SlideShare a Scribd company logo

Iot secure connected devices indicthreads

Download as PPT, PDF
IndicThreads
IndicThreads

Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com --

1 of 48
Building Secure Connected Devices Kedar Sovani
Who am I? • IoT @ Marvell for 7 years • 1st Apple HomeKit SDK, 1st Google Weave on μC • Powering millions of Wi-Fi IoT devices in the field
Anywhere and Everywhere
Google for the term IoT Security
Result Type I: Doomsday Hacking Scenarios
Yes, security is a concern • Increased surface area for attacks • Connects to the physical world around us • Newer and tinier hardware • Newer developers
Courtesy: Darkreading.com Result Type II: Buy Our Product
But How Do I Build for Security?
Secure By Design
Device Interactions #1
Remote Access
Standards! • No home-grown security schemes • Rely on established security standards #2
TLS • Transport Layer Security • Certificate-based Server Authentication • Secure Key Exchange • Encrypted Channel • Certificate-based Device Authentication • Secures Bank Transactions
Technology Advancements • Hardware Capability • Memory • CPU • Strong Software • Many Open Source implementations
Courtesy: Ars Technica An interesting search engine
Malformed Content? • What about: malware/viruses? • Communicate with known server • controller by known entities • Write protection
Local Access
Local Network • Acts as a client for outside world • router firewall • Encrypted traffic at the MAC layer • Requires Password/Certificate for access (explicit delegation)
Switch Network? • Remember AP Security • Force physical access to reset-to-factory
New Device Setup? New Device Setup?
Authenticate the other endpoint! #3
Authenticate the other endpoint!
Compromised User • Guest access to the network? • Malware on user’s phone? • Additional Cryptographic layers on top of the MAC layer • User Management
Tradeoff
Physical Access
Physical modification • Change the server address/keys? • Change the firmware? • Trusted Boot • Signed Firmware • Encryption
Device Phishing • Completely change the device? • Device Authentication – PKI
Zarro Boogs Found! • Firmware upgradeability • Connectivity Bonus: evolving appliances • Fix security vulnerabilities • Possible attack vector 
Scrutinize #4
@kedarsovani Thank You!

Recommended

IoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreads
IndicThreads
 
IoT Best Practices: Unit Testing
IoT Best Practices: Unit TestingIoT Best Practices: Unit Testing
IoT Best Practices: Unit Testing
farmckon
 
Top IOT Testing Challenges Webinar with Jon Hagar
Top IOT Testing Challenges Webinar with Jon HagarTop IOT Testing Challenges Webinar with Jon Hagar
Top IOT Testing Challenges Webinar with Jon Hagar
XBOSoft
 
Internet Of Things
Internet Of ThingsInternet Of Things
Internet Of Things
VodqaBLR
 
Testing IoT Apps with the Cloud
Testing IoT Apps with the CloudTesting IoT Apps with the Cloud
Testing IoT Apps with the Cloud
Josiah Renaudin
 
Internet of Things and Quality Assurance
Internet of Things and Quality AssuranceInternet of Things and Quality Assurance
Internet of Things and Quality Assurance
Khubaib Rehman
 
Atagg2015 iot internet of things - get ready to test the connected future ata...
Atagg2015 iot internet of things - get ready to test the connected future ata...Atagg2015 iot internet of things - get ready to test the connected future ata...
Atagg2015 iot internet of things - get ready to test the connected future ata...
Agile Testing Alliance
 
A Pragmatic Reference Architecture for The Internet of Things
A Pragmatic Reference Architecture for The Internet of ThingsA Pragmatic Reference Architecture for The Internet of Things
A Pragmatic Reference Architecture for The Internet of Things
Rick G. Garibay
 

Recommended

IoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreads
IndicThreads
 
IoT Best Practices: Unit Testing
IoT Best Practices: Unit TestingIoT Best Practices: Unit Testing
IoT Best Practices: Unit Testing
farmckon
 
Top IOT Testing Challenges Webinar with Jon Hagar
Top IOT Testing Challenges Webinar with Jon HagarTop IOT Testing Challenges Webinar with Jon Hagar
Top IOT Testing Challenges Webinar with Jon Hagar
XBOSoft
 
Internet Of Things
Internet Of ThingsInternet Of Things
Internet Of Things
VodqaBLR
 
