SlideShare uma empresa Scribd logo

Blockchain and IAM for IOT Edge Authentication

dsapps
dsapps

We present how blockchain technology can power IOT (internet of things) edge authentication which is critical for security and reliability of millions of iot applications in business, manufacturing, transportation, healthcare, banking etc. sectors.

Engenharia
1 de 29
Baixar para ler offline
Blockchain & IAM for IoT: Edge Authentication Presented by: Sesh Raj, President DSAPPS INC ©2018DSAPPSINC
©2018DSAPPSINC
©2018DSAPPSINC
Question: What is IAM (identity and access management) for IOT? ©2018DSAPPSINC
Traditional IOT IAM managed by cloud Reference: AWS IOT
Comparing Traditional IAM and IOT IAM Traditional IAM IOT IAM End points to manage Typically < 100,000 Can be millions System administration IT and Security departments Operational personnel, plant and business managers Auditing User-centric Device-centric Authenticating process Passwords, biometrics PKI certificates, device behaviors, biometrics Provisioning and registration process Static Dynamic, application driven Self-services Typically web based Also support Bluetooth, DSRC etc. wireless communication
The challenge Establishing identity through X.509 certificates provides a strong authentication system. However, in the IoT domain, many devices may not have enough memory to store a certificate or may not even have the required CPU power to execute the cryptographic operations of validating the X.509 certificates (or any type of public key operation). ©2018DSAPPSINC
Question:What is IOT edge authentication? ©2018DSAPPSINC
The need for IOT edge authentication Faster response times: Without a round-trip to the cloud, data latency is reduced, lowering the time it takes to glean actionable insights from that data. Lowering IoT solution costs: Can process, clean and analyze mission critical data closer to the device itself saving on processing and analysis costs and reduce the amount of data that flows back and forth between the cloud and the edge of the network. Added security and compliance: Edge authentication can scan for malware, filter out sensitive personally identifiable information and process it locally, Dependable operation even with intermittent connectivity: Enables manufacturing equipment and other smart devices to operate without disruption even when they’re offline or Internet connectivity is intermittent. Interoperability between new and legacy devices: Easier to integrate new and legacy end points with edge computing. ©2018DSAPPSINC
Question: How do we track identity on the edge without a central server? ©2018DSAPPSINC
IOT Gateways Reference: https://internetofthingsagenda.techtarget.com/feature/ Using-an-IoT-gateway-to-connect-the-Things-to-the-cloud Reference: National Institute of Standards and George Mason University
©2018DSAPPSINC Reference: https:// docs.microsoft.com/en-us/azure/iot- hub/iot-hub-devguide-endpoints
IOT Gateway Architecture Operating System Example: Linux or Android OS HAL (Hardware Abstraction Layer) Supports reusability and portability of the IoT software. IoT Sensors Stack Software stacks that serve as interfaces with IoT sensors modules. Examples: ZigBee, 6LoWPAN, EnOcean, BLE, Modbus, PROFIBUS Device Management and Configuration Configuration and settings to interface with different types of Sensor devices. Security Ensure robust data security, device security and network security. FOTA Firmware Over The Air (FOTA) updates with latest versions of security patches, OS, Firewalls and more. Data Communication Protocols Connect with the Cloud over Ethernet, Wi-Fi or a 4G/3G modem via UDP or TCP IP protocol. MQTT, CoAP, XMPP, AMQP utilized. Data Management Includes data streaming, data filtering and data storing. Cloud Connectivity Manager Connectivity, device state, heartbeat message, and gateway device authentication with the cloud. Custom Application Manage data between sensor node and gateway and from gateway to cloud. Gateway Data Transfer To connect to the internet for data transfer using Ethernet, 4G/3G/GPRS modem or Wifi. Reference:https://www.embitel.com/blog/embedded-blog/understanding-how-an-iot-gateway-architecture-works
©2018DSAPPSINC
