SlideShare a Scribd company logo

Beyond Consumers - Devices As 1st Class Identities

Chris Adriaensen
Chris Adriaensen

Talk given at the London Identity & Security Meetup in London, United Kingdom on February 21, 2019.

Technology
1 of 13
Download to read offline
auth0.com Beyond Consumers Devices As 1st Class Identities February 21, 2019 Chris Adriaensen, Solutions Engineering Lead EMEA
auth0.com
auth0.com Estimated 200 Billion IoT Devices by 2020
Digital Identity Motivations ● For technology to understand who the “user” is to... > personalize the interaction / experience (operations/business-driven) > protect any information / assets (security-driven) ● Though the “user” can be one of the following… > human on device interacting with the technology direct (native) > human on device interacting with the technology with client (server) > client on machine interacting with the technology (server)
Human Identity Evolution Customers | Consumers Internal Employees External Internal External >1K >10K >100K >1M Directory X.500 | LDAP Federation SAML 2.0 | WS-Federation Database SCIM 2.0 Federation OAuth 2.0 OpenID Connect Partners
Machine Identity Evolution Devices | Things Human | Machine Use Internal Machines External Internal External >1K >10K >1M >100M Directory X.500 | LDAP Federation X.509 Certificates Database ?? Federation ??
Anatomy Humans <> Machines Humans Machines Knowledge Mind Interaction (Input: Senses | Output: Movement) Processor + Memory Access Intrinsics Body + Personality Interfaces (Input: Sensors | Output: Actuators) Hardware + Software Category
Authentication Humans <> Machines Humans Machines Knowledge Symmetric Secret (Password / Passphrase / PIN / Answers) Trusted Token | Side-Channel (Access Card | OTP/Push) Symmetric / Asymmetric Secret (Password / Key) Access Intrinsics Biological / Behavioural Metrics (Fingerprint / Facial / Iris / EGC) Trusted Token | Side-Channel (JWT/SAML/X.509 | OTP/Push) Electrical / Code Metrics (Fingerprint / Speed / Errors / Version) Category
auth0.com Mirai IoT Botnet Performs DDOS Attack On Dyn DNS Provider, Takes Down Lot Of Internet Services, IoT Reaper Botnet Growing And Bigger, Remains Dormant Main Cause: Weak Authentication October 2016
auth0.com Hackers Hack Jeep Cherokee Through On-Board Cellular System, Are Able To Remotely Kill Engine, Access CAN Bus Main Cause: Weak Authentication July 2015
auth0.com Hacker Jack Barnaby Can Wirelessly Scan & Hack Medtronic Insulin Pump, Company Denies & Jack Found Dead Main Cause: Weak Authentication February 2012
Warning Devices & Things Security Privacy Machine Virtual Resources (Files | Mining | DDOS) Virtual + Physical Resources (Files / Mining / DDOS | Internal Damage) Provided Data (Uploaded Data) Devices Things Physical Resources (Internal / External Damage) Provided + Sensor Data (Recorded Data | GPS / Video / Sound) Sensor Data (Video / Sound / Heat / Usage) Category
Digital Identity Future ● Apply same techniques for machines as for humans... > passwords are biggest security problem to Internet of Things > trusted tokens / side-channel is actually easier for machines > metrics requires local authentication standards (WebAuthN / FIDO 2.0) ● Solve scale/performance/connectivity challenge for machines… > stateless technology seems required (scalability / server-disconnected) > distributed technology seems required (performance / cloud-disconnected) > local technology seems required (connectivity)

Recommended

Digital identity
Digital identityDigital identity
Digital identity
Thouraya Daouas
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
Vladimir Jirasek
 
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud AppsCIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CloudIDSummit
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
Aviva Spectrum™
 
Odoo iot box integration
Odoo iot box integrationOdoo iot box integration
Odoo iot box integration
Celine George
 
AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
AuthentiThings: The Pitfalls and Promises of Authentication in the IoTAuthentiThings: The Pitfalls and Promises of Authentication in the IoT
AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
TransUnion
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
Patrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
cyber security legal perspective
cyber security legal perspectivecyber security legal perspective
cyber security legal perspective
Shoeb Ahmed
 

Recommended

Digital identity
Digital identityDigital identity
Digital identity
Thouraya Daouas
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
Vladimir Jirasek
 
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud AppsCIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CIS13: Beyond the Building: Secure Identity Services for Mobile and Cloud Apps
CloudIDSummit
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
Aviva Spectrum™
 
Odoo iot box integration
Odoo iot box integrationOdoo iot box integration
Odoo iot box integration
Celine George
 
AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
AuthentiThings: The Pitfalls and Promises of Authentication in the IoTAuthentiThings: The Pitfalls and Promises of Authentication in the IoT
AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
TransUnion
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
Patrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
cyber security legal perspective
cyber security legal perspectivecyber security legal perspective
cyber security legal perspective
Shoeb Ahmed
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]
Sharpe Smith
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of Things
Ping Identity
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open Standards
George Fletcher
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
John Rhoton
 
