SlideShare uma empresa Scribd logo

Perception of Security Issues in the Development of Cloud-IoT Systems by a Novice Programmer

Luca Mannella
Luca Mannella

This is the PowerPoint presentation held by Luca Mannella during WoRIE'21: 10th Workshop on the Reliability of Intelligent Environments. The presented paper is entitled: Perception of Security Issues in the Development of Cloud-IoT Systems by a Novice Programmer.

Engenharia
1 de 20
Baixar para ler offline
Perception of Security Issues in the Development of Cloud-IoT Systems by a Novice Programmer Fulvio CORNO, Luigi DE RUSSIS, and Luca MANNELLA e-Lite Research Group, Politecnico di Torino, Turin, Italy WoRIE’21: June 22nd, 2021 10th Workshop On the Reliability of Intelligent Environments
OUTLINE • Introduction • Use Case Architecture Analysis • Amazon Web Services Security Analysis • Developers’ Perspective on AWS Security • Conclusions & Discussions 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 2
INTRODUCTION • Research Question: Is a Cloud-IoT platform secure when is used by a Novice IoT Programmer? • Novice IoT Programmer • Software developer novice to the IoT world • Not novice to programming • An attractive platform for Novice IoT Programmer: Amazon Web Services • Very famous and widespread • One of the most complete cloud platform • Provides services on demand 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 3
USE CASE ARCHITECTURE ANALYSIS 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 4
A CLOUD-IOT ARCHITECTURE • Sensing devices • Acting devices • Some front-end devices • AWS cloud back-end • Manages the devices • Store data on a database • Provides some APIs for the front-end devices 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 5
MAIN COMMON ATTACK POINTS • Back-end • The developed code inside the AWS Lambda functions • The database 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 6
MAIN COMMON ATTACK POINTS • Back-end • The developed code inside the AWS Lambda functions • The database • Front-end devices • Out of the developer control 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 7
MAIN COMMON ATTACK POINTS • Back-end • The developed code inside the AWS Lambda functions • The database • Front-end devices • Out of the developer control • The data-flows between • The sensors and the back-end • The back-end and the actuators • The APIs’ gateway and the front-end devices 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 8
AMAZON WEB SERVICES SECURITY ANALYSIS 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 9
AWS ANALYSIS • Data Flow Protection • Data could be eavesdropped, tampered with, and forged • AWS requires ciphered connections with its backend • TLS for HTTP connections • IPsec using Amazon VPC • Database Protection • Requests to DB must contain a valid HMAC-SHA256 signature • DynamoDB is accessible via TLS endpoints • Data in transit are protected • By default, DynamoDB data are ciphered at rest • Fine-grained access control policies (through IAM) 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 10
AWS ACCOUNT PROTECTION • Two different types of account • Root user • Identity and Access Management (IAM) users • Created by Root user • An account with customizable privileges • Weakness in Amazon’s policies • Users not forced to create IAM accounts • Password policy is vulnerable to dictionary attacks • E.g.: a password like “Amaz0nWS” is accepted 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 11
DEVELOPERS’ PERSPECTIVE ON AWS SECURITY 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 12
OUR NOVICE PROGRAMMERS • Developers from a consulting engineering company in Italy • They were starting their first Cloud-IoT professional project • They have to work on AWS for the first time • They had just followed a short Cloud-IoT course • That has a final project to deliver • After the course we asked to fulfill the survey • 6 out of 9 attendees from the Cloud-IoT Course (all males) 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 13
DEVELOPER’S PERCEPTION • They feel to be inexperienced about cybersecurity • 5 out of 6 answer 1/5; the other answer 2/5 • Who is in charge of the security of what you developed on AWS? • 2 out of 6 => “Entirely the developer” • 4 out of 6 => “Both developer and AWS” • All think the architecture could include security issues • no one acted to mitigate the security problems in his mind 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 14
DEVELOPER’S PERCEPTION ABOUT THE ARCHITECTURE SECURITY • The most secure point • AWS DynamoDB Database • The less secure point • The data flows between back-end and sensors/actuators • The most critical points 1. Data flows to the actuators 2. The back-end code on AWS Lambda 3. Data flows from the sensors to the backend • The worst consequences 1. Cyber-physical attacks 2. A Data Breach 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 15
SECURITY BEST PRACTICES • They all created “strong” passwords • Dictionary attacks? • Only 1 out of 6 created a IAM account • 2 out of 5 specified they should have • 4 out of 6 did not check if they were using TLS • 5 out of 6 did not check if DB data at rest are encrypted or not • No one used an additional service to improve security • E.g., AWS IoT Device Defender 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 16
CONCLUSIONS & FUTURE WORKS 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 17
CONCLUSIONS • Even professionals does not feel comfortable in cybersecurity • Novice in IoT, not Novice Programmers • Knowing that security is important is not enough to act • 2 out of 6 answer: “security is a responsibility of the developer” • all thought the architecture could be insecure • no one acted to mitigate the problem • AWS is a good choice for implementing a secure Clout-IoT solution • Even for a novice programmer • Suggestions for AWS: • forcing users to create at least one IAM account • password policy should avoid basic dictionary attack 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 18
FUTURE WORKS • Having a survey on a larger sample of Novice IoT Programmers • Analyzing other specifical aspects and platform • E.g., Arduino devices • Provide best practices and tools for developing more reliable IoT systems 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 19
THANK YOU FOR YOUR KIND ATTENTION! ANY QUESTIONS? 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA Fulvio Corno Luigi De Russis Luca Mannella 20