Key Requirements for IOT Edge Authentication • Has to replace central authority with distributed apps, should not depend on a single point of failure, means to distribute trust • Need distributed storage of device security data that is immutable • Automated process to add and update devices without need for manual authorization and authentication process, via code driven smart contract • Have the means to flag abnormal behavior and quarantine devices through group consensus on what is normal Answer - Blockchain technology
Blockchain Concepts • Decentralized, peer-to-peer networks, where each par5cipant maintains a copy of a shared, append-only (i.e., otherwise immutable) ledger of digitally signed transac5on records • Maintain synchronized replicas through a consensus protocol • Safeguard the immutability of the ledger, even when some par5cipants are faulty or malicious ©2018DSAPPSINC Append only Shared Ledger Managed by Permissions with visible, authenticated and verifiable transactions Support for Smart Contracts programmed to execute with transactions Consensus for adding new members and flagging abnormal behavior
The benefits of Blockchain Allows trust to be dispersed highly securely making IAM at the edge fast and light without central server reliance thus removing single point of failure Creates an IAM-centric ecosystem that keeps track of identities, entitlements, entitlement assignment, and access events, all autonomously. Provides for the five security pillars: Availability, Auditability, Accountability, Integrity and Confidentiality. ©2018DSAPPSINC
IAM Requirements provided by Blockchain • Track device identity profiles and attributes • Validate identity and transaction data leveraging smart contracts • Create and maintain IAM permission policies • Maintain data trust • Auditable records for validation • Control data visibility ©2018DSAPPSINC
Question: How can we implement IAM policies on the edge? ©2018DSAPPSINC
Support in Blockchain for IAM security policies func (s *SmartContract) Init(APIstub shim.ChaincodeStubInterface) sc.Response { return shim.Success(nil) } func (s *SmartContract) Invoke(APIstub shim.ChaincodeStubInterface) sc.Response { function, args := APIstub.GetFunctionAndParameters() if function == "queryCar" { return s.queryCar(APIstub, args) } else if function == "initLedger" { return s.initLedger(APIstub) } else if function == "createCar" { return s.createCar(APIstub, args) } else if function == "queryAllCars" { return s.queryAllCars(APIstub) } else if function == "changeCarOwner" { return s.changeCarOwner(APIstub, args) Smart Contracts - Enforce who can perform what actions Access Control Language - ACL rules determine which users/roles are permitted to create, read, update or delete member elements. Certifying authority - Certifies X509 certificates rule networkControlPermission { description: "networkControl can access network commands" participant: "org.acme.vehicle.auction.networkControl" operation: ALL resource: "org.hyperledger.composer.system.Network" action: ALLOW } Certificate: Data: Version: 3 (0x2) Serial Number: 10:e6:fc:62:b7:41:8a:d5:00:5e:45:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 Validity Not Before: Nov 21 08:00:00 2016 GMT Subject Public Key Info: Public-Key: (256 bit) pub: 04:c9:22:69:31:8a:d6:6c:ea:da:c3:7f:2c:ac:a5: af:c0:02:ea:81:cb:65:b9:fd:0c:6d:46:5b:c9:1e: Shared Configuration - Policies dictating modification of elements in configuration
Sample Implementations ©2018DSAPPSINC
Hyperledger Architecture
Hyperledger Fabric - peer nodes with smart contracts and ledgers
Peer Identities via X509 certificate
Hyperledger Fabric CA (Certificate Authority) Register identity, connect to LDAP Issue enrollment certificates Renew and revoke certificates
Azure Blockchain Workbench ©2018DSAPPSINC
IBM Watson IOT Platform with Blockchain ©2018DSAPPSINC
Managing IOT Edge Security Blockchain Spec Device authentication Design Blockchain ledger and cloud services Launch IOT edge authentication Provide IAM policies and smart contracts Update IAM policies Update analytics Add Devices Create/update security policies Coordinate with security team Track exceptions Resolve exceptions Real time analytics ©2018DSAPPSINC
Sesh Raj, DSAPPS INC email: sales1@dsapps.com text: 408-940-5003 www.dsapps.com Contact ©2018DSAPPSINC

