Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
As IoT insecurity creates vulnerabilities, policymakers become concerned about the health of the Internet. How can public policy address these concerns in a smart way, targeting their efforts to improve IoT security without imposing unnecessary costs across the Internet ecosystem or creating unintended effects? What is the role of government versus industry?
Jason Livingood
Vice President, Technology Policy & Standards, Comcast
https://www.cablelabs.com/informed/
In developing for IoT, security is not often the highest priority: APIs exposed without care and devices deployed with default passwords become gateways to your network and your data. Many best practices can be used to thwart attacks on your devices, but they have to be thought through from the first architectural design. This session covers many recent IoT attacks, their consequences, and how they could have been prevented. It also explores the many security levels one device can have, from totally exposed to completely secured against physical tampering and identity theft.
Enabling Data Protection through PKI encryption in IoT m-Health DevicesCharalampos Doukas
Short presentation about a gateway-based solution for medical data encryption and the Internet of Things. Paper presented at 12th IEEE International Conference on BioInformatics and BioEngineering
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
As IoT insecurity creates vulnerabilities, policymakers become concerned about the health of the Internet. How can public policy address these concerns in a smart way, targeting their efforts to improve IoT security without imposing unnecessary costs across the Internet ecosystem or creating unintended effects? What is the role of government versus industry?
Jason Livingood
Vice President, Technology Policy & Standards, Comcast
https://www.cablelabs.com/informed/
In developing for IoT, security is not often the highest priority: APIs exposed without care and devices deployed with default passwords become gateways to your network and your data. Many best practices can be used to thwart attacks on your devices, but they have to be thought through from the first architectural design. This session covers many recent IoT attacks, their consequences, and how they could have been prevented. It also explores the many security levels one device can have, from totally exposed to completely secured against physical tampering and identity theft.
Enabling Data Protection through PKI encryption in IoT m-Health DevicesCharalampos Doukas
Short presentation about a gateway-based solution for medical data encryption and the Internet of Things. Paper presented at 12th IEEE International Conference on BioInformatics and BioEngineering
IoT Security – Executing an Effective Security Testing Process EC-Council
Deral Heiland CISSP, serves as a the Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 10+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on a numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including ABC World News Tonight, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.
IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy.
This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
An overview of Secure IoT development using Java technologies. A brief overview of some recent attacks, some considerations on what to consider and the related Java technologies
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsDesign World
In this webinar we will discuss the state of security for IoT devices, the threats that exists for IoT devices and the challenges for building secure IoT devices. We will also discuss the technologies available to ensure your IoT device is secure.
Security in the Internet Of Things.
Every IoT project must be designed with security in mind. Identity Relationship Management is a must for a successful IoT implementation.
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
Internet Society (ISOC) aims are:
make security an integrated function of connected objects and encourages IoT device and service providers for consumers to adopt the Online Trust Alliance (OTA) security and privacy principles ;
increase the consumer demand for security and privacy in the IoT devices they purchase;
create government policies and regulations that promote better security and privacy features in IoT devices.
The IoT Era Begins
Components of IoT-Enabled Things
IoT Reference model
IoT Security
IoT Security & Privacy Req. defined by ITU-T
An IoT Security Framework
IoT Security Challenges
Internet of Things - Liability
IoT security tools
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityCableLabs
As IoT insecurity creates vulnerabilities, policymakers become concerned about the health of the Internet. How can public policy address these concerns in a smart way, targeting their efforts to improve IoT security without imposing unnecessary costs across the Internet ecosystem or creating unintended effects? What is the role of government versus industry?
Rob Alderfer, Moderator
Vice President Technology Policy, CableLabs
Gerald Faulhaber
Professor Emeritus, Business Economics & Public Policy, Wharton School
Chaz Lever
Lead Reseacher, Georgia Tech
Jason Livingood
Vice President, Technology Policy & Standards, Comcast
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
While the Internet of Things (IoT) is growing significantly in the number of devices and capabilities, there is little thought given to security by the manufacturers and software developers for these devices. This talk will explore one mechanism, using open standards, to add a layer of security and convenience for devices connecting to a personal cloud including the challenges that exist to make it a reality.
Embedded computing is everywhere. It is in our car engines, refrigerators, and even in the singing greeting cards we send. With improvements in wireless technology, these systems are starting to talk with each other, and they are appearing in places like our shoes and wrists to monitor our athletic activity or health. This emerging Internet of Everything (IoE) has tremendous potential to improve our lives. But like any powerful technology, it also has a dark side: it will observe and implement many of our actions. Security in the IoE is likely to be even more critical than general Internet security. After reviewing some of the challenges in creating a secure IoE, Horowitz will describe a new research program at Stanford to address this issue.
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesDenim Group
IoT devices are proliferating throughout corporate networks raising concerns about security risks they may introduce. However, IoT technologies differ in many ways from most enterprise-ready technologies that currently exist. Understanding the risks that IoT represents and how to best quantify that risk can be a challenge for many security leaders. This webinar provides an overview of IoT architectures, how they differ from existing infrastructure devices, and how best to measure the risk IoT devices represent. It will expose attendees to concepts like Threat Modeling for IoT and provide additional references that will help build a successful IoT security assessment program.
IoT stands for Internet of Things.The internet of things, or IoT, is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.
IoT Security Training covers The Internet of Things security and examines IoT conventions, potential dangers, vulnerabilities, misuse, information breaks, security system and alleviation. IoT security training, Internet of Things (IoT) devices Include: manufacturers, retailers in customer hardware, social insurance, processing plant production network stockrooms, transportation offices and numerous others.