Recomendados

IoT security compliance checklist
IoT security compliance checklistIoT security compliance checklist
IoT security compliance checklistGoWitek Consulting Pvt.Ltd
 
Aws IoT and robotics reinvent attendee guide 2021
Aws IoT and robotics reinvent attendee guide 2021Aws IoT and robotics reinvent attendee guide 2021
Aws IoT and robotics reinvent attendee guide 2021Anthony Charbonnier
 
Entreprises : découvrez les briques essentielles d’une solution IoT
Entreprises : découvrez les briques essentielles d’une solution IoTEntreprises : découvrez les briques essentielles d’une solution IoT
Entreprises : découvrez les briques essentielles d’une solution IoTScaleway
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
IoT architecture
IoT architectureIoT architecture
IoT architectureSumit Sharma
 
WSO2 Platform Introduction
WSO2 Platform IntroductionWSO2 Platform Introduction
WSO2 Platform IntroductionWSO2
 
IoT Broker
IoT BrokerIoT Broker
IoT BrokerFIWARE
 
Arm the World with SPN based Security
Arm the World with SPN based SecurityArm the World with SPN based Security
Arm the World with SPN based SecurityLiwei Ren任力偉
 

Recomendados

IoT security compliance checklist
IoT security compliance checklistIoT security compliance checklist
IoT security compliance checklistGoWitek Consulting Pvt.Ltd
 
Aws IoT and robotics reinvent attendee guide 2021
Aws IoT and robotics reinvent attendee guide 2021Aws IoT and robotics reinvent attendee guide 2021
Aws IoT and robotics reinvent attendee guide 2021Anthony Charbonnier
 
Entreprises : découvrez les briques essentielles d’une solution IoT
Entreprises : découvrez les briques essentielles d’une solution IoTEntreprises : découvrez les briques essentielles d’une solution IoT
Entreprises : découvrez les briques essentielles d’une solution IoTScaleway
 
IoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsIoT Security: Problems, Challenges and Solutions
IoT Security: Problems, Challenges and SolutionsLiwei Ren任力偉
 
IoT architecture
IoT architectureIoT architecture
IoT architectureSumit Sharma
 
WSO2 Platform Introduction
WSO2 Platform IntroductionWSO2 Platform Introduction
WSO2 Platform IntroductionWSO2
 
IoT Broker
IoT BrokerIoT Broker
IoT BrokerFIWARE
 
Arm the World with SPN based Security
Arm the World with SPN based SecurityArm the World with SPN based Security
Arm the World with SPN based SecurityLiwei Ren任力偉
 
Developing Applications with the IoT Button - DevDay Austin 2017
Developing Applications with the IoT Button - DevDay Austin 2017Developing Applications with the IoT Button - DevDay Austin 2017
Developing Applications with the IoT Button - DevDay Austin 2017Amazon Web Services
 
