AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
-
Upload
iovation -
Category
Technology
-
view
343 -
download
1
Transcript of AuthentiThings: The Pitfalls and Promises of Authentication in the IoT
WEBINAR
AUTHENTICATING “THINGS”THE PITFALLS AND PROMISES
OF AUTHENTICATION IN THE CONSUMER IoT
JUNE 2016
MICHAEL THELANDER
3
AGENDA
123
WHAT’S SO REVOLUTIONARY?
Industrial vs. Consumer IoT
Unexpected risks and rewards
AUTHENTICATION IN THE IoTAuthentication standards & guidelines
“Three from Three” Guidance
IF AUTHENTICATION FAILSNew and frightening hacks
What’s next?
4 YOU ARE YOUR DEVICE Your device as your proxy
5
A M E R C A N T I L E R E V O L U T I O N
Guns, cloth, iron and beer
Slaves, gold, spices
Slaves, raw sugar, and molasses
Whale oil, lumber, cotton,rum and tobacco
The crown orchestrated a
complex global dance
that leveraged the best
knowledge and the most
favorable terms
anywhere in the world.
6
A M E R C A N T I L E R E V O L U T I O N
At the top of the pyramid, Great Britain used these imports to
manufacture and distribute complex
products that created vast wealth and
power.
7
A M E R C A N T I L E R E V O L U T I O N
Closer to the raw materials needed for production
Respond immediately to change
Intimate understanding of all parts of a complex process
Organize and manage their own markets
9
M IC H A E L T H E LA N D E RP R O D U C T M A R K E T I N G M A N A G E R , A U T H E N T I C A T I O N
n Manages go-to-market, launch and customer education activities for iovation’s authentication products.
n 20 years in VP- and director-level product management and marketing roles for technology and information security companies.
19
T WO F A C E S O F T H E I o TK E Y D I F F E R E N C E S B E T W E E N I N D U S T R I A L A N D C O N S U M E R I o T
• Security and privacy standards and guidelines are an inherent part of the picture
• Device lifespan can be measured in decades
• Criticality of RTOS
• Continuity of data is a major consideration
INDUSTRIAL IoT
• Minimal attention to security standards and guidelines, consumers blasé about privacy
• Device lifespan can be measured in months
• Less-than-critical infrastructure in
most current cases
• Expected gaps in data flow
CONSUMER IoT
30
“ B I G D A T A ” B E C O M E S P E R SO N A L
INTERNET-CONNECTED DEVICES
4.9 B in 2015
20.8 B in 2020
450%
10,000 EB in 2015
400%
40,000 EB in 2020
STORAGE REQUIRED FOR THE DATA
(One exabyte can hold 500 to 1000 times the entire content of the Library of Congress.)
31
“ B I G D A T A ” B E C O M E S P E R SO N A L
10,000 EB in 2015
40,000 EB in 2020
STORAGE REQUIRED FOR THE DATA
(One exabyte can hold 500 to 1000 times the entire content of the Library of Congress.)
= 20,800 GB400%
42
“These technical guidelines cover remote digital authentication of human users to IT systems
over a network… However do not specifically address machine-to-machine (such as router-to-router) authentication, or establish specific requirements for issuing
authentication credentials and authenticators to machines and servers when they are used in authentication protocols with people.”
However do not specifically address machine-to-machine (such as router-to-router) authentication, or establish specific requirements for issuing
authentication credentials and authenticators to machines and servers when they are used in authentication protocols with people.”
New v 63-3
Due Soon
44
T H R E E F R O M T H R E EG U I D A N C E F R O M T H R E E P I E C E S O F R E C E N T R E S E A R C H
45
“Others have pointed to the need to research
methods that provide context-based authentication
as a new factor in an authentication process. .”
46
1. Identity Relationship Management (IRM) replaces IAMn Consumers and things over employeesn Internet-scale over Enterprise-scalen Borderless over perimeter
2. Use of smartphones as a primary means of authentication in the IoTn Context-based authentication over MFAn Enterprise-level local authentication to IoT devicesn Single sensor for multiple authentication methods:
T H R E E F R O M T H R E E : C SAC L O U D S E C U R I T Y A L L I A N C E – I R M A N D S M A R T P H O N E S
47
3. Leverage the security controls built into standards-based IoT protocols
T H R E E F R O M T H R E E : C SAI o T S E C U R I T Y F O R C O N S U M E R D E V I C E S
Protocol M2M Auth Options
MQTT Username / password
CoAPpreShared KeyrawPublicKey
XMPP Multiple options
DDSx.509 Certificates (PKI)
Tokens
Protocol M2M Auth Options
Zigbee Pre-shared keys
Bluetooth Shared key
Bluetooth LE Connection signature
resolving key
HTTP/REST TLS or OAUTH 2
48
3. Leverage the security controls built into standards-based IoT protocols
T H R E E F R O M T H R E E : C SAC L O U D S E C U R I T Y A L L I A N C E S U M M A R S Y G U I D A N C E O N I o T
• Low memory: works on micro-controllers was low as 10 KiB of RAM
• Default choice of DTLS parameters is equivalent to 3072-bit RSA keys
• CoAP integrates with XML, JSON, CBOR, or data format of choice
• REST model integrates with typical sites and applications
49
“No single method for peer authentication and end-to-
end data protection meets the Internet of Things (IoT)
device security and operational requirements.”