Learn about:
IoT Principles: The Internet of Things Overview
Principles for Connected Devices
IoT Design Principles
Principles of IoT Security
IoT Attack Areas
IoT Vulnerabilities
IoT Firmware Analysis
IoT Software Weaknesses
IoT Security Verification, Validation and Testing
IoT Security Assessment on IoT devices
Assessing IoT devices attack surfaces
Evaluation of IoT device firmware analysis, attack surface
Vulnerabilities and exploiting the vulnerabilities
Course Topics Include:
Overview and analysis of IoT devices and IoT implementation use cases
IoT Architecture
IoT Architectural and Design Requirements
IoT Security Fundamentals
IoT Security Standards
NIST Framework: Cyber Physical Systems
IoT Governance and Risk Management
IoT Security Compliance and Audit
IoT Encryption and Key Management
IoT Identity and Access Management IoT Security Challenges
IoT Security in Critical Infrastructure
IoT Security in Personal infrastructure
IoT Vulnerabilities
Wireless Security applied to IoT
ZigBee and Bluetooth Security
LTE and Mobile Security
Cloud-based web interface security
Call us today at +1-972-665-9786. Learn more about this course audience, objectives, outlines, seminars, pricing , any other information. Visit our website link below.
IoT SecurityTraining, IoT Security Awareness 2019
https://www.tonex.com/training-courses/iot-security-training-iot-security-awareness/
IoT Security Imperative: Stop your Fridge from Sending you SpamAmit Rohatgi
We've all heard the continuing news about or been victims of hacked passwords, data breaches, identity theft and lost privacy, because our heavy reliance on Internet connectivity. Our digital world necessitates ever improving security. But now we're on the cusp of a major revolution where our appliances, cars, clothes and the very fabric of our lives (no pun intended) are also connected. Software and silicon designers must take active design measures for ensuring user data. In this talk, Amit Rohatgi, president of the prpl Foundation, will outline the market and technical challenges as well as the essential measures in the design phase for securing our ever-more-connected digital world. He will also discuss why open-source is appropriately suited for addressing theses challenge and how the prpl Foundation is tackling this from the ground-up.
Are you ready for the next attack? reviewing the sp security checklist (apnic...Barry Greene
Rethinking Security and how you can Act on Meaningful Change
What the industry recommends to protect your network is NOT working! The industry is stuck in a dysfunctional ecosystem that encourages the cyber-criminal innovation at the cost to business and individual loss throughout the world. We do not need a “Manhattan Project” for the security of the Internet. What we need are tools to help operators throughout the world ask the right question that would lead them to meaningful action. Security empowerment must empower the grassroots and provide the tools to push back on the root cause. This talk will explore these issues, highlight the dysfunction in our “security” economy, and present “take home” tools that would facilitate immediate action.
IoT Security – Executing an Effective Security Testing Process EC-Council
Deral Heiland CISSP, serves as a the Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 10+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on a numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including ABC World News Tonight, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.
IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy.
This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
An overview of Secure IoT development using Java technologies. A brief overview of some recent attacks, some considerations on what to consider and the related Java technologies
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsDesign World
In this webinar we will discuss the state of security for IoT devices, the threats that exists for IoT devices and the challenges for building secure IoT devices. We will also discuss the technologies available to ensure your IoT device is secure.
Security in the Internet Of Things.
Every IoT project must be designed with security in mind. Identity Relationship Management is a must for a successful IoT implementation.
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
Internet Society (ISOC) aims are:
make security an integrated function of connected objects and encourages IoT device and service providers for consumers to adopt the Online Trust Alliance (OTA) security and privacy principles ;
increase the consumer demand for security and privacy in the IoT devices they purchase;
create government policies and regulations that promote better security and privacy features in IoT devices.
The IoT Era Begins
Components of IoT-Enabled Things
IoT Reference model
IoT Security
IoT Security & Privacy Req. defined by ITU-T
An IoT Security Framework
IoT Security Challenges
Internet of Things - Liability
IoT security tools
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityCableLabs
As IoT insecurity creates vulnerabilities, policymakers become concerned about the health of the Internet. How can public policy address these concerns in a smart way, targeting their efforts to improve IoT security without imposing unnecessary costs across the Internet ecosystem or creating unintended effects? What is the role of government versus industry?
Rob Alderfer, Moderator
Vice President Technology Policy, CableLabs
Gerald Faulhaber
Professor Emeritus, Business Economics & Public Policy, Wharton School
Chaz Lever
Lead Reseacher, Georgia Tech
Jason Livingood
Vice President, Technology Policy & Standards, Comcast
Internet of Things: Identity & Security with Open StandardsGeorge Fletcher
While the Internet of Things (IoT) is growing significantly in the number of devices and capabilities, there is little thought given to security by the manufacturers and software developers for these devices. This talk will explore one mechanism, using open standards, to add a layer of security and convenience for devices connecting to a personal cloud including the challenges that exist to make it a reality.
Embedded computing is everywhere. It is in our car engines, refrigerators, and even in the singing greeting cards we send. With improvements in wireless technology, these systems are starting to talk with each other, and they are appearing in places like our shoes and wrists to monitor our athletic activity or health. This emerging Internet of Everything (IoE) has tremendous potential to improve our lives. But like any powerful technology, it also has a dark side: it will observe and implement many of our actions. Security in the IoE is likely to be even more critical than general Internet security. After reviewing some of the challenges in creating a secure IoE, Horowitz will describe a new research program at Stanford to address this issue.
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesDenim Group
IoT devices are proliferating throughout corporate networks raising concerns about security risks they may introduce. However, IoT technologies differ in many ways from most enterprise-ready technologies that currently exist. Understanding the risks that IoT represents and how to best quantify that risk can be a challenge for many security leaders. This webinar provides an overview of IoT architectures, how they differ from existing infrastructure devices, and how best to measure the risk IoT devices represent. It will expose attendees to concepts like Threat Modeling for IoT and provide additional references that will help build a successful IoT security assessment program.
IoT stands for Internet of Things.The internet of things, or IoT, is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.
IoT Security Training covers The Internet of Things security and examines IoT conventions, potential dangers, vulnerabilities, misuse, information breaks, security system and alleviation. IoT security training, Internet of Things (IoT) devices Include: manufacturers, retailers in customer hardware, social insurance, processing plant production network stockrooms, transportation offices and numerous others.