Using FIWARE and Microsoft Azure for the development of IoT solutions
Using FIWARE and Microsoft Azure for the development of IoT solutionsUsing FIWARE and Microsoft Azure for the development of IoT solutions
Using FIWARE and Microsoft Azure for the development of IoT solutionsDunavNET
 
WSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device CloudWSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device CloudWSO2
 
Keepler | IoT Analytics & AI on Edge Computing
Keepler | IoT Analytics & AI on Edge ComputingKeepler | IoT Analytics & AI on Edge Computing
Keepler | IoT Analytics & AI on Edge ComputingKeepler Data Tech
 
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Codit
 
Cloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesCloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesMichele Vecchione
 
Ccl basics
Ccl basicsCcl basics
Ccl basicsSameer Tathare
 
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for businessCreator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for businessPaul Evans
 
Octoblu, the IoT platform
Octoblu, the IoT platformOctoblu, the IoT platform
Octoblu, the IoT platformLudovic Bouvier
 
Cloud Customer Architecture for IoT
Cloud Customer Architecture for IoTCloud Customer Architecture for IoT
Cloud Customer Architecture for IoTCloud Standards Customer Council
 
Using an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsUsing an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsJan Liband
 
Cybesecurity of the IoT
Cybesecurity of the IoTCybesecurity of the IoT
Cybesecurity of the IoTAltoros
 
IoT and Alexa in the connected home
IoT and Alexa in the connected homeIoT and Alexa in the connected home
IoT and Alexa in the connected homeAmazon Web Services
 
Data, Big Data and real time analytics for Connected Devices
Data, Big Data and real time analytics for Connected DevicesData, Big Data and real time analytics for Connected Devices
Data, Big Data and real time analytics for Connected DevicesSrinath Perera
 
IoT security reference architecture
IoT security reference architectureIoT security reference architecture
IoT security reference architectureElias Hasnat
 
Windows for Raspberry Pi 2 Makers (and more!)
Windows for Raspberry Pi 2 Makers (and more!)Windows for Raspberry Pi 2 Makers (and more!)
Windows for Raspberry Pi 2 Makers (and more!)Guy Barrette
 
The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017)
The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017) The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017)
The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017) Codit
 
IoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereIoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereMirco Vanini
 
Creator IoT Framework
Creator IoT FrameworkCreator IoT Framework
Creator IoT FrameworkPaul Evans
 
Creating an Internet of Everything
Creating an Internet of Everything Creating an Internet of Everything
Creating an Internet of Everything AllSeen Alliance
 
Applied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, ParisApplied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, ParisOW2
 
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)Scott Lowe
 

Mais conteúdo relacionado

Mais procurados

Developing Applications with the IoT Button - DevDay Austin 2017
Developing Applications with the IoT Button - DevDay Austin 2017Developing Applications with the IoT Button - DevDay Austin 2017
Developing Applications with the IoT Button - DevDay Austin 2017Amazon Web Services
 
Using FIWARE and Microsoft Azure for the development of IoT solutions
Using FIWARE and Microsoft Azure for the development of IoT solutionsUsing FIWARE and Microsoft Azure for the development of IoT solutions
Using FIWARE and Microsoft Azure for the development of IoT solutionsDunavNET
 
WSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device CloudWSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device CloudWSO2
 
Keepler | IoT Analytics & AI on Edge Computing
Keepler | IoT Analytics & AI on Edge ComputingKeepler | IoT Analytics & AI on Edge Computing
Keepler | IoT Analytics & AI on Edge ComputingKeepler Data Tech
 
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Codit
 
Cloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesCloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesMichele Vecchione
 
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for businessCreator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for businessPaul Evans
 
Octoblu, the IoT platform
Octoblu, the IoT platformOctoblu, the IoT platform
Octoblu, the IoT platformLudovic Bouvier
 
Using an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsUsing an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsJan Liband
 
Cybesecurity of the IoT
Cybesecurity of the IoTCybesecurity of the IoT
Cybesecurity of the IoTAltoros
 
IoT and Alexa in the connected home
IoT and Alexa in the connected homeIoT and Alexa in the connected home
IoT and Alexa in the connected homeAmazon Web Services
 