Recomendados

API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...dsapps
 
IOT Platform as a Service
IOT Platform as a ServiceIOT Platform as a Service
IOT Platform as a Servicekidozen
 
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays
 
9.35am robert humphrey
9.35am robert humphrey9.35am robert humphrey
9.35am robert humphreyArgyle Executive Forum
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At CompliancePing Identity
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
 
Arkibiz Partners with GuardTime to Provide Auditable E-Documents and Records ...
Arkibiz Partners with GuardTime to Provide Auditable E-Documents and Records ...Arkibiz Partners with GuardTime to Provide Auditable E-Documents and Records ...
Arkibiz Partners with GuardTime to Provide Auditable E-Documents and Records ...flashnewsrelease
 
Security On The Edge - A New Way To Think About Securing the Internet of Things
Security On The Edge - A New Way To Think About Securing the Internet of ThingsSecurity On The Edge - A New Way To Think About Securing the Internet of Things
Security On The Edge - A New Way To Think About Securing the Internet of ThingsForgeRock
 

Recomendados

API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...dsapps
 
IOT Platform as a Service
IOT Platform as a ServiceIOT Platform as a Service
IOT Platform as a Servicekidozen
 
apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays LIVE New York 2021 - Securing access to high performing API in a regu...
apidays LIVE New York 2021 - Securing access to high performing API in a regu...apidays
 
9.35am robert humphrey
9.35am robert humphrey9.35am robert humphrey
9.35am robert humphreyArgyle Executive Forum
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At ComplianceGDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
GDPR & Customer IAM: The Real Winners Won’t Stop At CompliancePing Identity
 
Safeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningSafeguarding customer and financial data in analytics and machine learning
Safeguarding customer and financial data in analytics and machine learningUlf Mattsson
 
Arkibiz Partners with GuardTime to Provide Auditable E-Documents and Records ...
Arkibiz Partners with GuardTime to Provide Auditable E-Documents and Records ...Arkibiz Partners with GuardTime to Provide Auditable E-Documents and Records ...
Arkibiz Partners with GuardTime to Provide Auditable E-Documents and Records ...flashnewsrelease
 
Security On The Edge - A New Way To Think About Securing the Internet of Things
Security On The Edge - A New Way To Think About Securing the Internet of ThingsSecurity On The Edge - A New Way To Think About Securing the Internet of Things
Security On The Edge - A New Way To Think About Securing the Internet of ThingsForgeRock
 
Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed SecurityDarryl Santa
 
IoT architecture
IoT architectureIoT architecture
IoT architectureSumit Sharma
 
Implementing your APIs with zero trust
Implementing your APIs with zero trustImplementing your APIs with zero trust
Implementing your APIs with zero trustCoforge (Erstwhile WHISHWORKS)
 
Zscaler mondi webinar
Zscaler mondi webinarZscaler mondi webinar
Zscaler mondi webinarZscaler
 
Data Security by AES Advanced Encryption Standard
Data Security by AES Advanced Encryption StandardData Security by AES Advanced Encryption Standard
Data Security by AES Advanced Encryption StandardYogeshIJTSRD
 
Cross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationCross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationPeter Waher
 
Cybesecurity of the IoT
Cybesecurity of the IoTCybesecurity of the IoT
Cybesecurity of the IoTAltoros
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......centralohioissa
 
Okta Digital Enterprise Report
Okta Digital Enterprise ReportOkta Digital Enterprise Report
Okta Digital Enterprise ReportOkta-Inc
 
Smart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CitySmart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CityPeter Waher
 
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Government Technology & Services Coalition
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015Eurotech
 
Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...
Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...
Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...Dinis Guarda
 
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock
 
Xanadu Based Blockchain Integration System Development
Xanadu Based Blockchain Integration System DevelopmentXanadu Based Blockchain Integration System Development
Xanadu Based Blockchain Integration System DevelopmentAlex G. Lee, Ph.D. Esq. CLP
 
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon (SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon Priyanka Aash
 
Identity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyIdentity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyOkta-Inc
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonUlf Mattsson
 
(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...
(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...
(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...Priyanka Aash
 
Integration of Things (Sam Vanhoutte @Iglooconf 2017)
Integration of Things (Sam Vanhoutte @Iglooconf 2017) Integration of Things (Sam Vanhoutte @Iglooconf 2017)
Integration of Things (Sam Vanhoutte @Iglooconf 2017) Codit
 
Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Eurotech
 

Mais conteúdo relacionado

Mais procurados

Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed SecurityDarryl Santa
 
Zscaler mondi webinar
Zscaler mondi webinarZscaler mondi webinar
Zscaler mondi webinarZscaler
 
Data Security by AES Advanced Encryption Standard
Data Security by AES Advanced Encryption StandardData Security by AES Advanced Encryption Standard
Data Security by AES Advanced Encryption StandardYogeshIJTSRD
 
Cross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationCross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationPeter Waher
 
Cybesecurity of the IoT
Cybesecurity of the IoTCybesecurity of the IoT
Cybesecurity of the IoTAltoros
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......centralohioissa
 