Learn about:
IoT Principles: The Internet of Things Overview
Principles for Connected Devices
IoT Design Principles
Principles of IoT Security
IoT Attack Areas
IoT Vulnerabilities
IoT Firmware Analysis
IoT Software Weaknesses
IoT Security Verification, Validation and Testing
IoT Security Assessment on IoT devices
Assessing IoT devices attack surfaces
Evaluation of IoT device firmware analysis, attack surface
Vulnerabilities and exploiting the vulnerabilities
Course Topics Include:
Overview and analysis of IoT devices and IoT implementation use cases
IoT Architecture
IoT Architectural and Design Requirements
IoT Security Fundamentals
IoT Security Standards
NIST Framework: Cyber Physical Systems
IoT Governance and Risk Management
IoT Security Compliance and Audit
IoT Encryption and Key Management
IoT Identity and Access Management IoT Security Challenges
IoT Security in Critical Infrastructure
IoT Security in Personal infrastructure
IoT Vulnerabilities
Wireless Security applied to IoT
ZigBee and Bluetooth Security
LTE and Mobile Security
Cloud-based web interface security
Call us today at +1-972-665-9786. Learn more about this course audience, objectives, outlines, seminars, pricing , any other information. Visit our website link below.
IoT SecurityTraining, IoT Security Awareness 2019
https://www.tonex.com/training-courses/iot-security-training-iot-security-awareness/
IoT Security Imperative: Stop your Fridge from Sending you SpamAmit Rohatgi
We've all heard the continuing news about or been victims of hacked passwords, data breaches, identity theft and lost privacy, because our heavy reliance on Internet connectivity. Our digital world necessitates ever improving security. But now we're on the cusp of a major revolution where our appliances, cars, clothes and the very fabric of our lives (no pun intended) are also connected. Software and silicon designers must take active design measures for ensuring user data. In this talk, Amit Rohatgi, president of the prpl Foundation, will outline the market and technical challenges as well as the essential measures in the design phase for securing our ever-more-connected digital world. He will also discuss why open-source is appropriately suited for addressing theses challenge and how the prpl Foundation is tackling this from the ground-up.
Are you ready for the next attack? reviewing the sp security checklist (apnic...Barry Greene
Rethinking Security and how you can Act on Meaningful Change
What the industry recommends to protect your network is NOT working! The industry is stuck in a dysfunctional ecosystem that encourages the cyber-criminal innovation at the cost to business and individual loss throughout the world. We do not need a “Manhattan Project” for the security of the Internet. What we need are tools to help operators throughout the world ask the right question that would lead them to meaningful action. Security empowerment must empower the grassroots and provide the tools to push back on the root cause. This talk will explore these issues, highlight the dysfunction in our “security” economy, and present “take home” tools that would facilitate immediate action.
Speaking from experience building MyGet.org: users are insane. If you are lucky, they use your service, but in reality, they probably abuse. Crazy usage patterns resulting in more requests than expected, request bursts when users come back to the office after the weekend, and more! These all pose a potential threat to the health of our web application and may impact other users or the service as a whole. Ideally, we can apply some filtering at the front door: limit the number of requests over a given timespan, limiting bandwidth, ...
In this talk, we’ll explore the simple yet complex realm of rate limiting. We’ll go over how to decide on which resources to limit, what the limits should be and where to enforce these limits – in our app, on the server, using a reverse proxy like Nginx or even an external service like CloudFlare or Azure API management. The takeaway? Know when and where to enforce rate limits so you can have both a happy application as well as happy customers.
BIND’s New Security Feature: DNSRPZ - the "DNS Firewall"Barry Greene
Learn how to turn your network’s DNS into a Security Tool! Webinar-Oct 12th
What do you do if the security tools are not protecting your network? Cyber-criminals are constantly finding ways to bypass your security tools and own your network. When the threat changes, you should grow with the threat - think out of the box – using tools that the criminals have not yet considered; the DNS.
ISC’s Internet Critical Open Source DNS software BIND has a new feature that would turn a DNS Caching Resolver into a tool to help protect your network from malware. All the computers in your network must contact your DNS Resolvers to get to the outside world. Your DNS Resolvers are critical “choke-point” for which all devices in your network must interact to get to the outside world. This "choke-point" is a logical choice to put security capabilities to check if a domain is "clean" or "dirty."
How can you have your DNS Resolver check if a domain is clean or dirty? Use BIND’s new feature – the DNS Response Policy Zone (DNSRPZ). DNSRPZ uses secure and fast zone transfer technologies to pull down black list of bad domains and put them into your DNS resolver.
The archived recording of the Webinar is here: www.isc.org/webinars
Who should watch this Webinar?
E-mail Administrators: Find out how DNSRPZ offers more effective way to work with the Anti-Spam black list.
Network Operators: Learn how DNSRPZ can be used inside your network to keep your users from being in-inadvertently infected by malware, zero-days, and malvertisements.
Security Engineers: Discover how DNSRPZ is a tool to help contain infections that get into your network and try to “call home” to a BOTNET controller.
Hosting Providers: By default, most of your hosting customers are using your DNS resolvers. Learn how DNSRPZ can help prevent and contain the threat of your customers getting infected.
Service Providers: Learn how to turn your DNS services into a tool to help protect all your customers from infection.
Mobile Telecoms Operators: Find a new tool that would prevent miscreant smart phone applications from calling home with DNS and infecting your customer’s phones.
SCADA and Critical Industrial System Operators: Learn how DNSRPZ is a tool to help protect legacy control systems that need DNS to work.
OpenDNS Enterprise Web Filtering allows organizations of all sizes to block websites at work. Choose from over 50 customizable categories. Use block page bypass to grant exceptions to your Web filtering policy. OpenDNS Enterprise offers web filtering without an appliance, can be deployed nearly instantly, and can be managed anywhere you have an Internet connection.
