Security & Identity in AllJoyn 14.06

download Security & Identity in AllJoyn 14.06

of 23

  • date post

    27-Aug-2014
  • Category

    Software

  • view

    397
  • download

    5

Embed Size (px)

description

My presentation for Cloud Identity Summit 2014. I will be talking about the security and identity features that AllJoyn offers in it's 14.06 release.

Transcript of Security & Identity in AllJoyn 14.06

  • Identity & Security In AllJoyn 14.06 Tim Kellogg Saturday, July 19 2014
  • https://github.com/tkellogg/alljoyn-examples https://github.com/tkellogg/alljoyn- core/tree/master/alljoyn_core/src
  • Embedded Security
  • Mitsubishi EMI Incident (2003) Brakes disabled when given 1000-10000x legal levels of EMI radiation Car thinks brakes are locked, so it releases All within limits required by law
  • Slammer Worm (2003) Nuclear plant safety monitoring disabled for 5 hours The business value of access to the data within the control center worth the risk of open connections between the control center and the corporate network Unpatched MSSQL Server
  • Hello, my name is Bruce Schneier and I think routers are super duper easy to hack, mostly because you nerds never patch the software https://www.schneier.com/essays/archives/2014/01/the _internet_of_thin.html
  • University of Washington Study (2010) We demonstrate that an attacker who is able to infiltrate virtually any Electronic Control Unit (ECU) can leverage this ability to completely circumvent a broad array of safety-critical systems http://www.autosec.org/pubs/cars- oakland2010.pdf
  • Hey, check it out! I made my own encryption algorithm
  • Embedded Needs Rails Software Updates Security & Identity Communication Media Streaming User Interfaces
  • Distributed Bus
  • Distributed Bus
  • Security
  • Auth Listeners ALLJOYN_RSA_KEYX X.509 certificates ALLJOYN_SRP_KEYX Show Random PIN ALLJOYN_SRP_LOGON preset U/P table ALLJOYN_ECDHE_NULL ALLJOYN_ECDHE_PSK ALLJOYN_ECDHE_ECDSA DSA
  • ALLJOYN_RSA_KEYX RSA = Asymmetric key encryption X.509 certificates Trusted Certificate Authority
  • SRP_KEYX & SRP_LOGON Threshold Cryptography No trust required to establish a secure connection LOGON = Username & Password KEYX = A PIN is displayed
  • ALLJOYN_SRP_KEYX
  • ECDHE Elliptic Curve (EC) Cryptography DHE = Diffie-Hellman key Exchange Symmetric key encryption
  • ALLJOYN_ECDHE_NULL Elliptic Curve Encryption No verification of identity
  • ALLJOYN_ECDHE_PSK PSK = Pre-Shared Key Service already has the clients public key A password may also be used
  • ALLJOYN_ECDHE_ECDSA ECDSA Elliptic Curve Digital Signature Algorithm Certificate shows identity
  • Questions? @kellogh Practical Internet of Things