Okta Digital Enterprise Report
Okta Digital Enterprise ReportOkta Digital Enterprise Report
Okta Digital Enterprise ReportOkta-Inc
 
Smart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CitySmart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CityPeter Waher
 
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Government Technology & Services Coalition
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Ulf Mattsson
 
IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015Eurotech
 
Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...
Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...
Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...Dinis Guarda
 
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock
 
Xanadu Based Blockchain Integration System Development
Xanadu Based Blockchain Integration System DevelopmentXanadu Based Blockchain Integration System Development
Xanadu Based Blockchain Integration System DevelopmentAlex G. Lee, Ph.D. Esq. CLP
 
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon (SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon Priyanka Aash
 
Identity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyIdentity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyOkta-Inc
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonUlf Mattsson
 
(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...
(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...
(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...Priyanka Aash
 

Mais procurados (20)

Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed Security
 
IoT architecture
IoT architectureIoT architecture
IoT architecture
 
Implementing your APIs with zero trust
Implementing your APIs with zero trustImplementing your APIs with zero trust
Implementing your APIs with zero trust
 
Zscaler mondi webinar
Zscaler mondi webinarZscaler mondi webinar
Zscaler mondi webinar
 
Data Security by AES Advanced Encryption Standard
Data Security by AES Advanced Encryption StandardData Security by AES Advanced Encryption Standard
Data Security by AES Advanced Encryption Standard
 
Cross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperationCross domain autonomous cooperation cross-domain autonomous cooperation
Cross domain autonomous cooperation cross-domain autonomous cooperation
 
Cybesecurity of the IoT
Cybesecurity of the IoTCybesecurity of the IoT
Cybesecurity of the IoT
 
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
Robert Brzezinski - Office 365 Security & Compliance: Cloudy Collaboration......
 
Okta Digital Enterprise Report
Okta Digital Enterprise ReportOkta Digital Enterprise Report
Okta Digital Enterprise Report
 
Smart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart CitySmart City Lecture 3 - An Open And/Or Secure Smart City
Smart City Lecture 3 - An Open And/Or Secure Smart City
 
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
Software Defined Perimeter - A New Paradigm for Securing Digital Infrastructu...
 
Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...Jun 15 privacy in the cloud at financial institutions at the object managemen...
Jun 15 privacy in the cloud at financial institutions at the object managemen...
 
IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015IoT Security in Action - Boston Sept 2015
IoT Security in Action - Boston Sept 2015
 
Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...
Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...
Blockchain, AI, IOT, Crypto Challenges and opportunities for the Energy Oil a...
 
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Xanadu Based Blockchain Integration System Development
Xanadu Based Blockchain Integration System DevelopmentXanadu Based Blockchain Integration System Development
Xanadu Based Blockchain Integration System Development
 
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon (SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
(SACON) Sameer anja - Privacy in Technology: Kickstart of the Hackathon
 
Identity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust StrategyIdentity's Role in a Zero Trust Strategy
Identity's Role in a Zero Trust Strategy
 
What is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS LondonWhat is tokenization in blockchain - BCS London
What is tokenization in blockchain - BCS London
 
(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...
(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...
(SACON) Dr. James Stanger - Surfing today’s emerging tech: A policy-based app...
 

Semelhante a Blockchain and IAM for IOT Edge Authentication

Integration of Things (Sam Vanhoutte @Iglooconf 2017)
Integration of Things (Sam Vanhoutte @Iglooconf 2017) Integration of Things (Sam Vanhoutte @Iglooconf 2017)
Integration of Things (Sam Vanhoutte @Iglooconf 2017) Codit
 
Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Eurotech
 
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Codit
 
Adopting the Right Architecture for IoT Implementation
Adopting the Right Architecture for IoT ImplementationAdopting the Right Architecture for IoT Implementation
Adopting the Right Architecture for IoT ImplementationRapidValue
 
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...Amazon Web Services
 
IoT based Industrial Gateway (IoT-SDK) built around Sitara™ AM437x processors...
IoT based Industrial Gateway (IoT-SDK) built around Sitara™ AM437x processors...IoT based Industrial Gateway (IoT-SDK) built around Sitara™ AM437x processors...
IoT based Industrial Gateway (IoT-SDK) built around Sitara™ AM437x processors...Mistral Solutions
 