Testing IoT Apps with the Cloud
Testing IoT Apps with the CloudTesting IoT Apps with the Cloud
Testing IoT Apps with the Cloud
Josiah Renaudin
 
Internet of Things and Quality Assurance
Internet of Things and Quality AssuranceInternet of Things and Quality Assurance
Internet of Things and Quality Assurance
Khubaib Rehman
 
Atagg2015 iot internet of things - get ready to test the connected future ata...
Atagg2015 iot internet of things - get ready to test the connected future ata...Atagg2015 iot internet of things - get ready to test the connected future ata...
Atagg2015 iot internet of things - get ready to test the connected future ata...
Agile Testing Alliance
 
A Pragmatic Reference Architecture for The Internet of Things
A Pragmatic Reference Architecture for The Internet of ThingsA Pragmatic Reference Architecture for The Internet of Things
A Pragmatic Reference Architecture for The Internet of Things
Rick G. Garibay
 
Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.
Archana Krushnan
 
IoT Introduction Architecture and Applications
IoT Introduction Architecture and ApplicationsIoT Introduction Architecture and Applications
IoT Introduction Architecture and Applications
The IOT Academy
 
Mobile and IoT testing
Mobile and IoT testingMobile and IoT testing
Mobile and IoT testing
Langoor Clients
 
IoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT HubIoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT Hub
Marco Silva
 
Azure IoT Hub
Azure IoT HubAzure IoT Hub
Azure IoT Hub
WinWire Technologies Inc
 
Ibm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_CapabilitiesIbm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_Capabilities
IBM_Info_Management
 
IoT Node-Red Presentation
IoT Node-Red PresentationIoT Node-Red Presentation
IoT Node-Red Presentation
The IOT Academy
 
Using an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsUsing an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT Applications
Jan Liband
 
An IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m servicesAn IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m services
Soumya Kanti Datta
 
Architectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsArchitectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud Platforms
Roshan Kulkarni
 
IoT on Azure
IoT on AzureIoT on Azure
IoT on Azure
Vinoth Rajagopalan
 
Demystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT SuiteDemystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT Suite
WinWire Technologies Inc
 
Business Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoTBusiness Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoT
Ilyas F ☁☁☁
 
Internet of things (IoT) with Azure
Internet of things (IoT) with AzureInternet of things (IoT) with Azure
Internet of things (IoT) with Azure
Vinoth Rajagopalan
 
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with AzureGlobal Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Vinoth Rajagopalan
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsGordon Haff
 
Connecting IoT devices to Azure
Connecting IoT devices to AzureConnecting IoT devices to Azure
Connecting IoT devices to Azure
Guy Barrette
 
IoT on the Edge
IoT on the EdgeIoT on the Edge
IoT on the Edge
FIWARE
 
DotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il ConcentratoreDotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il Concentratore
Riccardo Cappello
 
At8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoAt8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoNetPlus
 
Analysing digipaks 3
Analysing digipaks 3Analysing digipaks 3
Analysing digipaks 3JoshWilliamson14
 
At8000 s configurando vlan avancado
At8000 s configurando vlan avancadoAt8000 s configurando vlan avancado
At8000 s configurando vlan avancadoNetPlus
 

More Related Content

What's hot

Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.
Archana Krushnan
 
IoT Introduction Architecture and Applications
IoT Introduction Architecture and ApplicationsIoT Introduction Architecture and Applications
IoT Introduction Architecture and Applications
The IOT Academy
 
Mobile and IoT testing
Mobile and IoT testingMobile and IoT testing
Mobile and IoT testing
Langoor Clients
 
IoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT HubIoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT Hub
Marco Silva
 
Azure IoT Hub
Azure IoT HubAzure IoT Hub
Azure IoT Hub
WinWire Technologies Inc
 
Ibm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_CapabilitiesIbm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_Capabilities
IBM_Info_Management
 
IoT Node-Red Presentation
IoT Node-Red PresentationIoT Node-Red Presentation
IoT Node-Red Presentation
The IOT Academy
 
Using an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsUsing an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT Applications
Jan Liband
 
An IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m servicesAn IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m services
Soumya Kanti Datta
 
Architectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsArchitectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud Platforms
Roshan Kulkarni
 
IoT on Azure
IoT on AzureIoT on Azure
IoT on Azure
Vinoth Rajagopalan
 
Demystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT SuiteDemystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT Suite
WinWire Technologies Inc
 
Business Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoTBusiness Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoT
Ilyas F ☁☁☁
 