Open Identity Exchange - the Global Growth of Digital Identity
Open Identity Exchange - the Global Growth of Digital IdentityOpen Identity Exchange - the Global Growth of Digital Identity
Open Identity Exchange - the Global Growth of Digital Identity
Ubisecure
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
OKsystem
 
Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...
Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...
Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...
Priyanka Aash
 
Outsmarting the Smart City
Outsmarting the Smart CityOutsmarting the Smart City
Outsmarting the Smart City
Priyanka Aash
 
CIS14: Mobilize Your Workforce with Secure Identity Services
CIS14: Mobilize Your Workforce with Secure Identity ServicesCIS14: Mobilize Your Workforce with Secure Identity Services
CIS14: Mobilize Your Workforce with Secure Identity Services
CloudIDSummit
 
Security In Internet Banking
Security In Internet BankingSecurity In Internet Banking
Security In Internet Banking
Chiheb Chebbi
 
The Mobile Lawyer: 2014
The Mobile Lawyer: 2014The Mobile Lawyer: 2014
The Mobile Lawyer: 2014
equaley
 
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok LabsFIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
Nok Nok Labs, Inc
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hi
Mark Fazackerley
 
Web Authn & Security Keys: Unlocking the Key to Authentication
Web Authn & Security Keys: Unlocking the Key to AuthenticationWeb Authn & Security Keys: Unlocking the Key to Authentication
Web Authn & Security Keys: Unlocking the Key to Authentication
FIDO Alliance
 
2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety
2FA, Inc.
 
Identity cues two factor data sheet
Identity cues two factor data sheetIdentity cues two factor data sheet
Identity cues two factor data sheet
Hai Nguyen
 
The relevance of Digital content in SOX compliance
The relevance of Digital content in SOX complianceThe relevance of Digital content in SOX compliance
The relevance of Digital content in SOX compliance
Strategic Business & IT Services
 
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Dr. Amarjeet Singh
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics Poster
Faisal Razzak
 
Con8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - finalCon8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - final
OracleIDM
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
Dean Iacovelli
 
IoT Masterclass ESGT Santarem - Connecting The Dots
IoT Masterclass ESGT Santarem - Connecting The DotsIoT Masterclass ESGT Santarem - Connecting The Dots
IoT Masterclass ESGT Santarem - Connecting The Dots
Marco Silva
 

More Related Content

What's hot

Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]
Sharpe Smith
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
OKsystem
 
Outsmarting the Smart City
Outsmarting the Smart CityOutsmarting the Smart City
Outsmarting the Smart City
Priyanka Aash
 
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok LabsFIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
Nok Nok Labs, Inc
 
2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety
2FA, Inc.
 
Identity cues two factor data sheet
Identity cues two factor data sheetIdentity cues two factor data sheet
Identity cues two factor data sheet
Hai Nguyen
 
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Dr. Amarjeet Singh
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics Poster
Faisal Razzak
 

What's hot (20)

Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of Things
 
Internet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open StandardsInternet of Things: Identity & Security with Open Standards
Internet of Things: Identity & Security with Open Standards
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
Open Identity Exchange - the Global Growth of Digital Identity
Open Identity Exchange - the Global Growth of Digital IdentityOpen Identity Exchange - the Global Growth of Digital Identity
Open Identity Exchange - the Global Growth of Digital Identity
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
 
Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...
Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...
Outsmarting the Smart City: DISCOVERING AND ATTACKING THE TECHNOLOGY THAT RUN...
 
Outsmarting the Smart City
Outsmarting the Smart CityOutsmarting the Smart City
Outsmarting the Smart City
 
CIS14: Mobilize Your Workforce with Secure Identity Services
CIS14: Mobilize Your Workforce with Secure Identity ServicesCIS14: Mobilize Your Workforce with Secure Identity Services
CIS14: Mobilize Your Workforce with Secure Identity Services
 
Security In Internet Banking
Security In Internet BankingSecurity In Internet Banking
Security In Internet Banking
 
The Mobile Lawyer: 2014
The Mobile Lawyer: 2014The Mobile Lawyer: 2014
The Mobile Lawyer: 2014
 
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok LabsFIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
FIDO & The Mobile Network Operator - Goode Intelligence & Nok Nok Labs
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hi
 
Web Authn & Security Keys: Unlocking the Key to Authentication
Web Authn & Security Keys: Unlocking the Key to AuthenticationWeb Authn & Security Keys: Unlocking the Key to Authentication
Web Authn & Security Keys: Unlocking the Key to Authentication
 
2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety2FA Advanced Authentication for Public Safety
2FA Advanced Authentication for Public Safety
 
