concerns solution danny de cock
play

CONCERNS & SOLUTION DANNY DE COCK HTTPS://WWW.GODOT.BE/SLIDES - PowerPoint PPT Presentation

Apr 15, 2023 •279 likes •370 views

Simply Smart Workshop IOT SECURITY AND PRIVACY CONCERNS & SOLUTION DANNY DE COCK HTTPS://WWW.GODOT.BE/SLIDES Feb 2018 IOT SCOPE Credits: Chragokyberneticks Credits: http://www.greenpeak.com Blue: Networked devices Green: Energy

  1. Simply Smart Workshop IOT SECURITY AND PRIVACY CONCERNS & SOLUTION DANNY DE COCK HTTPS://WWW.GODOT.BE/SLIDES Feb 2018

  2. IOT SCOPE Credits: Chragokyberneticks Credits: http://www.greenpeak.com • Blue: Networked devices • Green: Energy Management • Red: IoT 2

  3. CORE SECURITY AND PRIVACY PROBLEMS  IoT focuses on functionality, NOT security  Security is afterthought, secure client first!  Cumbersome over-the-air update mechanisms  Each family of devices in their own silo  Amalgam of isolated component groups rather than integration  Impossible to apply sound security policies  User data, preferences & behavior immediately pushed to cloud services  Who manages the cloud, who is it and where can you find them?  User awareness & ignorance: what happens to this data?  Authentication, confidentiality and authorization problems  Silo- based management of keys, preferences, access control settings…  No real key management for individual instantiations  Low power = lightweight communications and security protocols 21/02/2018 3

  4. GLOBAL SYSTEM OVERVIEW Home Internet Remote User Locally operated Remotely accessible Strong authentication Weak authentication Insecure Integrity-protected Confidential Local Users 4 Secure

  5. GENERIC & SIMPLE SOLUTION  Impossible to change, configure and test individual IOT device families  New software versions and devices and features pop up continuously  Two-fold solution:  Good old DMZ technology plus Intelligent Internet Gateway (IIG)  Each IOT device type in its own zone  IIG manages connections:  Device-Device inside and across zones  Device-Internet and Internet-Device  Dedicated configuration manager  Configuration of IIG  Configuration of DMZ-zones 21/02/2018 5 Images: Tango! Desktop Project, benext.eu & Michael Mimoso, threatpost.com

  6. QUESTIONS?  Contact details:  Email: Danny.DeCock@esat.kuleuven.be  Slides: https://www.godot.be/slides 21/02/2018 6

  7. SECURITY VIEW Service Providers Devices Users & Applications Multimedia Cluster End-to-End Security Appliance Cluster Point-to-Point Security Safety Cluster 21/02/2018 7

  8. PROTOCOL STACKS VIEW User/Business Layer Uses devices & services Service Data Application Layer (OSI Layer 7) Application processing Data Offers Services to Users, Services and Devices Device-Device Security Reliable Device-Device Communication Security Layer (OSI Layer 5 – Session) Device-Device Data Transmission Data Transmission over Physical Network Protects Against Remote Evil Services and Devices Transport Layer (OSI Layer 4) Data Transmitted over Physical Network Provides Reliable Communications Device-Device Data Transmission Reliable Device-Device Communication Network Layer (OSI Layer 3) Device-Device Security Provides Network Access Application processing Data Service Data Data Link Layer (OSI Layer 2) Communication Technologies, e.g., RF, WiFi, IR,… 21/02/2018 8

Recommend

IOT SECURITY SOFTWARE SOLUTIONS DANNY DE COCK 22 September 2015 SENIOR RESEARCHER

IOT SECURITY SOFTWARE SOLUTIONS DANNY DE COCK 22 September 2015 SENIOR RESEARCHER

IOT SECURITY SOFTWARE SOLUTIONS DANNY DE COCK 22 September 2015 SENIOR RESEARCHER HTTP://GODOT.BE/SLIDES STANDARD CRYPTO-TECHNICAL CONSIDERATIONS IOT = big data, focused on functionality, not security Security is afterthought Each

483 views • 14 slides
Connecting Academic Security Research to Applied Systems in the Field Dr. Danny De Cock 6

Connecting Academic Security Research to Applied Systems in the Field Dr. Danny De Cock 6

Connecting Academic Security Research to Applied Systems in the Field Dr. Danny De Cock 6 October 2016 COSIC Staff Department Electrical Engineering-ESAT COSIC = COmputer Security and Industrial Cryptography ( o 1978) 5 full-time 90

502 views • 28 slides
Usability Related Observations Practical Security Hints Danny De Cock, PhD, sr. Research Manager

Usability Related Observations Practical Security Hints Danny De Cock, PhD, sr. Research Manager

Usability Related Observations Practical Security Hints Danny De Cock, PhD, sr. Research Manager Applied Cryptography 25 March 2018, #hackatonamring, Nrburg, Germany Slides: http://godot.be/slides While establishing correct location

341 views • 6 slides
K.U.Leuven ESAT/SCD/COSIC Computer Security and Industrial Cryptography Danny De Cock