Data, Big Data and real time analytics for Connected Devices
Data, Big Data and real time analytics for Connected DevicesData, Big Data and real time analytics for Connected Devices
Data, Big Data and real time analytics for Connected DevicesSrinath Perera
 
IoT security reference architecture
IoT security reference architectureIoT security reference architecture
IoT security reference architectureElias Hasnat
 
Windows for Raspberry Pi 2 Makers (and more!)
Windows for Raspberry Pi 2 Makers (and more!)Windows for Raspberry Pi 2 Makers (and more!)
Windows for Raspberry Pi 2 Makers (and more!)Guy Barrette
 
The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017)
The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017) The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017)
The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017) Codit
 
IoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereIoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereMirco Vanini
 
Creator IoT Framework
Creator IoT FrameworkCreator IoT Framework
Creator IoT FrameworkPaul Evans
 
Creating an Internet of Everything
Creating an Internet of Everything Creating an Internet of Everything
Creating an Internet of Everything AllSeen Alliance
 

Mais procurados (20)

Developing Applications with the IoT Button - DevDay Austin 2017
Developing Applications with the IoT Button - DevDay Austin 2017Developing Applications with the IoT Button - DevDay Austin 2017
Developing Applications with the IoT Button - DevDay Austin 2017
 
Using FIWARE and Microsoft Azure for the development of IoT solutions
Using FIWARE and Microsoft Azure for the development of IoT solutionsUsing FIWARE and Microsoft Azure for the development of IoT solutions
Using FIWARE and Microsoft Azure for the development of IoT solutions
 
WSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device CloudWSO2 IoT Server and Device Cloud
WSO2 IoT Server and Device Cloud
 
Keepler | IoT Analytics & AI on Edge Computing
Keepler | IoT Analytics & AI on Edge ComputingKeepler | IoT Analytics & AI on Edge Computing
Keepler | IoT Analytics & AI on Edge Computing
 
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
 
Cloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future ChallangesCloud Security @ TIM - Current Practises and Future Challanges
Cloud Security @ TIM - Current Practises and Future Challanges
 
Ccl basics
Ccl basicsCcl basics
Ccl basics
 
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for businessCreator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
Creator Ci40 IoT kit & Framework - scalable LWM2M IoT dev platform for business
 
Octoblu, the IoT platform
Octoblu, the IoT platformOctoblu, the IoT platform
Octoblu, the IoT platform
 
Cloud Customer Architecture for IoT
Cloud Customer Architecture for IoTCloud Customer Architecture for IoT
Cloud Customer Architecture for IoT
 
Using an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsUsing an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT Applications
 
Cybesecurity of the IoT
Cybesecurity of the IoTCybesecurity of the IoT
Cybesecurity of the IoT
 
IoT and Alexa in the connected home
IoT and Alexa in the connected homeIoT and Alexa in the connected home
IoT and Alexa in the connected home
 
Data, Big Data and real time analytics for Connected Devices
Data, Big Data and real time analytics for Connected DevicesData, Big Data and real time analytics for Connected Devices
Data, Big Data and real time analytics for Connected Devices
 
IoT security reference architecture
IoT security reference architectureIoT security reference architecture
IoT security reference architecture
 
Windows for Raspberry Pi 2 Makers (and more!)
Windows for Raspberry Pi 2 Makers (and more!)Windows for Raspberry Pi 2 Makers (and more!)
Windows for Raspberry Pi 2 Makers (and more!)
 
The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017)
The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017) The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017)
The truth about IoT field gateways (Sam Vanhoutte @IoT Convention Europe 2017)
 
IoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure ShpereIoT Day 2019 Naples - Microsoft Azure Shpere
IoT Day 2019 Naples - Microsoft Azure Shpere
 
Creator IoT Framework
Creator IoT FrameworkCreator IoT Framework
Creator IoT Framework
 
Creating an Internet of Everything
Creating an Internet of Everything Creating an Internet of Everything
Creating an Internet of Everything
 

Semelhante a Perception of Security Issues in the Development of Cloud-IoT Systems by a Novice Programmer

Applied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, ParisApplied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, ParisOW2
 