Identity cues two factor data sheet
Identity cues two factor data sheetIdentity cues two factor data sheet
Identity cues two factor data sheet
 
The relevance of Digital content in SOX compliance
The relevance of Digital content in SOX complianceThe relevance of Digital content in SOX compliance
The relevance of Digital content in SOX compliance
 
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics Poster
 
Con8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - finalCon8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - final
 

Similar to Beyond Consumers - Devices As 1st Class Identities

Android– forensics and security testing
Android– forensics and security testingAndroid– forensics and security testing
Android– forensics and security testing
Santhosh Kumar
 
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Ping Identity
 
Стас Павлов «Построение безопасной архитектуры IoT решений на примере Azure I...
Стас Павлов «Построение безопасной архитектуры IoT решений на примере Azure I...Стас Павлов «Построение безопасной архитектуры IoT решений на примере Azure I...
Стас Павлов «Построение безопасной архитектуры IoT решений на примере Azure I...
MskDotNet Community
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
tjane3
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
lmelaine
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
vrickens
 

Similar to Beyond Consumers - Devices As 1st Class Identities (20)

"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 
IoT Masterclass ESGT Santarem - Connecting The Dots
IoT Masterclass ESGT Santarem - Connecting The DotsIoT Masterclass ESGT Santarem - Connecting The Dots
IoT Masterclass ESGT Santarem - Connecting The Dots
 
Android– forensics and security testing
Android– forensics and security testingAndroid– forensics and security testing
Android– forensics and security testing
 
RISE OF THE MACHINES: IRM IN AN IOT WORLD
RISE OF THE MACHINES: IRM IN AN IOT WORLDRISE OF THE MACHINES: IRM IN AN IOT WORLD
RISE OF THE MACHINES: IRM IN AN IOT WORLD
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
 
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
 
Security in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and CloudSecurity in Web 2.0, Social Web and Cloud
Security in Web 2.0, Social Web and Cloud
 
Стас Павлов «Построение безопасной архитектуры IoT решений на примере Azure I...
Стас Павлов «Построение безопасной архитектуры IoT решений на примере Azure I...Стас Павлов «Построение безопасной архитектуры IoT решений на примере Azure I...
Стас Павлов «Построение безопасной архитектуры IoT решений на примере Azure I...
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
Creating the Internet of YOUR Things. Global Azure Bootcamp 2018
Creating the Internet of YOUR Things. Global Azure Bootcamp 2018Creating the Internet of YOUR Things. Global Azure Bootcamp 2018
Creating the Internet of YOUR Things. Global Azure Bootcamp 2018
 
Developing your IoT Solutions with Intel
Developing your IoT Solutions with IntelDeveloping your IoT Solutions with Intel
Developing your IoT Solutions with Intel
 
Windows developer program for IoT
Windows developer program for IoTWindows developer program for IoT
Windows developer program for IoT
 
it was the handout about AI hand out ppt.pptx
it was the handout about AI hand out ppt.pptxit was the handout about AI hand out ppt.pptx
it was the handout about AI hand out ppt.pptx
 
Trends in IoT 2017
Trends in IoT 2017Trends in IoT 2017
Trends in IoT 2017
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
 
08_-_Masamichi_Tanaka_-_Bigdata_and_AI_in_IOT.pdf
08_-_Masamichi_Tanaka_-_Bigdata_and_AI_in_IOT.pdf08_-_Masamichi_Tanaka_-_Bigdata_and_AI_in_IOT.pdf
08_-_Masamichi_Tanaka_-_Bigdata_and_AI_in_IOT.pdf
 
BYOD: Risks and Opportunities
BYOD: Risks and OpportunitiesBYOD: Risks and Opportunities
BYOD: Risks and Opportunities
 
#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck#EVRYWhatsNext EMS Slide Deck
#EVRYWhatsNext EMS Slide Deck
 
How to Meet MFA Mandates in Air Gap Networks
How to Meet MFA Mandates in Air Gap NetworksHow to Meet MFA Mandates in Air Gap Networks
How to Meet MFA Mandates in Air Gap Networks
 

More from Chris Adriaensen

More from Chris Adriaensen (11)

AWS Scalable Architectures - Serverless
AWS Scalable Architectures - ServerlessAWS Scalable Architectures - Serverless
AWS Scalable Architectures - Serverless
 
A Marvelous Guide To Internet Security
A Marvelous Guide To Internet SecurityA Marvelous Guide To Internet Security
A Marvelous Guide To Internet Security
 
Internet of Things Security & Privacy
Internet of Things Security & PrivacyInternet of Things Security & Privacy
Internet of Things Security & Privacy
 
The Relationship Model
The Relationship ModelThe Relationship Model
The Relationship Model
 