We browse the Internet. We host our applications on a server or a cloud that is hooked up with a nice domain name. That’s all there is to know about DNS, right? This talk is a refresher about how DNS works. How we can use it and how it can affect availability of our applications. How we can use it as a means of configuring our application components. How this old geezer protocol is a resilient, distributed system that is used by every Internet user in the world. How we can use it for things that it wasn’t built for. Come join me on this journey through the innards of the web!
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsMaxim Salnikov
The ForgeRock Identity Platform and Edge security solution can turn any IoT device into a secure, trusted active subject enrolled and on-boarded from a hardware based root of trust to become an autonomous entity in your business relationship eco system represented by a digital twin.
Las organizaciones necesitan evolucionar más allá del nombre de usuario y contraseña básico y asegurar las transacciones en línea con un abanico de opciones de autenticación segura.
A joint presentation of Gary Williams of Schneider Electric and Michael Coden of NextNine at the 10th Annual Conference of the American Petroleum institute. The presentation discusses benefits, disadvantages, and architectures for allowing 3rd party access.
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerAbhinav Biswas
With the advent of IOT, Every 'Thing' is getting Smart, starting from the range of smartwatches, smart refrigerators, smart bulbs to smart car, smart healthcare, smart agriculture, smart retail, smart city and what not, even smart planet. But why is every thing getting smart? People are trying to bridge the gap between Digital World & Physical World by means of ubiquitous connectivity to Internet, and when digital things become physical, digital threats also become physical threats. Security & Privacy issues are rising as never before. What if the microphone in your smart TV can be used to eavesdrop the private communications in your bed room? What if a smart driverless car deliberately crashes itself into an accident? What if you want to be Anonymous over Internet and don't want anybody to track you?
This talk will focus on answering the above questions with a view on 'What are we currently doing to protect ourselves' and 'What we need to do'. What are the new security challenges that are coming up and how privacy & anonymity is taking the lead over security. The talk will also sensitive the audience about the paradigm shift that is happening in IOT DevOps, with help of Docker Containers and how they can be anonymised using TOR.
Protecting Data with Short-Lived Encryption Keys and Hardware Root of TrustDan Griffin
The US National Security Agency has been public about the inevitability of mobile computing and the need to support cloud-based service use for secret projects. General Alexander, head of the NSA, recently spoke of using smartphones as ID cards on classified networks.
And yet, mobile devices have a poor security track record, both as data repositories and as sources of trustworthy identity information. Cloud services are no better: current security features are oriented toward compliance and not toward real protection.
What if we could provide a strong link between mobile device identity, integrity, and the lifecycle of data retrieved from the cloud using only the hardware shipped with modern smartphones and tablets?
The good news is that we can do that with the trusted execution environment (TEE) features of the common system on a chip (SOC) mobile processor architectures using 'measurement-bound' encryption. This presentation describes how data can be encrypted to a specific device, how decryption is no longer possible when the device is compromised, and where the weaknesses are. I demonstrate measurement-bound encryption in action. I also announce the release of an open-source tool that implements it as well as a paper that describes the techniques for time-bound keys.
This is likely the very same way that NSA will be protecting the smartphones that will be used for classified information retrieval. Learn how your government plans to keep its own secrets and how you can protect yours.
PKI in DevOps: How to Deploy Certificate Automation within CI/CDDevOps.com
DevOps and CI/CD make for faster code releases, but they also create new challenges for security practices. Think about TLS and code-signing certificates. Almost every component in CI/CD – binaries, builds, web servers and containers – needs certificates to authenticate and verify trust, but traditional PKI processes just can't scale in DevOps environments.
Join Keyfactor and Infinite Ranges to learn how PKI and certificate management fits within the CI/CD pipeline and why an integrated and automated approach is key to success. In this webinar, we'll discuss:
How applications in the DevOps toolchain use PKI (i.e. Jenkins, Kubernetes, Istio, etc.)
The risks of unmanaged or untracked certificates in DevOps environments
Best practices to support visibility, compliance and automation of certificates in CI/CD
The Federation for Identity and Cross-Credentialing Systems (FiXs) is a coalition of commercial companies, government contractors, and not-for-profit organizations who have established and maintain a worldwide, interoperable identity and cross-credentialing network built on security, privacy, trust, standard operating rules, policies, and technical standards. Founded and incorporated as a not for profit in 2004 and based in Fairfax, Virginia, FiXs was formed to pilot a federated identity transaction model.
FiXs provides a trusted mechanism for federated identity infrastructure within and between public and private sector organizations with accuracy and trust through the application of a Federated Trust Model. The FiXs network capabilities can be accessed worldwide, in remote or fixed environments, wired or wirelessly, and in real-time.
Modeled after the financial industry’s highly-secure and widely-accepted ATM (Automated Teller Machine) approach, the FiXs network is a secure, scalable system that provides trusted, interoperable identity verification and credential authentication for network users accessing a range of government and commercial facilities. The FiXs network meets federally-mandated requirements, supports physical and logical access applications and integrates with an organization’s existing personnel system, while leveraging the network’s economies of scale.
The Federation includes more than 20 members, including systems integrators, financial institutions, and organizations focused on promoting improved workforce protection and systems security for critical infrastructure. The U.S. Department of Defense (DoD) and the General Services Administration (GSA) are participating government organizations. FiXs members contribute ideas, technologies, and best practices for implementing a secure identity cross-credentialing network based on open standards, sound business processes, and proven technologies and security.
The FiXs network uses available identity credential technology in conjunction with biometric identification. FiXs can be used within and between public and private sector organizations and promotes a trusted mechanism for federated identity infrastructures. It is important to note that FiXs does not grant or deny physical or logical access for any credential bearer. Rather, it delivers a trusted infrastructure that provides participating members with an assured means to authenticate the actual identity of individuals presenting FiXs-certified credentials for access to facilities and systems.