K.U.Leuven ESAT/SCD/COSIC Computer Security and Industrial Cryptography Danny De Cock

K.U.Leuven ESAT/SCD/COSIC Computer Security and Industrial Cryptography Danny De Cock Danny.DeCock@esat.kuleuven.be Katholieke Universiteit Leuven/Dept. Elektrotechniek (ESAT) Computer Security and Industrial Cryptography (COSIC) Kasteelpark

308 views • 16 slides
IOT LANDSCAPE March 2017 DANNY DE COCK HTTP://GODOT.BE/SLIDES LIMITED SCOPE Security

IOT LANDSCAPE March 2017 DANNY DE COCK HTTP://GODOT.BE/SLIDES LIMITED SCOPE Security

TOWARDS A SECURE IOT LANDSCAPE March 2017 DANNY DE COCK HTTP://GODOT.BE/SLIDES LIMITED SCOPE Security challenges for commonly available and used devices IoT device not different from any other IT device Communicates with its

506 views • 24 slides
Electronic Voting in Belgium: Past and Future Danny De Cock K.U.Leuven ESAT/COSIC Slides

Electronic Voting in Belgium: Past and Future Danny De Cock K.U.Leuven ESAT/COSIC Slides

Electronic Voting in Belgium: Past and Future Danny De Cock K.U.Leuven ESAT/COSIC Slides available from http://godot.be/slides 4 December 2007 eVoting in Belgium: Past and Future 1 Outline Interesting things to know Conceptual view

591 views • 22 slides
THE INTERNET OF THINGS 25 September 2015 DANNY DE COCK SENIOR RESEARCHER HTTP://GODOT.BE/SLIDES

THE INTERNET OF THINGS 25 September 2015 DANNY DE COCK SENIOR RESEARCHER HTTP://GODOT.BE/SLIDES

SECURITY CHALLENGES FOR THE INTERNET OF THINGS 25 September 2015 DANNY DE COCK SENIOR RESEARCHER HTTP://GODOT.BE/SLIDES LIMITED SCOPE Security challenges for commonly available and used devices IoT device not different from any

945 views • 19 slides
Using OSGi for Secure Service Discovery Slides available at http://godot.be/slides Antonio Kung,

Using OSGi for Secure Service Discovery Slides available at http://godot.be/slides Antonio Kung,

Using OSGi for Secure Service Discovery Slides available at http://godot.be/slides Antonio Kung, Founder/Director, Trialog Antonio Kung, Founder/Director, Trialog Danny De Cock, Researcher Applied Cryptography, K.U.Leuven Danny De Cock,

484 views • 31 slides
Multi-Domain Information Exposure using ALTO: The Good, the Bad and the Solution Danny A. Lachos

Multi-Domain Information Exposure using ALTO: The Good, the Bad and the Solution Danny A. Lachos

Multi-Domain Information Exposure using ALTO: The Good, the Bad and the Solution Danny A. Lachos * Christian E. Rothenberg* Qiao Xiang Y. Richard Yang Brje Ohlman # Sabine Randriamasy Luis M. Contreras Kai Gao &

789 views • 33 slides
Future Internet of Services Future Internet of Services 3 Perspective From a TAS 3 Perspective

Future Internet of Services Future Internet of Services 3 Perspective From a TAS 3 Perspective

Future Internet of Services Future Internet of Services 3 Perspective From a TAS 3 Perspective From a TAS Danny De Cock TAS 3 Project Coordinator Slides available from http://godot.be/slides Email: Danny.DeCock@esat.kuleuven.be Future

252 views • 12 slides
Solution approaches towards verifjed -Kernel Danny Ziesche August 25, 2017 RheinMain

Solution approaches towards verifjed -Kernel Danny Ziesche August 25, 2017 RheinMain

Solution approaches towards verifjed -Kernel Danny Ziesche August 25, 2017 RheinMain University of Applied Sciences Outline Motivation Methods Defjnitions Results Conclusions Open Questions 1 Motivation Motivation kernels should

560 views • 54 slides
Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny

Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny

Trusted Architecture for Trusted Architecture for Securely Shared Services Securely Shared Services Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny De Cock K.U.Leuven ESAT/COSIC

369 views • 17 slides
DANNY CLINCH BY HANNAH PEPLOW 1 WHY DANNY CLINCH? I didnt really know any studio

DANNY CLINCH BY HANNAH PEPLOW 1 WHY DANNY CLINCH? I didnt really know any studio

DANNY CLINCH BY HANNAH PEPLOW 1 WHY DANNY CLINCH? I didnt really know any studio photographers Trawled through various very famous people and wasnt feeling inspired A friend (and fellow Pearl Jam fan) visited from

520 views • 13 slides
WELCOME TO PHY 481 WELCOME TO PHY 481 ELECTROSTATICS ELECTROSTATICS Prof. Danny Caballero

WELCOME TO PHY 481 WELCOME TO PHY 481 ELECTROSTATICS ELECTROSTATICS Prof. Danny Caballero