EU Single Digital Market - eIDAS To The Rescue
EU Single Digital Market - eIDAS To The RescueEU Single Digital Market - eIDAS To The Rescue
EU Single Digital Market - eIDAS To The Rescue
 
Trust - A Rare Commodity (Extended)
Trust - A Rare Commodity (Extended)Trust - A Rare Commodity (Extended)
Trust - A Rare Commodity (Extended)
 
The Relationship Battle
The Relationship BattleThe Relationship Battle
The Relationship Battle
 
UMA - An Open Standard for Consent-Driven Personal Data Sharing
UMA - An Open Standard for Consent-Driven Personal Data SharingUMA - An Open Standard for Consent-Driven Personal Data Sharing
UMA - An Open Standard for Consent-Driven Personal Data Sharing
 
De Burger in Controle? Standaarden en Technologie voor Persoonlijke Gegevenst...
De Burger in Controle? Standaarden en Technologie voor Persoonlijke Gegevenst...De Burger in Controle? Standaarden en Technologie voor Persoonlijke Gegevenst...
De Burger in Controle? Standaarden en Technologie voor Persoonlijke Gegevenst...
 
The Hitchhiker's Guide to the Land of OAuth
The Hitchhiker's Guide to the Land of OAuthThe Hitchhiker's Guide to the Land of OAuth
The Hitchhiker's Guide to the Land of OAuth
 
Internet of Things Security & Privacy
Internet of Things Security & PrivacyInternet of Things Security & Privacy
Internet of Things Security & Privacy
 

Recently uploaded

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
FIDO Alliance
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
WSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Beyond Consumers - Devices As 1st Class Identities

  • 1. auth0.com Beyond Consumers Devices As 1st Class Identities February 21, 2019 Chris Adriaensen, Solutions Engineering Lead EMEA
  • 4. Digital Identity Motivations ● For technology to understand who the “user” is to... > personalize the interaction / experience (operations/business-driven) > protect any information / assets (security-driven) ● Though the “user” can be one of the following… > human on device interacting with the technology direct (native) > human on device interacting with the technology with client (server) > client on machine interacting with the technology (server)
  • 5. Human Identity Evolution Customers | Consumers Internal Employees External Internal External >1K >10K >100K >1M Directory X.500 | LDAP Federation SAML 2.0 | WS-Federation Database SCIM 2.0 Federation OAuth 2.0 OpenID Connect Partners
  • 6. Machine Identity Evolution Devices | Things Human | Machine Use Internal Machines External Internal External >1K >10K >1M >100M Directory X.500 | LDAP Federation X.509 Certificates Database ?? Federation ??
  • 7. Anatomy Humans <> Machines Humans Machines Knowledge Mind Interaction (Input: Senses | Output: Movement) Processor + Memory Access Intrinsics Body + Personality Interfaces (Input: Sensors | Output: Actuators) Hardware + Software Category
  • 8. Authentication Humans <> Machines Humans Machines Knowledge Symmetric Secret (Password / Passphrase / PIN / Answers) Trusted Token | Side-Channel (Access Card | OTP/Push) Symmetric / Asymmetric Secret (Password / Key) Access Intrinsics Biological / Behavioural Metrics (Fingerprint / Facial / Iris / EGC) Trusted Token | Side-Channel (JWT/SAML/X.509 | OTP/Push) Electrical / Code Metrics (Fingerprint / Speed / Errors / Version) Category
  • 9. auth0.com Mirai IoT Botnet Performs DDOS Attack On Dyn DNS Provider, Takes Down Lot Of Internet Services, IoT Reaper Botnet Growing And Bigger, Remains Dormant Main Cause: Weak Authentication October 2016
  • 10. auth0.com Hackers Hack Jeep Cherokee Through On-Board Cellular System, Are Able To Remotely Kill Engine, Access CAN Bus Main Cause: Weak Authentication July 2015
  • 11. auth0.com Hacker Jack Barnaby Can Wirelessly Scan & Hack Medtronic Insulin Pump, Company Denies & Jack Found Dead Main Cause: Weak Authentication February 2012
  • 12. Warning Devices & Things Security Privacy Machine Virtual Resources (Files | Mining | DDOS) Virtual + Physical Resources (Files / Mining / DDOS | Internal Damage) Provided Data (Uploaded Data) Devices Things Physical Resources (Internal / External Damage) Provided + Sensor Data (Recorded Data | GPS / Video / Sound) Sensor Data (Video / Sound / Heat / Usage) Category
  • 13. Digital Identity Future ● Apply same techniques for machines as for humans... > passwords are biggest security problem to Internet of Things > trusted tokens / side-channel is actually easier for machines > metrics requires local authentication standards (WebAuthN / FIDO 2.0) ● Solve scale/performance/connectivity challenge for machines… > stateless technology seems required (scalability / server-disconnected) > distributed technology seems required (performance / cloud-disconnected) > local technology seems required (connectivity)