FiXs is an open membership organization. Members join to contribute to and influence the evolution and development of the FiXs network, its capabilities, and certified applications, to learn the latest technologies and strategies for robust identity management programs, and to meet and engage in dialogue with compatible business interests.
Mobile Devices & BYOD Security – Deployment & Best PracticesCisco Canada
Subjects covered will include mobile devices OS security, state of malware on mobile devices, data loss prevention, VPN and remote access, 802.1x and certificate deployment, profiling, posture, web security, MDMs and others. For more information please visit our website: http://www.cisco.com/web/CA/index.html
Best Practices with IoT Security - February Online Tech TalksAmazon Web Services
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. This tech talk will introduce the best practices for IoT Security in the cloud and the access control mechanisms used by AWS IoT. These mechanisms can be used to not only securely build and provision devices, but also to integrate devices with other AWS services to create secure solutions.
Learning Objectives:
• Learn common Internet of Things security issues
• Learn about AWS IoT security and access control mechanisms
• Learn how to build secure interactions with the AWS Cloud
For many companies thinking about moving sensitive data to the cloud, security issues remain a significant concern. But one company, Operational Research Consultants Inc. (ORC) a WidePoint Company, is proving that the cloud really can be made as safe or even safer than on-premise deployments even for organizations as security-focused as the U.S. Federal Government.
– A pioneer in federal identity management:
ORC has been a trusted partner of the U.S. government since the mid-‘90s, when the company launched the Navy Acquisition Public Key Infrastructure to support secure interactions with contractors and suppliers. As the government’s emphasis on information assurance expanded over the next two decades, ORC became a go-to partner for security solutions and one of the first companies authorized to provide government-compliant identity management solutions.
Today ORC manages more than three million identities and has issued more than 10 million federal-compliant digital certificates to a variety of employees, contractors, allies, veterans and citizens conducting business with the government.
- The need for secure and interoperable identification and authentication:
In August 2004, the Bush administration issued a Homeland Security Presidential Directive (HSPD-12) to secure federal facilities and resources by establishing a government-wide standard for secure and reliable forms of identification. Going far beyond simply issuing ID badges to government employees, this initiative would focus on the processes needed to issue secure personal credentials, on methods to validate those issuance processes and credentials and on managing risk and quality throughout the lifecycle of the credentials.
The Personal Identity Verification (PIV) program implements these processes, and FIPS (Federal Information Processing Standard) 201 specifies interface and data elements of the PIV smart card. Among the data elements on a PIV card are one or more asymmetric private cryptographic keys. Departments and agencies must use a compliant public key infrastructure (PKI) to issue digital certificates to users. The PIV initiative has also spawned other high assurance credentials that support specific Business-to-Government, Citizen-to-Government and Citizen-to-Business transactions while supporting federated interoperability between the issued credentials. These include various PIV-Interoperable (PIV-I) and PIV variants, such as: Transportation Worker Identification Credential (TWIC®), First Responder Authentication Credentials (FRAC), Commercial Identity Verification (CIV), and External Certificate Authority (ECA) PIV-I that address various regulatory requirements and are built to scale globally. The processes and policies for certificate issuance and the protections afforded to the critical root and issuing certificate authority keys in that PKI are critical factors in the overall assurance level of the system.
Similar to IoT Security in Action - Boston Sept 2015 (20)
An overview of Eurotech's high-accuracy Automatic People and Passenger Counters (APC).
Eurotech's people and passenger counting systems are compact and autonomous devices designed to be installed above doorways of buses, trains, buildings and any other area where access monitoring is required.
Incorporating IoT and cloud infrastructures allows integration with people management applications such as fleet and public transport optimization, allowing train or bus lines and schedules to be adjusted according to the passenger flow.
Based on a stereoscopic vision system, our people counting devices ensure reliable and precision performance while their rugged design makes them suitable to the most demanding environments.
Developing Interoperable Components for an Open IoT Foundation Eurotech
In this presentation Eurotech and Red Hat present Kapua, a modular cloud platform that provides management for Internet of Things (IoT) gateways and smart edge devices. It represents a key milestone towards the development of a truly open, end-to-end foundation for IoT and its ecosystem of partners and solutions. Kapua provides a core integration framework with services for device registry, data and device management, message routing, and applications.
IoT Solutions Made Simple with Everyware IoTEurotech
Everyware IoT is the IoT architecture designed by Eurotech: it is flexible, end-to-end and open. Its building blocks are the Multi-service IoT Gateways, Everyware Software Framework (ESF), the Java OSGi software framework for IoT gateways and Everyware Cloud, the IoT integration platform.
Intelligent IoT gateway: pushing analytics at the edgeEurotech
The intelligent gateway for Internet of Things (IoT) is based on the principle of pushing as much computing to the edge as possible, removing the need to ship massive data to the cloud. Instead, essential data analytics, transformation, and routing occur at the gateway, triggering business rules that automate machine operations as well as back-end processes. In this presentation, Eurotech will present a reference architecture for IoT systems and some typical use cases.
Eclipse kura in industry 4.0 david woodardEurotech
KURA is the open source Java and OSGi based Application Framework for M2M Service Gateways in the Eclipse IoT Working Group. Its purpose is to simplify the design, deployment and remote management of embedded applications.This presentation introduces Kura Wires, a new feature offering a Dataflow Programming Model suitable for Industry 4.0 solutions.
Building IoT Mashups for Industry 4.0 with Eclipse Kura and Kura WiresEurotech
Having trouble in addressing the challenges of IoT and Industry 4.0 like fragmentation, complexity and lock-in? In the context of IIoT, at the field level, we believe Eclipse Kura can be the right solution for the mentioned problems. Read the entire presentation!