Internet of things (IoT) with Azure
Internet of things (IoT) with AzureInternet of things (IoT) with Azure
Internet of things (IoT) with Azure
Vinoth Rajagopalan
 
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with AzureGlobal Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Vinoth Rajagopalan
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsGordon Haff
 
Connecting IoT devices to Azure
Connecting IoT devices to AzureConnecting IoT devices to Azure
Connecting IoT devices to Azure
Guy Barrette
 
IoT on the Edge
IoT on the EdgeIoT on the Edge
IoT on the Edge
FIWARE
 
DotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il ConcentratoreDotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il Concentratore
Riccardo Cappello
 

What's hot (19)

Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.
 
IoT Introduction Architecture and Applications
IoT Introduction Architecture and ApplicationsIoT Introduction Architecture and Applications
IoT Introduction Architecture and Applications
 
Mobile and IoT testing
Mobile and IoT testingMobile and IoT testing
Mobile and IoT testing
 
IoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT HubIoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT Hub
 
Azure IoT Hub
Azure IoT HubAzure IoT Hub
Azure IoT Hub
 
Ibm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_CapabilitiesIbm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_Capabilities
 
IoT Node-Red Presentation
IoT Node-Red PresentationIoT Node-Red Presentation
IoT Node-Red Presentation
 
Using an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsUsing an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT Applications
 
An IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m servicesAn IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m services
 
Architectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsArchitectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud Platforms
 
IoT on Azure
IoT on AzureIoT on Azure
IoT on Azure
 
Demystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT SuiteDemystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT Suite
 
Business Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoTBusiness Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoT
 
Internet of things (IoT) with Azure
Internet of things (IoT) with AzureInternet of things (IoT) with Azure
Internet of things (IoT) with Azure
 
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with AzureGlobal Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of Things
 
Connecting IoT devices to Azure
Connecting IoT devices to AzureConnecting IoT devices to Azure
Connecting IoT devices to Azure
 
IoT on the Edge
IoT on the EdgeIoT on the Edge
IoT on the Edge
 
DotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il ConcentratoreDotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il Concentratore
 

Viewers also liked

At8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoAt8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoNetPlus
 
At8000 s configurando vlan avancado
At8000 s configurando vlan avancadoAt8000 s configurando vlan avancado
At8000 s configurando vlan avancadoNetPlus
 
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
motiondynamicsgadgetguy
 
At8000 s caracteristicas gerais
At8000 s caracteristicas geraisAt8000 s caracteristicas gerais
At8000 s caracteristicas geraisNetPlus
 
Case Study: Marvell
Case Study: MarvellCase Study: Marvell
Case Study: Marvell
SysAid Technologies
 
Real world IoT for enterprises
Real world IoT for enterprisesReal world IoT for enterprises
Real world IoT for enterprises
IndicThreads
 
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
Polaris Associates
 
At8000 s arquitetura de empilhamento
At8000 s arquitetura de empilhamentoAt8000 s arquitetura de empilhamento
At8000 s arquitetura de empilhamentoNetPlus
 
Maxim zap cv_asic_backend_04_13
Maxim zap cv_asic_backend_04_13Maxim zap cv_asic_backend_04_13
Maxim zap cv_asic_backend_04_13
Maxim Zap
 
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
OptimalPlus
 
Summit 16: ARM Mini-Summit - NFV for the Masses - Marvell
Summit 16: ARM Mini-Summit - NFV for the Masses - MarvellSummit 16: ARM Mini-Summit - NFV for the Masses - Marvell
Summit 16: ARM Mini-Summit - NFV for the Masses - Marvell
OPNFV
 
WiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
WiFi (IEEE 802.11 WLAN) Patents for Standard RankingWiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
WiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
Alex G. Lee, Ph.D. Esq. CLP
 

Viewers also liked (13)

At8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoAt8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamento
 
Analysing digipaks 3
Analysing digipaks 3Analysing digipaks 3
Analysing digipaks 3
 
At8000 s configurando vlan avancado
At8000 s configurando vlan avancadoAt8000 s configurando vlan avancado
At8000 s configurando vlan avancado
 
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
 
At8000 s caracteristicas gerais
At8000 s caracteristicas geraisAt8000 s caracteristicas gerais
At8000 s caracteristicas gerais
 