WELCOME TO PHY 481 WELCOME TO PHY 481 ELECTROSTATICS ELECTROSTATICS Prof. Danny Caballero CONTACTING DANNY CONTACTING DANNY Office: 1310-A BPS Email: caballero@pa.msu.edu Cell phone: 517-420-5330 (texting is fine) CONTACTING RUXIN ZHANG

178 views • 16 slides
Real World IoT Systems Danny Hughes danny.hughes@cs.kuleuven.be

Real World IoT Systems Danny Hughes danny.hughes@cs.kuleuven.be

Real World IoT Systems Danny Hughes danny.hughes@cs.kuleuven.be iMinds-DistriNet KU Leuven Structure 1. Hardware Pla<orms 2. Network Protocols 3. OperaCng Systems

689 views • 36 slides
SP Infrastructure Security Survey & Attack Classification Danny McPherson danny@arbor.net

SP Infrastructure Security Survey & Attack Classification Danny McPherson danny@arbor.net

SP Infrastructure Security Survey & Attack Classification Danny McPherson danny@arbor.net & Ray Hunt ray.hunt@canterbury.ac.nz Apricot 2006 - Perth, Australia 1 Goals Given time constraints, focus will be given to providing

1.03k views • 86 slides
Presentation for StudyLink Universities Danny Bielik - danny@by-degrees.com by-degrees.com |

Presentation for StudyLink Universities Danny Bielik - danny@by-degrees.com by-degrees.com |

Presentation for StudyLink Universities Danny Bielik - danny@by-degrees.com by-degrees.com | Sydney +61 411 112 777 | New Delhi +91 96506 11222 Our Partners Why Mobile? 2 India Mobile Usage = A Global Leader vs. Desktop Usage

300 views • 13 slides
accuracy of Metabolic Carts Danny Rutar Danny Rutar Managing Director, Redback Biotek

accuracy of Metabolic Carts Danny Rutar Danny Rutar Managing Director, Redback Biotek

HESTA 2017 Issues affecting the accuracy of Metabolic Carts Danny Rutar Danny Rutar Managing Director, Redback Biotek Qualifications Biophysics / Instrumentation Consultant Sport Technologist Athletics Coach Background Queen

826 views • 50 slides
BGP Security Techniques Danny McPherson danny@arbor.net Kyoto, Japan APRICOT 2005 1 Agenda

BGP Security Techniques Danny McPherson danny@arbor.net Kyoto, Japan APRICOT 2005 1 Agenda

BGP Security Techniques Danny McPherson danny@arbor.net Kyoto, Japan APRICOT 2005 1 Agenda Overview & Discussion Context BGP Blackhole Routing BGP Diversion BGP Route Tagging BGP Flow Specification Analyzing

450 views • 28 slides
Lock-Free Concurrent Data Structures Danny Hendler Ben-Gurion University 1 Danny Hendler,

Lock-Free Concurrent Data Structures Danny Hendler Ben-Gurion University 1 Danny Hendler,

Lock-Free Concurrent Data Structures Danny Hendler Ben-Gurion University 1 Danny Hendler, SPTCC summer school, Saint-Petersburg, 2017 Key synchronization alternatives 1. Lock-based synchronizaGon 2. Nonblocking algorithms 3. TransacGonal

2.32k views • 182 slides
Formal Methods and Systems David Cock, ETH Zrich 18/01/16 Overview Correctness challenges

Formal Methods and Systems David Cock, ETH Zrich 18/01/16 Overview Correctness challenges

Formal Methods and Systems David Cock, ETH Zrich 18/01/16 Overview Correctness challenges in Barrelfish. System configuration using SAT. Tracing and online invariant checking. Better languages for Systems. 18 January 2016

359 views • 18 slides
AV1 Image File Format (AVIF) Cyril Concolato, Jan De Cock, Joe Drago Netflix Outline

AV1 Image File Format (AVIF) Cyril Concolato, Jan De Cock, Joe Drago Netflix Outline

AV1 Image File Format (AVIF) Cyril Concolato, Jan De Cock, Joe Drago Netflix Outline Overview of the format Compression and decoding speed evaluations Conclusions Technology stack (1) ISOBMFF Base elements ISO/IEC 14496-12

470 views • 29 slides
Capabilities in seL4 Types of Authority Resource Management Implementation Model

Capabilities in seL4 Types of Authority Resource Management Implementation Model

Capabilities in seL4 David Cock Background Microkernel Systems seL4 & Barrelfish Authorisation and Delegation Capabilities in seL4 Types of Authority Resource Management Implementation Model Representation David Cock Operations

1.41k views • 118 slides
WELCOME TO PHY 482 Office: 1310-A BPS ELECTRODYNAMICS Email: caballero@pa.msu.edu Prof. Danny

WELCOME TO PHY 482 Office: 1310-A BPS ELECTRODYNAMICS Email: caballero@pa.msu.edu Prof. Danny

CONTACTING DANNY WELCOME TO PHY 482 Office: 1310-A BPS ELECTRODYNAMICS Email: caballero@pa.msu.edu Prof. Danny Caballero Cell phone: 517-420-5330 (texting is fine) COURSE ACTIVITIES Projects: 2 of them; Mar 3 & May 1 - 20% each

158 views • 3 slides

More recommend