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)Scott Lowe
 
Cloud 2.0: Containers, Microservices and Cloud Hybridization
Cloud 2.0: Containers, Microservices and Cloud HybridizationCloud 2.0: Containers, Microservices and Cloud Hybridization
Cloud 2.0: Containers, Microservices and Cloud HybridizationMark Hinkle
 
The Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCThe Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCPatrick Sklodowski
 
The New Security Practitioner
The New Security PractitionerThe New Security Practitioner
The New Security PractitionerAdrian Sanabria
 
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016Shannon Lietz
 
Micro Front-End & Microservices - Plansoft
Micro Front-End & Microservices - PlansoftMicro Front-End & Microservices - Plansoft
Micro Front-End & Microservices - PlansoftMiki Lombardi
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaPatrick Sklodowski
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021lior mazor
 
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnoxZero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnoxAccuKnox
 
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshopPriyanka Aash
 
Why cloud native matters
Why cloud native mattersWhy cloud native matters
Why cloud native mattersCheryl Hung
 
Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
Reactive Fast Data & the Data Lake with Akka, Kafka, SparkReactive Fast Data & the Data Lake with Akka, Kafka, Spark
Reactive Fast Data & the Data Lake with Akka, Kafka, SparkTodd Fritz
 
InfoSec 2011: Crash Course Open Source Cloud Computing
InfoSec 2011: Crash Course Open Source Cloud ComputingInfoSec 2011: Crash Course Open Source Cloud Computing
InfoSec 2011: Crash Course Open Source Cloud ComputingMark Hinkle
 
Executive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersExecutive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersNVISIA
 
Kubernetes and Container Technologies from Cloud Native Computing Foundation
Kubernetes and Container Technologies from Cloud Native Computing FoundationKubernetes and Container Technologies from Cloud Native Computing Foundation
Kubernetes and Container Technologies from Cloud Native Computing FoundationCloud Standards Customer Council
 
The Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSXThe Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSXScott Lowe
 
John Merline - How make your cloud SASE
John Merline - How make your cloud SASE John Merline - How make your cloud SASE
John Merline - How make your cloud SASE AWS Chicago
 
Dutchcontainerdays
DutchcontainerdaysDutchcontainerdays
Dutchcontainerdays4bakker
 
Discover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudDiscover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudLaurenWendler
 

Semelhante a Perception of Security Issues in the Development of Cloud-IoT Systems by a Novice Programmer (20)

Applied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, ParisApplied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, Paris
 
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
The Future of Cloud Networking is VMware NSX (Danish VMUG edition)
 
Cloud 2.0: Containers, Microservices and Cloud Hybridization
Cloud 2.0: Containers, Microservices and Cloud HybridizationCloud 2.0: Containers, Microservices and Cloud Hybridization
Cloud 2.0: Containers, Microservices and Cloud Hybridization
 
The Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYCThe Share Responsibility Model of Cloud Computing - ILTA NYC
The Share Responsibility Model of Cloud Computing - ILTA NYC
 
The New Security Practitioner
The New Security PractitionerThe New Security Practitioner
The New Security Practitioner
 
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
 
Micro Front-End & Microservices - Plansoft
Micro Front-End & Microservices - PlansoftMicro Front-End & Microservices - Plansoft
Micro Front-End & Microservices - Plansoft
 
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA PhiladelphiaThe Share Responsibility Model of Cloud Computing - ILTA Philadelphia
The Share Responsibility Model of Cloud Computing - ILTA Philadelphia
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021
 
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnoxZero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
 
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
(SACON 2020) Practical Exploitation of IoT Networks and Ecosystems workshop
 
Why cloud native matters
Why cloud native mattersWhy cloud native matters
Why cloud native matters
 
Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
Reactive Fast Data & the Data Lake with Akka, Kafka, SparkReactive Fast Data & the Data Lake with Akka, Kafka, Spark
Reactive Fast Data & the Data Lake with Akka, Kafka, Spark
 
InfoSec 2011: Crash Course Open Source Cloud Computing
InfoSec 2011: Crash Course Open Source Cloud ComputingInfoSec 2011: Crash Course Open Source Cloud Computing
InfoSec 2011: Crash Course Open Source Cloud Computing
 
Executive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersExecutive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of Containers
 