IoT Solutions for Smart Energy Smart Grid and Smart Utility ApplicationsEurotech
Smart Energy Smart Grid and Smart Infrastructure - Many Applications and Devices
An introduction to Eurotech' s IoT Field-to-Application Building Blocks for the Energy and Utility Industry
Vivere del Cambiamento: tracciare la rotta verso l'industria 4.0Eurotech
The IoT is the manifestation that the raw material of the information age is data. Data is the new source of innovation and the lever to achieve business sustainability. By extracting data from assets and products, companies can become more efficient through a strategic rethinking of their business processes. In so doing, companies will add the required readiness to shift from products to services, and eventually enter in the outcome economy. To truly embrace the digital transformation, organizations need to collect actionable data from their assets, processes, and products and then connect the OT world where data are generated to IT world where data are consumed. To make this happen, a IoT integration platform, that gives to the App an easy and versatile access to the data, is required . As a matter of fact the IoT essence resides in an impressive simplification of the OT-IT integration. The benefits are huge: the transformation of any business into a smart business, increasing competitiveness also in mature markets; the creation of new innovative products and services.
L’IoT industriale e i vantaggi competitivi della trasformazione digitale Eurotech
L’Internet delle cose (IoT) è la manifestazione che la materia prima di questa nuova era sono i dati. I dati sono la nuova fonte d’innovazione e possono dare un nuovo slancio di competitività e sostenibilità alle imprese. Estraendo ed elaborando i dati da infrastrutture, macchinari, processi e prodotti, le aziende potranno diventare molto più efficienti e aumentare la soddisfazione dei clienti, perché saranno messe nelle condizioni di poter ridisegnare le catene di valore, i processi e i modelli di business. Per poter cogliere a pieno i vantaggi della trasformazione digitale che l’IoT produce, le organizzazioni avranno bisogno di raccogliere i dati provenienti dal mondo operativo (mondo OT) in cui i dati vengono generati e connetterli al mondo IT, ovvero la da dove i dati verranno usati.
Per far sì che i tempi ed i costi di un’implementazioni IoT siano contenuti, l’architettura del sistema va, rispetto al passato, drasticamente semplificata e l'integrazione OT-IT va realizzata attraverso componenti software e standard industriali che garantiscano la scalabilità e l’interoperabilità. Durante la presentazione verrà illustrata l’architettura di riferimento alla base di tutte le applicazioni IoT ed alcuni casi implementativi reali.
Reshaping Business Through IoT: Key Technology Factors to ConsiderEurotech
The IoT is the manifestation that the raw material of the information age is datum. Data are the new source of innovation and the lever to achieve business sustainability. By extracting data from assets and products, companies can become more efficient through a strategic rethinking of their value chains and business processes. In so doing, companies will add the required readiness to shift from products to services, and eventually enter in the outcome economy. To truly embrace the digital transformation, organizations need to collect actionable data from their assets, processes, and products and then connect the OT (Operational Technology) world where data are generated to IT (Information Technology) world where data are consumed. Beside predictive maintenance and asset usage maximization/optimization the benefits are huge: the transformation of any business into a smart business, increasing competitiveness also in mature markets; the creation of new innovative products and services; and the enablement of service prosumerization.
To make this happen there are some key technology factors to consider during the implementation of an IoT architecture.
Industrial IoT Mayhem? Java IoT Gateways to the RescueEurotech
Industrial IoT comes with great expectations for operational efficiency, promising improved asset utilization and productivity gains. IIoT challenges include reliability, security, low maintenance, long lifecycle, and integration into heterogeneous and fragmented systems. This session proposes some architectural patterns that can be leveraged to overcome these challenges. It introduces, at the center of the solution, Java-powered IoT gateways and modular IoT application frameworks such as the open source Eclipse Kura. Incorporating a live demonstration, the presentation highlights some of the latest Eclipse Kura features such as a pluggable device model for fieldbus protocols, visual data flow, and connectivity across various IoT cloud service providers.
JavaOne 2016 - Presentation by Dave Woodard and Walt Bowers
IoT the driver of Business Innovation: better products, new services and...Eurotech
The IoT is the manifestation that the raw material of the information age is data. Data is the new source of innovation and the lever to achieve business sustainability. By extracting data from assets and products, companies can become more efficient through a strategic rethinking of their value chains and business processes. In so doing, companies will add the required readiness to shift from products to services, and eventually enter in the outcome economy. To truly embrace the digital transformation, organizations need to collect actionable data from their assets, processes, and products and then connect the OT world where data are generated to IT world where data are consumed. To make this happen, a IoT integration platform, that gives to the App an easy and versatile access to the data, is required . As a matter of fact the IoT essence resides in an impressive simplification of the OT-IT integration through a loosely coupled containerized layered (LC2L) architecture. The benefits are huge: the transformation of any business into a smart business, increasing competitiveness also in mature markets; the creation of new innovative products and services; and the enablement of service prosumerization. Abundance of data is the real essence of IoT, where the App is the tip of the data iceberg.
Enterprise Excellence is Inclusive Excellence.pdfKaiNexus
Enterprise excellence and inclusive excellence are closely linked, and real-world challenges have shown that both are essential to the success of any organization. To achieve enterprise excellence, organizations must focus on improving their operations and processes while creating an inclusive environment that engages everyone. In this interactive session, the facilitator will highlight commonly established business practices and how they limit our ability to engage everyone every day. More importantly, though, participants will likely gain increased awareness of what we can do differently to maximize enterprise excellence through deliberate inclusion.
What is Enterprise Excellence?
Enterprise Excellence is a holistic approach that's aimed at achieving world-class performance across all aspects of the organization.
What might I learn?
A way to engage all in creating Inclusive Excellence. Lessons from the US military and their parallels to the story of Harry Potter. How belt systems and CI teams can destroy inclusive practices. How leadership language invites people to the party. There are three things leaders can do to engage everyone every day: maximizing psychological safety to create environments where folks learn, contribute, and challenge the status quo.
Who might benefit? Anyone and everyone leading folks from the shop floor to top floor.