Role of cloud and analytics in IoT
Role of cloud and analytics in IoTRole of cloud and analytics in IoT
Role of cloud and analytics in IoTSelvaraj Kesavan
 
AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)
AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)
AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)Amazon Web Services
 
FIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWARE
FIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWAREFIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWARE
FIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWAREFIWARE
 
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech TalksEssential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech TalksAmazon Web Services
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Canada
 
IxorTalk IoT Convention 2018
IxorTalk IoT Convention 2018IxorTalk IoT Convention 2018
IxorTalk IoT Convention 2018Peter Defreyne
 
Simplify Internet of Things with an Intelligent Gateway
Simplify Internet of Things with an Intelligent GatewaySimplify Internet of Things with an Intelligent Gateway
Simplify Internet of Things with an Intelligent GatewayEurotech
 
Session Sponsored by Intel: Smart Cities, Infrastructure and Health powered b...
Session Sponsored by Intel: Smart Cities, Infrastructure and Health powered b...Session Sponsored by Intel: Smart Cities, Infrastructure and Health powered b...
Session Sponsored by Intel: Smart Cities, Infrastructure and Health powered b...Amazon Web Services
 
Real World IoT Architectures and Projects with Eclipse IoT
Real World IoT Architectures and Projects with Eclipse IoTReal World IoT Architectures and Projects with Eclipse IoT
Real World IoT Architectures and Projects with Eclipse IoTEurotech
 
A Reference Architecture for IoT
A Reference Architecture for IoT A Reference Architecture for IoT
A Reference Architecture for IoT WSO2
 
FIWARE Tech Summit - FIWARE Overview and Description of GEs
FIWARE Tech Summit - FIWARE Overview and Description of GEsFIWARE Tech Summit - FIWARE Overview and Description of GEs
FIWARE Tech Summit - FIWARE Overview and Description of GEsFIWARE
 
The Internet of Things - Solutions to Drive Business Transformation
The Internet of Things - Solutions to Drive Business TransformationThe Internet of Things - Solutions to Drive Business Transformation
The Internet of Things - Solutions to Drive Business TransformationRed Hat India Pvt. Ltd.
 

Semelhante a Blockchain and IAM for IOT Edge Authentication (20)

Integration of Things (Sam Vanhoutte @Iglooconf 2017)
Integration of Things (Sam Vanhoutte @Iglooconf 2017) Integration of Things (Sam Vanhoutte @Iglooconf 2017)
Integration of Things (Sam Vanhoutte @Iglooconf 2017)
 
Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation Developing Interoperable Components for an Open IoT Foundation
Developing Interoperable Components for an Open IoT Foundation
 
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)
 
Adopting the Right Architecture for IoT Implementation
Adopting the Right Architecture for IoT ImplementationAdopting the Right Architecture for IoT Implementation
Adopting the Right Architecture for IoT Implementation
 
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
 
IoT based Industrial Gateway (IoT-SDK) built around Sitara™ AM437x processors...
IoT based Industrial Gateway (IoT-SDK) built around Sitara™ AM437x processors...IoT based Industrial Gateway (IoT-SDK) built around Sitara™ AM437x processors...
IoT based Industrial Gateway (IoT-SDK) built around Sitara™ AM437x processors...
 
Role of cloud and analytics in IoT
Role of cloud and analytics in IoTRole of cloud and analytics in IoT
Role of cloud and analytics in IoT
 
AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)
AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)
AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)
 
FIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWARE
FIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWAREFIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWARE
FIWARE Global Summit - Building Production Grade IoT Platform Leveraging FIWARE
 
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech TalksEssential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
Essential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks
 
QNAP NAS for IoT
QNAP NAS for IoTQNAP NAS for IoT
QNAP NAS for IoT
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 
IxorTalk IoT Convention 2018
IxorTalk IoT Convention 2018IxorTalk IoT Convention 2018
IxorTalk IoT Convention 2018
 
iot
iotiot
iot
 
Simplify Internet of Things with an Intelligent Gateway
Simplify Internet of Things with an Intelligent GatewaySimplify Internet of Things with an Intelligent Gateway
Simplify Internet of Things with an Intelligent Gateway
 
Session Sponsored by Intel: Smart Cities, Infrastructure and Health powered b...
Session Sponsored by Intel: Smart Cities, Infrastructure and Health powered b...Session Sponsored by Intel: Smart Cities, Infrastructure and Health powered b...
Session Sponsored by Intel: Smart Cities, Infrastructure and Health powered b...
 