Case Study: Marvell
Case Study: MarvellCase Study: Marvell
Case Study: Marvell
 
Real world IoT for enterprises
Real world IoT for enterprisesReal world IoT for enterprises
Real world IoT for enterprises
 
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
 
At8000 s arquitetura de empilhamento
At8000 s arquitetura de empilhamentoAt8000 s arquitetura de empilhamento
At8000 s arquitetura de empilhamento
 
Maxim zap cv_asic_backend_04_13
Maxim zap cv_asic_backend_04_13Maxim zap cv_asic_backend_04_13
Maxim zap cv_asic_backend_04_13
 
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
 
Summit 16: ARM Mini-Summit - NFV for the Masses - Marvell
Summit 16: ARM Mini-Summit - NFV for the Masses - MarvellSummit 16: ARM Mini-Summit - NFV for the Masses - Marvell
Summit 16: ARM Mini-Summit - NFV for the Masses - Marvell
 
WiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
WiFi (IEEE 802.11 WLAN) Patents for Standard RankingWiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
WiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
 

Similar to Iot secure connected devices indicthreads

Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldJakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Codiax
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdk
Martin Vigo
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Positive Hack Days
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
veerababu penugonda(Mr-IoT)
 
The Internet of Things and You - A Developers Guide to IoT
The Internet of Things and You - A Developers Guide to IoTThe Internet of Things and You - A Developers Guide to IoT
The Internet of Things and You - A Developers Guide to IoT
Jim McKeeth
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2
 
Hack one iot device, break them all!
Hack one iot device, break them all!Hack one iot device, break them all!
Hack one iot device, break them all!
Justin Black
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
Geek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the InternetGeek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the Internet
GeekNightHyderabad
 
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
ハイシンク創研 / Laboratory of Hi-Think Corporation
 
How to create a secure IoT device
How to create a secure IoT deviceHow to create a secure IoT device
How to create a secure IoT device
Abhijeet Rane
 
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
HITCON GIRLS
 
IoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security ControlsIoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security Controls
Jay Nagar
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
ClicTest
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
Man in the Binder
Man in the BinderMan in the Binder
Man in the Bindernitayart
 
IoT World - creating a secure robust IoT reference architecture
IoT World - creating a secure robust IoT reference architectureIoT World - creating a secure robust IoT reference architecture
IoT World - creating a secure robust IoT reference architecture
Paul Fremantle
 
A Reference Architecture for IoT: How to create a resilient, secure IoT cloud
A Reference Architecture for IoT: How to create a resilient, secure IoT cloudA Reference Architecture for IoT: How to create a resilient, secure IoT cloud
A Reference Architecture for IoT: How to create a resilient, secure IoT cloud
WSO2
 
IoT security
IoT securityIoT security
IoT security
YashKesharwani2
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Abhinav Biswas
 

Similar to Iot secure connected devices indicthreads (20)

Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldJakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdk
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
 
The Internet of Things and You - A Developers Guide to IoT
The Internet of Things and You - A Developers Guide to IoTThe Internet of Things and You - A Developers Guide to IoT
The Internet of Things and You - A Developers Guide to IoT
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
 
Hack one iot device, break them all!
Hack one iot device, break them all!Hack one iot device, break them all!
Hack one iot device, break them all!
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Geek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the InternetGeek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the Internet
 
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
 
How to create a secure IoT device
How to create a secure IoT deviceHow to create a secure IoT device
How to create a secure IoT device
 
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
 
IoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security ControlsIoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security Controls
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Man in the Binder
Man in the BinderMan in the Binder
Man in the Binder
 
IoT World - creating a secure robust IoT reference architecture
IoT World - creating a secure robust IoT reference architectureIoT World - creating a secure robust IoT reference architecture
IoT World - creating a secure robust IoT reference architecture
 
A Reference Architecture for IoT: How to create a resilient, secure IoT cloud
A Reference Architecture for IoT: How to create a resilient, secure IoT cloudA Reference Architecture for IoT: How to create a resilient, secure IoT cloud
A Reference Architecture for IoT: How to create a resilient, secure IoT cloud
 
IoT security
IoT securityIoT security
IoT security
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
 

More from IndicThreads

Http2 is here! And why the web needs it
Http2 is here! And why the web needs itHttp2 is here! And why the web needs it
Http2 is here! And why the web needs it
IndicThreads
 
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsUnderstanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
IndicThreads
 
Go Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang wayGo Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang way
IndicThreads
 
