When 50 billion devices start sending data over networks, security challenges become exponentially harder. Machine to machine (M2M) solutions require the ability to handle existing security governance investments yet support a variety of security protocols, encryption and privacy that cross mobility, sensor networks, diverse devices, M2M telecommunications and data centers. The nature and scale of the M2M infrastructure causes some unique challenges such as trust (untrusted devices, networks), cost (cannot be expensive considering the large number of devices), shared data (who owns it and how to securely share it), access (static access controls cannot adjust to the dynamic nature of M2M), performance (low power devices can´t spare many cycles for security), heterogeneity, integration into existing security paradigms etc. that have to be addressed.
This block of session will provide insight and advice on the security aspects of this emerging technology.
Continuing Education Credits
Advance Preparation: None
Learning Level: Intermediate
Field: Computer Science
After attending this block of sessions you will be able to:
- Explain use cases, application categories and business models for the Internet of Everything.
- Describe the challenges from the Identities of Things.
- Describe the challenges unique to the application of M2M and IoT devices within various industry sectors.
- Describe the unexpected and complex implications of the Internet of Everything.
- Explain how identity, confidentiality, denial of service, privacy and other aspects are different in the IoT space.
This block qualifies for up to 3 Group Learning based CPEs depending on the number of sessions you attend.
Connecting the Real World with the Virtual World: Use Cases, Application Categories and Business Models for the IoE
The IoE can be roughly categorized in 2 application areas: Information, Awareness & Analysis on the one side and Automation, Control & Optimization on the other hand. In this session, we will talk about applications and business models within those 2 areas, how they will evolve and how they will impact your infrastructure.
Challenges from the Identities of Things
The Internet of Things (IoT) is beginning to evolve and early solutions are now being implemented. We can find implementations in areas like logistics, farming, home automation and many others. But its restrictions become obvious as we try to connect solutions of different vendors, communities or standard groups. Apart from communication protocols new identity management mechanisms are crucial for a growing Internet of Things. This presentation discusses real project examples and introduces challenges coming from the Identities of Things as well as possible solutions encompassing identifier, mapping, discovery, authentication, authorization and privacy.
Security in a World of 50 Billion Connected Devices
When 50 billion devices start sending data over networks, privacy and security challenges become exponentially harder. M2M solutions require the ability to handle existing security governance investments yet support a variety of security protocols, encryption and privacy requirements that cross mobility, sensor networks, diverse devices, M2M telecommunications and data centers and their relevant policy domains. The nature and scale of the M2M infrastructure create unique challenges such as trust (untrusted devices, networks, associated applications), cost (cannot be expensive considering the large number of devices), shared data (who owns it, controls it and how to securely share and manage it), access (static access controls cannot adjust to the dynamic nature of M2M), performance (low power devices can´t spare many cycles for security), heterogeneity, integration into existing security paradigms, and cross-jurisdictional privacy mandates that have to be addressed.
The panel will discuss the above challenges unique to the application of M2M and IoT devices within various industry sectors, such as Smart Grid systems in the energy industry. The panel will also discuss how some of these issues are being tackled by the important OASIS committees: Message Queuing Telemetry Transport Protocol (MQTT), Privacy by Design Documentation for Software Engineers (PbD-SE), Privacy Management Reference Model and Methodology (PMRM) as well as the Smart Grid Cybersecurity Committee under the Smart Grid Interoperability Panel.
The panel will include case studies on how governments and large organizations and critical infrastructure providers such as electric utilities are tackling the security and privacy implications of IoT/M2M to build a resilient environment to drive business value.
Unexpected and Complex Implications of the Internet of Everything (IoE)
With the recent acquisition of NEST Labs, Google is paving it´s way into your bed- and sitting room, listening to your most private prefences and habits. Home automation and many other areas, where the Internet of Everything will try to add value to our analog lives, come along with strong privacy concerns and is raising new questions:
- Who owns the data on your automobile´s computer? The manufacturer? The current title holder? The auto, itself?
- Will the auto have its own personal cloud and grant you permission to access it? Will this spell the end of auto theft?
- How do you manage apps for devices?
These are some of the curious questions that arise as global experts debate the implications of the Internet of Things.
For its promises to simplify our lives, the Internet of Things presents a panoply of concerns. Will you be able to profit from foresight into this life-changing development?
Security and Identity Challenges for the Internet of Everything
The Internet of Things (IoT) concerns the connection of physical devices (cars, thermostats, smartphones, home lighting, tide sensors, smart meters, etc) to the Internet. There are more devices connected to the Internet than people on the planet, and the prediction is that there will be 50 billion IoT devices by 2020.
The IoT brings with it many security challenges, and this session will explore these challenges as well as looking at some emerging solutions. Of course these challenges fall into existing security and identity challenges but are exacerbated and modified by the specific aspects of the IoT. This session will concentrate on those aspects.
For example, standard approaches for security and identity, such as PKI, may not be appropriate or suitable for memory and CPU constrained devices. Even when the device can handle asymmetric encryption, the key distribution may be a significant issue.
The session will cover identity, confidentiality, denial of service, privacy and other aspects and specifically how those are different in the IoT space.
This session is aimed at professionals who understand identity and security issues and wish to understand how those concepts apply in the IoT space. It will also be relevant to IoT specialists looking to understand security issues.