Dr. William Harvey is a seasoned Operations Leader with extensive experience in chemical processing, manufacturing, and operations management. At Michelman, he currently oversees multiple sites, leading teams in strategic planning and coaching/practicing continuous improvement. William is set to start his eighth year of teaching at the University of Cincinnati where he teaches marketing, finance, and management. William holds various certifications in change management, quality, leadership, operational excellence, team building, and DiSC, among others.
What are the main advantages of using HR recruiter services.pdfHumanResourceDimensi1
HR recruiter services offer top talents to companies according to their specific needs. They handle all recruitment tasks from job posting to onboarding and help companies concentrate on their business growth. With their expertise and years of experience, they streamline the hiring process and save time and resources for the company.
Improving profitability for small businessBen Wann
In this comprehensive presentation, we will explore strategies and practical tips for enhancing profitability in small businesses. Tailored to meet the unique challenges faced by small enterprises, this session covers various aspects that directly impact the bottom line. Attendees will learn how to optimize operational efficiency, manage expenses, and increase revenue through innovative marketing and customer engagement techniques.
Falcon stands out as a top-tier P2P Invoice Discounting platform in India, bridging esteemed blue-chip companies and eager investors. Our goal is to transform the investment landscape in India by establishing a comprehensive destination for borrowers and investors with diverse profiles and needs, all while minimizing risk. What sets Falcon apart is the elimination of intermediaries such as commercial banks and depository institutions, allowing investors to enjoy higher yields.
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...BBPMedia1
Grote partijen zijn al een tijdje onderweg met retail media. Ondertussen worden in dit domein ook de kansen zichtbaar voor andere spelers in de markt. Maar met die kansen ontstaan ook vragen: Zelf retail media worden of erop adverteren? In welke fase van de funnel past het en hoe integreer je het in een mediaplan? Wat is nu precies het verschil met marketplaces en Programmatic ads? In dit half uur beslechten we de dilemma's en krijg je antwoorden op wanneer het voor jou tijd is om de volgende stap te zetten.
Memorandum Of Association Constitution of Company.pptseri bangash
www.seribangash.com
A Memorandum of Association (MOA) is a legal document that outlines the fundamental principles and objectives upon which a company operates. It serves as the company's charter or constitution and defines the scope of its activities. Here's a detailed note on the MOA:
Contents of Memorandum of Association:
Name Clause: This clause states the name of the company, which should end with words like "Limited" or "Ltd." for a public limited company and "Private Limited" or "Pvt. Ltd." for a private limited company.
https://seribangash.com/article-of-association-is-legal-doc-of-company/
Registered Office Clause: It specifies the location where the company's registered office is situated. This office is where all official communications and notices are sent.
Objective Clause: This clause delineates the main objectives for which the company is formed. It's important to define these objectives clearly, as the company cannot undertake activities beyond those mentioned in this clause.
www.seribangash.com
Liability Clause: It outlines the extent of liability of the company's members. In the case of companies limited by shares, the liability of members is limited to the amount unpaid on their shares. For companies limited by guarantee, members' liability is limited to the amount they undertake to contribute if the company is wound up.
https://seribangash.com/promotors-is-person-conceived-formation-company/
Capital Clause: This clause specifies the authorized capital of the company, i.e., the maximum amount of share capital the company is authorized to issue. It also mentions the division of this capital into shares and their respective nominal value.
Association Clause: It simply states that the subscribers wish to form a company and agree to become members of it, in accordance with the terms of the MOA.
Importance of Memorandum of Association:
Legal Requirement: The MOA is a legal requirement for the formation of a company. It must be filed with the Registrar of Companies during the incorporation process.
Constitutional Document: It serves as the company's constitutional document, defining its scope, powers, and limitations.
Protection of Members: It protects the interests of the company's members by clearly defining the objectives and limiting their liability.
External Communication: It provides clarity to external parties, such as investors, creditors, and regulatory authorities, regarding the company's objectives and powers.
https://seribangash.com/difference-public-and-private-company-law/
Binding Authority: The company and its members are bound by the provisions of the MOA. Any action taken beyond its scope may be considered ultra vires (beyond the powers) of the company and therefore void.
Amendment of MOA:
While the MOA lays down the company's fundamental principles, it is not entirely immutable. It can be amended, but only under specific circumstances and in compliance with legal procedures. Amendments typically require shareholder
3.0 Project 2_ Developing My Brand Identity Kit.pptxtanyjahb
A personal brand exploration presentation summarizes an individual's unique qualities and goals, covering strengths, values, passions, and target audience. It helps individuals understand what makes them stand out, their desired image, and how they aim to achieve it.
Cracking the Workplace Discipline Code Main.pptxWorkforce Group
Cultivating and maintaining discipline within teams is a critical differentiator for successful organisations.
Forward-thinking leaders and business managers understand the impact that discipline has on organisational success. A disciplined workforce operates with clarity, focus, and a shared understanding of expectations, ultimately driving better results, optimising productivity, and facilitating seamless collaboration.
Although discipline is not a one-size-fits-all approach, it can help create a work environment that encourages personal growth and accountability rather than solely relying on punitive measures.
In this deck, you will learn the significance of workplace discipline for organisational success. You’ll also learn
• Four (4) workplace discipline methods you should consider
• The best and most practical approach to implementing workplace discipline.
• Three (3) key tips to maintain a disciplined workplace.
1. IoT Security in Action
The Success Story of Everyware Device Cloud by
Eurotech, secured with
DNSSEC and DANE
Andrea Ceiner, Eurotech
Andrew Cathrow, Verisign
IoT Security – Boston, September 2015
2. This presentation has been prepared by Eurotech S.p.A. (or “Eurotech”).
The information contained in this presentation does nor purport to be comprehensive. Neither Eurotech nor any of its officers,
employees, advisers or agents accepts any responsibility for/or makes any representation or warranty, express or implied, as to the
truth, fullness, accuracy or completeness of the information in this presentation (or whether any information has been omitted from
the presentation) or any other information relating to Eurotech, its subsidiaries or associated companies, whether written, oral or in
a visual or electric form, transmitted or made available.
