X3DH to asynchronously bootstrap a mutually authenticated secure channel. Mutually authenticated, end-to-end encrypted, secure channel
  • 70. Future protocols like enrollment: • Secure Software Updates • Find a lost device
  • 72. InfluxDB / InfluxDB CloudGateway LPWAN UDP End-to-end Encrypted Secure Channels
  • 75. InfluxDB / InfluxDB CloudInfluxDB Edge
  • 77. Ockam
  • 78. Ockam Libraries: • Rust • C • Elixir Ockam Add-Ons: • Telegraf as an ExecD plugin • InfluxDB • Golang • JavaScript/TypeScript • Swift • Kotlin/Java • Kafka
  • 79. The end result - dependable data in your InfluxDB.