Kubernetes and Container Technologies from Cloud Native Computing Foundation
Kubernetes and Container Technologies from Cloud Native Computing FoundationKubernetes and Container Technologies from Cloud Native Computing Foundation
Kubernetes and Container Technologies from Cloud Native Computing Foundation
 
The Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSXThe Future of Cloud Networking is VMware NSX
The Future of Cloud Networking is VMware NSX
 
John Merline - How make your cloud SASE
John Merline - How make your cloud SASE John Merline - How make your cloud SASE
John Merline - How make your cloud SASE
 
Dutchcontainerdays
DutchcontainerdaysDutchcontainerdays
Dutchcontainerdays
 
Discover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid CloudDiscover - Securing Your Hybrid Cloud
Discover - Securing Your Hybrid Cloud
 

Último

Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catcherssdickerson1
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvLewisJB
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsSachinPawar510423
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgsaravananr517913
 
Class 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm SystemClass 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm Systemirfanmechengr
 
computer application and construction management
computer application and construction managementcomputer application and construction management
computer application and construction managementMariconPadriquez1
 
Piping Basic stress analysis by engineering
Piping Basic stress analysis by engineeringPiping Basic stress analysis by engineering
Piping Basic stress analysis by engineeringJuanCarlosMorales19600
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substationstephanwindworld
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...Chandu841456
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitter8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitterShivangiSharma879191
 
welding defects observed during the welding
welding defects observed during the weldingwelding defects observed during the welding
welding defects observed during the weldingMuhammadUzairLiaqat
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 

Último (20)

Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor CatchersTechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
TechTAC® CFD Report Summary: A Comparison of Two Types of Tubing Anchor Catchers
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
Work Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvvWork Experience-Dalton Park.pptxfvvvvvvv
Work Experience-Dalton Park.pptxfvvvvvvv
 
Vishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documentsVishratwadi & Ghorpadi Bridge Tender documents
Vishratwadi & Ghorpadi Bridge Tender documents
 
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfgUnit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
Unit7-DC_Motors nkkjnsdkfnfcdfknfdgfggfg
 
Class 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm SystemClass 1 | NFPA 72 | Overview Fire Alarm System
Class 1 | NFPA 72 | Overview Fire Alarm System
 
computer application and construction management
computer application and construction managementcomputer application and construction management
computer application and construction management
 
Piping Basic stress analysis by engineering
Piping Basic stress analysis by engineeringPiping Basic stress analysis by engineering
Piping Basic stress analysis by engineering
 
young call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Serviceyoung call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Service
 
Earthing details of Electrical Substation
Earthing details of Electrical SubstationEarthing details of Electrical Substation
Earthing details of Electrical Substation
 
An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...An experimental study in using natural admixture as an alternative for chemic...
An experimental study in using natural admixture as an alternative for chemic...
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitter8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitter
 
welding defects observed during the welding
welding defects observed during the weldingwelding defects observed during the welding
welding defects observed during the welding
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 

Perception of Security Issues in the Development of Cloud-IoT Systems by a Novice Programmer