The distribution of this document in other jurisdictions may be restricted by law, and persons into whose possession this
document comes should inform themselves about, and observe, any such restrictions.
No reliance may be placed for any purposes whatsoever on the information contained in this document or any other material
discussed during this presentation, or on its completeness, accuracy or fairness.
The information in this document and any other material discussed at this presentation is subject to verification, completion and
change.
The information and opinions contained in this document are provided as at the date of the presentation and are subject to change
without notice.
Some of the information is still in draft form and will only be finalized.
By attending the presentation you agree to be bound by the foregoing terms.
Trademarks or Registered Trademarks are the property of their respective owners.
Disclaimer
5. Anatomy of an IoT Solution
Transforming Bits of Data at the Edge of the Network into
Actionable Information in the Business Users’ Hands
@
Things Gateways /
Smart Devices
IoT / OT
Platform
Application
6. Requirements for IoT SECURITY at SCALE
Efficiently
Managed
Low Cost
Increased
Trust
Globally
Interoperable
8. M2M / IoT Security
Strong Authentication / Trust Anchors / Verification
@
Things Gateways /
Smart Devices
IoT / OT
Platform
Application
Global DNS
9. IoT Security: ineffective implementation
Why use PKI for Device Identification & Authentication
API keys as
credential
MAC address as
identifier
Device ID hardcoded on
device or configuration file
10. Trusted Authentication
Why PKI based Authentication using DNS ?
Public Key Infrastruture (PKI)
• Trusted and well established technology
• But the scale of IoT introduces new problems and
amplifies old issues
Managability at scale
$$$$$$
$$$$$$
$$$$$$
Cost of Certificates
Security Revocation and reissuance
“Too many CAs” problem
11. Trusted Authentication
Why PKI based Authentication using DNS ?
DNS-based Authentication of Named Entities
(DANE): public standard (IETF RFC 6698)
Key/certificate management and revocation:
effective and easier
Compatible with IoT scale and costs
Based on Open Standards and Open Source
No Lock-in
12. Authentication & Authorization
Everyware Device Cloud integrated with DNSSEC/DANE
Ship the Devices towards their final destination3.Shipment
over-the-air
DISCOVERY PROVISION A&A
4.Power ON
the Device
realtime metrics, events and remotely management within a
secure always-on session
5.Device &
Data
Management
Registering Broker Services (Provisioning and Messaging)
into the Authoritative DNS
1.Cloud Setup
First gateway/device initialization by Manufacturer2.Gateway
(ESF) Setup
13. 4. Power ON the Device
Over-the-air DISCOVERY PROVISION A&A
Here I am, this is my ID … Authenticate me and
Authorize me please !
A&A
(Birth)
WHO IS MY BROKER ?
Broker
Discovery
GIVE ME MY CONFIGURATION PLEASE !Device
Provision
14. STEP 1 - Cloud Services Setup
Registering Broker Services onto Authoritative DNS
Secure DNS provisioning API
- Authoritative DNS
- Validating Recursive DNS
HTTPS POST
Provisioning & Messaging Broker
Services
1
2
Broker Service: PROVISIONING
Broker Service: MESSAGING
15. STEP 2 – M2M Gateway (ESF) Setup
First gateway/device initialization by Manufacturer
HTTPS + 2FA login
2
1
Gateway (ESF) SetUP
•Network configuration
•Domain Name
•Broker Services (Provisioning; Messaging)
•Validating Recursive DNS Server
•Internal temporary Credentials
Create a Provision Request
(Pending)
17. STEP 4 – Power ON the device
4.1 Broker Services DISCOVERY
Tiaki
1
HTTPS:
DISCOVERY (lookup
PTR and associated SRV
and TXT Resource Records
within a DNS zone)
2 PTR & SRV for Provisioning &
Messaging Broker Services
Broker Service: PROVISIONING
Broker Service: MESSAGING
Switch ON
the Device
Secure DNS Query
- Authoritative DNS
- Validating Recursive DNS
18. STEP 4 – Power ON the device
4.2 Device Provision
2
1
MQTTS:
CONNECT with
INTERNAL
credentials
Internal Authentication &
Procesing only if there is a
Pending Provision Request
for that Device
Provision Request Pending
3
4
MQTTS: DEV ID (CN)
5
6
HTTPS: GET DEV ID (CN)
Secure DNS provisioning API
- Authoritative DNS
- Validating Recursive DNS
Generates
Certificate (with
DEV ID CN) &
Publish it to
Cloud
HTTPS: Propagate Self-
signed Certificate
19. STEP 4 – Power ON the device
4.3 Device Authentication & Authorization (BIRTH event)
2
1
MQTTS: publish
TLS+Self-Signed
Certificate
3
Authorize the Device
Secure DNS Queries
- Authoritative DNS
- Validating Recursive DNS
HTTPS get
authentication
21. STEP 4 – Power ON the device
4.4 Device Revoke
HTTPS Remove
Certificate & PropagateNOT Authenticated
3
HTTPS: DISABLE Device
5
1
Block messages from device4
2
mailto/twitter/sms: NOTIFY
Unauthenticated Device
- Authoritative DNS
- Validating Recursive DNS
Secure DNS provisioning APISecure DNS Queries
22. M2M / IoT Security
Holistic Approach is required…
The confidentiality, integrity, and availability of our customers’ data and IoT
infrastructure is of the utmost importance to Eurotech, as it is maintaining
our customers’ trust and confidence. That’s why we make M2M/IoT
communications SECURE and RELIABLE over INSECURE and UNRELIABLE
NETWORKS & MALICIOUS environment.
M2M
Communication
Infrastructure
Device Firmware /
Application
Business
Application
Sensors &
Device
Hardware
Business
Application
Integration
1
2
3
4
5
6
7
8
8
8