Real World IoT Architectures and Projects with Eclipse IoT
Real World IoT Architectures and Projects with Eclipse IoTReal World IoT Architectures and Projects with Eclipse IoT
Real World IoT Architectures and Projects with Eclipse IoT
 
A Reference Architecture for IoT
A Reference Architecture for IoT A Reference Architecture for IoT
A Reference Architecture for IoT
 
FIWARE Tech Summit - FIWARE Overview and Description of GEs
FIWARE Tech Summit - FIWARE Overview and Description of GEsFIWARE Tech Summit - FIWARE Overview and Description of GEs
FIWARE Tech Summit - FIWARE Overview and Description of GEs
 
The Internet of Things - Solutions to Drive Business Transformation
The Internet of Things - Solutions to Drive Business TransformationThe Internet of Things - Solutions to Drive Business Transformation
The Internet of Things - Solutions to Drive Business Transformation
 

Último

ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfKamal Acharya
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfSuman Jyoti
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXssuser89054b
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptNANDHAKUMARA10
 
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Standamitlee9823
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VDineshKumar4165
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoordharasingh5698
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 

Último (20)

Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Netaji Nagar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
 
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 

Blockchain and IAM for IOT Edge Authentication

  • 1. Blockchain & IAM for IoT: Edge Authentication Presented by: Sesh Raj, President DSAPPS INC ©2018DSAPPSINC
  • 4. Question: What is IAM (identity and access management) for IOT? ©2018DSAPPSINC
  • 5. Traditional IOT IAM managed by cloud Reference: AWS IOT
  • 6. Comparing Traditional IAM and IOT IAM Traditional IAM IOT IAM End points to manage Typically < 100,000 Can be millions System administration IT and Security departments Operational personnel, plant and business managers Auditing User-centric Device-centric Authenticating process Passwords, biometrics PKI certificates, device behaviors, biometrics Provisioning and registration process Static Dynamic, application driven Self-services Typically web based Also support Bluetooth, DSRC etc. wireless communication
  • 7. The challenge Establishing identity through X.509 certificates provides a strong authentication system. However, in the IoT domain, many devices may not have enough memory to store a certificate or may not even have the required CPU power to execute the cryptographic operations of validating the X.509 certificates (or any type of public key operation). ©2018DSAPPSINC
  • 8. Question:What is IOT edge authentication? ©2018DSAPPSINC
  • 9. The need for IOT edge authentication Faster response times: Without a round-trip to the cloud, data latency is reduced, lowering the time it takes to glean actionable insights from that data. Lowering IoT solution costs: Can process, clean and analyze mission critical data closer to the device itself saving on processing and analysis costs and reduce the amount of data that flows back and forth between the cloud and the edge of the network. Added security and compliance: Edge authentication can scan for malware, filter out sensitive personally identifiable information and process it locally, Dependable operation even with intermittent connectivity: Enables manufacturing equipment and other smart devices to operate without disruption even when they’re offline or Internet connectivity is intermittent. Interoperability between new and legacy devices: Easier to integrate new and legacy end points with edge computing. ©2018DSAPPSINC
  • 10. Question: How do we track identity on the edge without a central server? ©2018DSAPPSINC
  • 13. IOT Gateway Architecture Operating System Example: Linux or Android OS HAL (Hardware Abstraction Layer) Supports reusability and portability of the IoT software. IoT Sensors Stack Software stacks that serve as interfaces with IoT sensors modules. Examples: ZigBee, 6LoWPAN, EnOcean, BLE, Modbus, PROFIBUS Device Management and Configuration Configuration and settings to interface with different types of Sensor devices. Security Ensure robust data security, device security and network security. FOTA Firmware Over The Air (FOTA) updates with latest versions of security patches, OS, Firewalls and more. Data Communication Protocols Connect with the Cloud over Ethernet, Wi-Fi or a 4G/3G modem via UDP or TCP IP protocol. MQTT, CoAP, XMPP, AMQP utilized. Data Management Includes data streaming, data filtering and data storing. Cloud Connectivity Manager Connectivity, device state, heartbeat message, and gateway device authentication with the cloud. Custom Application Manage data between sensor node and gateway and from gateway to cloud. Gateway Data Transfer To connect to the internet for data transfer using Ethernet, 4G/3G/GPRS modem or Wifi. Reference:https://www.embitel.com/blog/embedded-blog/understanding-how-an-iot-gateway-architecture-works