Building Resilient Microservices
Building Resilient Microservices Building Resilient Microservices
Building Resilient Microservices
IndicThreads
 
App using golang indicthreads
App using golang indicthreadsApp using golang indicthreads
App using golang indicthreads
IndicThreads
 
Building on quicksand microservices indicthreads
Building on quicksand microservices indicthreadsBuilding on quicksand microservices indicthreads
Building on quicksand microservices indicthreads
IndicThreads
 
How to Think in RxJava Before Reacting
How to Think in RxJava Before ReactingHow to Think in RxJava Before Reacting
How to Think in RxJava Before Reacting
IndicThreads
 
Functional Programming Past Present Future
Functional Programming Past Present FutureFunctional Programming Past Present Future
Functional Programming Past Present Future
IndicThreads
 
Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams
IndicThreads
 
Building & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fameBuilding & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fame
IndicThreads
 
Internet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads ConferenceInternet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads Conference
IndicThreads
 
Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer
IndicThreads
 
Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark
IndicThreads
 
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
IndicThreads
 
Speed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedbackSpeed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedback
IndicThreads
 
Unraveling OpenStack Clouds
Unraveling OpenStack Clouds Unraveling OpenStack Clouds
Unraveling OpenStack Clouds
IndicThreads
 
Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!
IndicThreads
 
Architectural Considerations For Complex Mobile And Web Applications
Architectural Considerations For Complex Mobile And Web Applications Architectural Considerations For Complex Mobile And Web Applications
Architectural Considerations For Complex Mobile And Web Applications
IndicThreads
 
Functional Programming With Lambdas and Streams in JDK8
Functional Programming With Lambdas and Streams in JDK8 Functional Programming With Lambdas and Streams in JDK8
Functional Programming With Lambdas and Streams in JDK8
IndicThreads
 
Changing application demands: What developers need to know
Changing application demands: What developers need to knowChanging application demands: What developers need to know
Changing application demands: What developers need to know
IndicThreads
 

More from IndicThreads (20)

Http2 is here! And why the web needs it
Http2 is here! And why the web needs itHttp2 is here! And why the web needs it
Http2 is here! And why the web needs it
 
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsUnderstanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
 
Go Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang wayGo Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang way
 
Building Resilient Microservices
Building Resilient Microservices Building Resilient Microservices
Building Resilient Microservices
 
App using golang indicthreads
App using golang indicthreadsApp using golang indicthreads
App using golang indicthreads
 
Building on quicksand microservices indicthreads
Building on quicksand microservices indicthreadsBuilding on quicksand microservices indicthreads
Building on quicksand microservices indicthreads
 
How to Think in RxJava Before Reacting
How to Think in RxJava Before ReactingHow to Think in RxJava Before Reacting
How to Think in RxJava Before Reacting
 
Functional Programming Past Present Future
Functional Programming Past Present FutureFunctional Programming Past Present Future
Functional Programming Past Present Future
 
Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams
 
Building & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fameBuilding & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fame
 
Internet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads ConferenceInternet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads Conference
 
Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer
 
Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark
 
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
 
Speed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedbackSpeed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedback
 
Unraveling OpenStack Clouds
Unraveling OpenStack Clouds Unraveling OpenStack Clouds
Unraveling OpenStack Clouds
 
Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!
 
Architectural Considerations For Complex Mobile And Web Applications
Architectural Considerations For Complex Mobile And Web Applications Architectural Considerations For Complex Mobile And Web Applications
Architectural Considerations For Complex Mobile And Web Applications
 
Functional Programming With Lambdas and Streams in JDK8
Functional Programming With Lambdas and Streams in JDK8 Functional Programming With Lambdas and Streams in JDK8
Functional Programming With Lambdas and Streams in JDK8
 
Changing application demands: What developers need to know
Changing application demands: What developers need to knowChanging application demands: What developers need to know
Changing application demands: What developers need to know
 

Iot secure connected devices indicthreads

Editor's Notes

  1. Mention that direct access to the device is protected by the gateway/firewall man in the middle - read/modify traffic replay - open door lock dns spoof - redirect to malicious server
  2. Talk about user-association challenges, TLS, authorized APIs OLA Money example
  3. From an attacker’s point of view, attack vector limited to being near each device and then exploiting the vulnerability
  4. From an attacker’s point of view, attack vector limited to being near each device and then exploiting the vulnerability