  • 1. Perception of Security Issues in the Development of Cloud-IoT Systems by a Novice Programmer Fulvio CORNO, Luigi DE RUSSIS, and Luca MANNELLA e-Lite Research Group, Politecnico di Torino, Turin, Italy WoRIE’21: June 22nd, 2021 10th Workshop On the Reliability of Intelligent Environments
  • 2. OUTLINE • Introduction • Use Case Architecture Analysis • Amazon Web Services Security Analysis • Developers’ Perspective on AWS Security • Conclusions & Discussions 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 2
  • 3. INTRODUCTION • Research Question: Is a Cloud-IoT platform secure when is used by a Novice IoT Programmer? • Novice IoT Programmer • Software developer novice to the IoT world • Not novice to programming • An attractive platform for Novice IoT Programmer: Amazon Web Services • Very famous and widespread • One of the most complete cloud platform • Provides services on demand 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 3
  • 4. USE CASE ARCHITECTURE ANALYSIS 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 4
  • 5. A CLOUD-IOT ARCHITECTURE • Sensing devices • Acting devices • Some front-end devices • AWS cloud back-end • Manages the devices • Store data on a database • Provides some APIs for the front-end devices 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 5
  • 6. MAIN COMMON ATTACK POINTS • Back-end • The developed code inside the AWS Lambda functions • The database 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 6
  • 7. MAIN COMMON ATTACK POINTS • Back-end • The developed code inside the AWS Lambda functions • The database • Front-end devices • Out of the developer control 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 7
  • 8. MAIN COMMON ATTACK POINTS • Back-end • The developed code inside the AWS Lambda functions • The database • Front-end devices • Out of the developer control • The data-flows between • The sensors and the back-end • The back-end and the actuators • The APIs’ gateway and the front-end devices 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 8
  • 9. AMAZON WEB SERVICES SECURITY ANALYSIS 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 9
  • 10. AWS ANALYSIS • Data Flow Protection • Data could be eavesdropped, tampered with, and forged • AWS requires ciphered connections with its backend • TLS for HTTP connections • IPsec using Amazon VPC • Database Protection • Requests to DB must contain a valid HMAC-SHA256 signature • DynamoDB is accessible via TLS endpoints • Data in transit are protected • By default, DynamoDB data are ciphered at rest • Fine-grained access control policies (through IAM) 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 10
  • 11. AWS ACCOUNT PROTECTION • Two different types of account • Root user • Identity and Access Management (IAM) users • Created by Root user • An account with customizable privileges • Weakness in Amazon’s policies • Users not forced to create IAM accounts • Password policy is vulnerable to dictionary attacks • E.g.: a password like “Amaz0nWS” is accepted 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 11
  • 12. DEVELOPERS’ PERSPECTIVE ON AWS SECURITY 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 12
  • 13. OUR NOVICE PROGRAMMERS • Developers from a consulting engineering company in Italy • They were starting their first Cloud-IoT professional project • They have to work on AWS for the first time • They had just followed a short Cloud-IoT course • That has a final project to deliver • After the course we asked to fulfill the survey • 6 out of 9 attendees from the Cloud-IoT Course (all males) 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 13
  • 14. DEVELOPER’S PERCEPTION • They feel to be inexperienced about cybersecurity • 5 out of 6 answer 1/5; the other answer 2/5 • Who is in charge of the security of what you developed on AWS? • 2 out of 6 => “Entirely the developer” • 4 out of 6 => “Both developer and AWS” • All think the architecture could include security issues • no one acted to mitigate the security problems in his mind 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 14
  • 15. DEVELOPER’S PERCEPTION ABOUT THE ARCHITECTURE SECURITY • The most secure point • AWS DynamoDB Database • The less secure point • The data flows between back-end and sensors/actuators • The most critical points 1. Data flows to the actuators 2. The back-end code on AWS Lambda 3. Data flows from the sensors to the backend • The worst consequences 1. Cyber-physical attacks 2. A Data Breach 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 15
  • 16. SECURITY BEST PRACTICES • They all created “strong” passwords • Dictionary attacks? • Only 1 out of 6 created a IAM account • 2 out of 5 specified they should have • 4 out of 6 did not check if they were using TLS • 5 out of 6 did not check if DB data at rest are encrypted or not • No one used an additional service to improve security • E.g., AWS IoT Device Defender 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 16
  • 17. CONCLUSIONS & FUTURE WORKS 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 17
  • 18. CONCLUSIONS • Even professionals does not feel comfortable in cybersecurity • Novice in IoT, not Novice Programmers • Knowing that security is important is not enough to act • 2 out of 6 answer: “security is a responsibility of the developer” • all thought the architecture could be insecure • no one acted to mitigate the problem • AWS is a good choice for implementing a secure Clout-IoT solution • Even for a novice programmer • Suggestions for AWS: • forcing users to create at least one IAM account • password policy should avoid basic dictionary attack 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 18
  • 19. FUTURE WORKS • Having a survey on a larger sample of Novice IoT Programmers • Analyzing other specifical aspects and platform • E.g., Arduino devices • Provide best practices and tools for developing more reliable IoT systems 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA 19
  • 20. THANK YOU FOR YOUR KIND ATTENTION! ANY QUESTIONS? 2021-06-22 WORIE'21: FULVIO CORNO, LUIGI DE RUSSIS, AND LUCA MANNELLA Fulvio Corno Luigi De Russis Luca Mannella 20