  • 15. Key Requirements for IOT Edge Authentication • Has to replace central authority with distributed apps, should not depend on a single point of failure, means to distribute trust • Need distributed storage of device security data that is immutable • Automated process to add and update devices without need for manual authorization and authentication process, via code driven smart contract • Have the means to flag abnormal behavior and quarantine devices through group consensus on what is normal Answer - Blockchain technology
  • 16. Blockchain Concepts • Decentralized, peer-to-peer networks, where each par5cipant maintains a copy of a shared, append-only (i.e., otherwise immutable) ledger of digitally signed transac5on records • Maintain synchronized replicas through a consensus protocol • Safeguard the immutability of the ledger, even when some par5cipants are faulty or malicious ©2018DSAPPSINC Append only Shared Ledger Managed by Permissions with visible, authenticated and verifiable transactions Support for Smart Contracts programmed to execute with transactions Consensus for adding new members and flagging abnormal behavior
  • 17. The benefits of Blockchain Allows trust to be dispersed highly securely making IAM at the edge fast and light without central server reliance thus removing single point of failure Creates an IAM-centric ecosystem that keeps track of identities, entitlements, entitlement assignment, and access events, all autonomously. Provides for the five security pillars: Availability, Auditability, Accountability, Integrity and Confidentiality. ©2018DSAPPSINC
  • 18. IAM Requirements provided by Blockchain • Track device identity profiles and attributes • Validate identity and transaction data leveraging smart contracts • Create and maintain IAM permission policies • Maintain data trust • Auditable records for validation • Control data visibility ©2018DSAPPSINC
  • 19. Question: How can we implement IAM policies on the edge? ©2018DSAPPSINC
  • 20. Support in Blockchain for IAM security policies func (s *SmartContract) Init(APIstub shim.ChaincodeStubInterface) sc.Response { return shim.Success(nil) } func (s *SmartContract) Invoke(APIstub shim.ChaincodeStubInterface) sc.Response { function, args := APIstub.GetFunctionAndParameters() if function == "queryCar" { return s.queryCar(APIstub, args) } else if function == "initLedger" { return s.initLedger(APIstub) } else if function == "createCar" { return s.createCar(APIstub, args) } else if function == "queryAllCars" { return s.queryAllCars(APIstub) } else if function == "changeCarOwner" { return s.changeCarOwner(APIstub, args) Smart Contracts - Enforce who can perform what actions Access Control Language - ACL rules determine which users/roles are permitted to create, read, update or delete member elements. Certifying authority - Certifies X509 certificates rule networkControlPermission { description: "networkControl can access network commands" participant: "org.acme.vehicle.auction.networkControl" operation: ALL resource: "org.hyperledger.composer.system.Network" action: ALLOW } Certificate: Data: Version: 3 (0x2) Serial Number: 10:e6:fc:62:b7:41:8a:d5:00:5e:45:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: C=BE, O=GlobalSign nv-sa, CN=GlobalSign Organization Validation CA - SHA256 - G2 Validity Not Before: Nov 21 08:00:00 2016 GMT Subject Public Key Info: Public-Key: (256 bit) pub: 04:c9:22:69:31:8a:d6:6c:ea:da:c3:7f:2c:ac:a5: af:c0:02:ea:81:cb:65:b9:fd:0c:6d:46:5b:c9:1e: Shared Configuration - Policies dictating modification of elements in configuration
  • 23. Hyperledger Fabric - peer nodes with smart contracts and ledgers
  • 24. Peer Identities via X509 certificate
  • 25. Hyperledger Fabric CA (Certificate Authority) Register identity, connect to LDAP Issue enrollment certificates Renew and revoke certificates
  • 27. IBM Watson IOT Platform with Blockchain ©2018DSAPPSINC
  • 28. Managing IOT Edge Security Blockchain Spec Device authentication Design Blockchain ledger and cloud services Launch IOT edge authentication Provide IAM policies and smart contracts Update IAM policies Update analytics Add Devices Create/update security policies Coordinate with security team Track exceptions Resolve exceptions Real time analytics ©2018DSAPPSINC
  • 29. Sesh Raj, DSAPPS INC email: sales1@dsapps.com text: 408-940-5003 www.dsapps.com Contact ©2018DSAPPSINC