O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
Identity & Security In AllJoyn 14.06
Tim Kellogg
Saturday, July 19 2014
https://github.com/tkellogg/alljoyn-examples
https://github.com/tkellogg/alljoyn-
core/tree/master/alljoyn_core/src
Embedded Security
Mitsubishi EMI Incident (2003)
• Brakes disabled when given 1000-10000x legal
levels of EMI radiation
• Car thinks brakes ...
Slammer Worm (2003)
• Nuclear plant safety monitoring disabled for 5
hours
• “The business value of access to the data
wit...
Hello, my name is Bruce Schneier and I
think routers are super duper easy to
hack, mostly because you nerds never
patch th...
University of Washington Study (2010)
“We demonstrate that an attacker who is able to
infiltrate virtually any Electronic ...
Hey, check it out! I
made my own
encryption algorithm
Embedded Needs “Rails”
• Software Updates
• Security & Identity
• Communication
• Media Streaming
• User Interfaces
Distributed Bus
Distributed Bus
Security
Auth Listeners
• ALLJOYN_RSA_KEYX – X.509 certificates
• ALLJOYN_SRP_KEYX – Show Random PIN
• ALLJOYN_SRP_LOGON – preset U...
ALLJOYN_RSA_KEYX
• RSA = Asymmetric key encryption
• X.509 certificates
– Trusted Certificate Authority
SRP_KEYX & SRP_LOGON
• Threshold Cryptography
• No trust required to establish a secure
connection
• LOGON = Username & Pa...
ALLJOYN_SRP_KEYX
ECDHE
• Elliptic Curve (EC) Cryptography
• DHE = Diffie-Hellman key Exchange
– Symmetric key encryption
ALLJOYN_ECDHE_NULL
• Elliptic Curve Encryption
• No verification of identity
ALLJOYN_ECDHE_PSK
• PSK = Pre-Shared Key
• Service already has the client’s public key
• A password may also be used
ALLJOYN_ECDHE_ECDSA
• ECDSA – Elliptic Curve Digital Signature
Algorithm
• Certificate shows identity
Questions?
@kellogh
Practical Internet of Things
Security & Identity in AllJoyn 14.06
Security & Identity in AllJoyn 14.06
Próximos SlideShares
Carregando em…5
×

Security & Identity in AllJoyn 14.06

2.518 visualizações

Publicada em

My presentation for Cloud Identity Summit 2014. I will be talking about the security and identity features that AllJoyn offers in it's 14.06 release.

Publicada em: Software

Security & Identity in AllJoyn 14.06

  1. 1. Identity & Security In AllJoyn 14.06 Tim Kellogg Saturday, July 19 2014
  2. 2. https://github.com/tkellogg/alljoyn-examples https://github.com/tkellogg/alljoyn- core/tree/master/alljoyn_core/src
  3. 3. Embedded Security
  4. 4. Mitsubishi EMI Incident (2003) • Brakes disabled when given 1000-10000x legal levels of EMI radiation • Car thinks brakes are locked, so it releases • All within limits required by law
  5. 5. Slammer Worm (2003) • Nuclear plant safety monitoring disabled for 5 hours • “The business value of access to the data within the control center worth the risk of open connections between the control center and the corporate network” • Unpatched MSSQL Server
  6. 6. Hello, my name is Bruce Schneier and I think routers are super duper easy to hack, mostly because you nerds never patch the software https://www.schneier.com/essays/archives/2014/01/the _internet_of_thin.html
  7. 7. University of Washington Study (2010) “We demonstrate that an attacker who is able to infiltrate virtually any Electronic Control Unit (ECU) can leverage this ability to completely circumvent a broad array of safety-critical systems” http://www.autosec.org/pubs/cars- oakland2010.pdf
  8. 8. Hey, check it out! I made my own encryption algorithm
  9. 9. Embedded Needs “Rails” • Software Updates • Security & Identity • Communication • Media Streaming • User Interfaces
  10. 10. Distributed Bus
  11. 11. Distributed Bus
  12. 12. Security
  13. 13. Auth Listeners • ALLJOYN_RSA_KEYX – X.509 certificates • ALLJOYN_SRP_KEYX – Show Random PIN • ALLJOYN_SRP_LOGON – preset U/P table • ALLJOYN_ECDHE_NULL • ALLJOYN_ECDHE_PSK • ALLJOYN_ECDHE_ECDSA – DSA
  14. 14. ALLJOYN_RSA_KEYX • RSA = Asymmetric key encryption • X.509 certificates – Trusted Certificate Authority
  15. 15. SRP_KEYX & SRP_LOGON • Threshold Cryptography • No trust required to establish a secure connection • LOGON = Username & Password • KEYX = A PIN is displayed
  16. 16. ALLJOYN_SRP_KEYX
  17. 17. ECDHE • Elliptic Curve (EC) Cryptography • DHE = Diffie-Hellman key Exchange – Symmetric key encryption
  18. 18. ALLJOYN_ECDHE_NULL • Elliptic Curve Encryption • No verification of identity
  19. 19. ALLJOYN_ECDHE_PSK • PSK = Pre-Shared Key • Service already has the client’s public key • A password may also be used
  20. 20. ALLJOYN_ECDHE_ECDSA • ECDSA – Elliptic Curve Digital Signature Algorithm • Certificate shows identity
  21. 21. Questions? @kellogh Practical Internet of Things

×