50
1. Mobile devices can be gateways, consumers, or IoT nodes
T H R E E F R O M T H R E E : G A R T N E RI T ’ S N O T J U S T A P H O N E
51
2. Understand domains, classes of devices, and “delegation of trust”n Class 1: Simple sensors or actuators
n Class 2: Can perform storage or analysis, e.g. hubs, concentrator, gateways
n Class 3: Complex devices, servers than can act as aggregators, e.g. security analytics
T H R E E F R O M T H R E E : G A R T N E RN O T A L L D E V I C E S A R E C R E A T E D E Q U A L
52
3. Building a trust model based on “hops”
n No hop: trust is achieved by device authenticating to local gateway
n Single hop: Device authenticates to gateway, and gateway to an IoT service or application
n Multihop: Trust achieved by devices authenticating to trust anchors (gateways), and then the trust anchors federate trust across all required domains and trust models
T H R E E F R O M T H R E E : G A R T N E RT R U S T M O D E L S M A T T E R
53
“Authentication is the process of verification that an
individual, entity or website is who it claims to be.”
54
1. The only guidance using three different perspectives: n Manufacturer IoT Guidance: The goal of this section is help
manufacturers build more secure products in the Internet of Things space.
n Developer IoT Guidance: The goal of this section is help developers build more secure applications in the Internet of Things space.
n Consumer IoT Guidance: The goal of this section is help consumers purchase secure products in the Internet of Things space.
T H R E E F R O M T H R E E : O WA SPI o T S E C U R I T Y G U I D A N C E I N T H R E E C A T E G O R I E S
55
2. A comprehensive framework:
n 1 IoT Framework Security Considerations: Definitions
n 2 Edge: Framework Considerations for Edge Component
n 3 Gateway: Framework Considerations for Gateway Component
n 4 Cloud: Framework Considerations for Cloud Component
n 5 Mobile: Framework Considerations for Mobile Component
T H R E E F R O M T H R E E : O WA SPM U L T I - P A R T S E C U R I T Y A N D P R I V A C Y F R A M E W O R K
• Communications encryption
• Storage encryption
• Strong logging
• Auto updates / versioning
• Update verification
• Cryptographic ID capabilities
• No default passwords
• Offline security features
• Configurable root trust store
• Device and owner authentication
• Transitive ownership capabilities
• Defensive capabilities
• Plugin or ext. verify, report, update
• Secure M2M
• Secure Web interface
• Utilize established protocols
• Latest, updated 3rd-party components
• Use of hardware device
• Support MFA
• Temporal and spacialauthentication
• Tracks data from insecure sources
• Features disabled by default
• Written in programming languages that possess security countermeasures
• Device monitoring and management capabilities
2 Edge: Framework Considerations for Edge Component
56
3. Provides a unique focus on authentication testing
T H R E E F R O M T H R E E : O WA SPF O C U S O N T E S T I N G
n Assess the solution for the use of strong passwords where authentication is needed
n Assess the solution for multi-user environments and ensure it includes functionality for role separation
n Assess the solution for Implementation two-factor authentication where possible
n Assess password recovery mechanisms
n Assess password recovery mechanisms
n Assess the solution for the option to require strong passwords
n Assess the solution for the option to force password expiration after a specific period
n Assess the solution for the option to change the default username and password
57
91. Identity relationship
management – not IAM – is key
2. Smartphones will be the primary means of authentication in the IoT
3. Leverage built-in security controls
4. Mobile devices will fill multiple roles in the IoT scheme
5. Domains & classes drive delegation of trust models
6. Build your trust model based on “hops”
7. Multiple perspectives matter
8. Provides a comprehensive framework
9. Provides a unique authentication focus
SU M M A R I Z I N G T H E “ T H R E E F R O M T H R E E ”
67
n MD5 Hash of the full font list n Random sample of 15 fonts
n Flash SharedObjects not writable n Flash socket 843 based ip (real IP)
n Boolean indicator: flash took longer than expected to execute
n Accepted Char Sets in HTTP headern Accepted languages in HTTP header
n Browser user agent comment string n Browser name / OS / Ver / language
n Cookie writes excluded n Boolean indicator, javascript enabled n Count of fonts in the full list
n Flash 3-part version (16.0.0) n Flash 4-part version (16.0.0.305)
n List of browser plugins n JavaScript screen resolutionn Simbar toolbar GUID from HTTP hdr
n Timezone offset in minutes n ... and more
n WiFi (or Bluetooth) MAC Addressn Network configuration
n iOS Device Modeln Battery level / AC mode
n Device orientationn File system sizen Physical memory
n CPU Type / Count /Speedn Number attached accessories
n Has proximity sensor?n Screen brightness and resolutionn System uptime
n iOS Device Name (MD5 Hash) n OS Name and/or version
n Device advertising UUIDn Kernel versionn iCloud Ubiquity Token
n Application Vendor UUID /name/versn Locale language / currency code
n … and 100s more
n Model and Device Modeln Build.DEVICE & Build.HARDWARE
n Build.HOST & Build.IDn Manufacturer
n Build.PRODUCT & Build.TIMEn Network Operator ID & Name n Sim Operator ID & Country
n System Uptime in Secondsn Is the device plugged in
n CPU Typen Physical memoryn Unique build fingerprint of app
n Android SDK Leveln Android Build Number (DISPLAY)
n Android Device System Versionn Detected attempt at hiding root detect n Kernel Version (was AKV)
n Android Locale Country Code n Desktop Wallpaper Hash
n … and 100s more
DEVICE-BASED AUTHENTICATIONTHE USER’S DEVICE AS A ROBUST, INVISIBLE SECOND FACTOR
Web Device Print iOS SDK Android SDK