object security
play

Object security In web of things t pt JOHN MATTSSON GRAN SELANDER - PowerPoint PPT Presentation

Dec 22, 2022 •483 likes •579 views

44 pt Object security In web of things t pt JOHN MATTSSON GRAN SELANDER

  1. 44 pt Object security In web of things t pt JOHN MATTSSON GÖRAN SELANDER ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № GÖRAN AP ERIKSSON ERICSSON RESEARCH Ericsson | 2014-06-25 | Page 1

  2. EXECUTIVE SUMMARY 44 pt • Market potential for IoT is held back by fragmentation: • a plethora of communication technologies, focus on transport layer protocols t • lack of a common approach to enabling services pt • Web of Things brings new security and privacy challenges, trust models with many parties • Flexible security solutions and standards required: • to protect sensitive data and user privacy • to distribute policies in a secure and standardized way. ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ • cannot be solved in a satisfactory way with only transport layer security. ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № • Same privacy problems arise in the general web setting • processing and storage more and more moving into the cloud. Ericsson | 2014-06-25 | Page 2

  3. Authorization 44 pt • Fundamental question: Who has the right to access what? Drives the security and privacy requirements – defines the solution. t Client Resource Server pt PUT “1” /lock GET /lock GET /bloodpressure PUT “2.5mg” /sedative ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № • New IETF WG: Authorization in Constrained RESTful Environments (ACE) • Problem: How to support explicit and dynamic authorization in networks of constrained devices from various vendors? Ericsson | 2014-06-25 | Page 3

  4. BASE ARCHITECTURE 44 pt Authentication and Authorization (Identity/Policy/Key Management) • Sensors, Actuators (some constrained) Supporting constrained devices t pt • Clients (may be browsers) • A chain of Services (sensor and client) ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № • Servers (e.g. Sensors/Actuators Services Services Client authorization) Hosting Resources Hosting and Using Hosting and Using Using Resources Resources Resources Ericsson | 2014-06-25 | Page 4

  5. Object security 44 pt • Transport layer security is not sufficient, only supports fully trusted services. • Object security protects sensitive information and policy data e2e, enables caching of protected data t • Hop-by-hop channel security includes services. Only needed data and metadata accessible to services pt • Ensures control and security of information owners as well as end-user privacy AuthenBcaBon,'AuthorizaBon' IoT'Device' Cloud'Service' Client' (IdenBty/Policy/Key'Management)' Cache' Channel' Channel' Channel' Security' Security' Security' ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ �� ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Data'object'1'(Plaintext)' Data'object'2'(Encrypted'and/or'Integrity'Protected)' ApplicaBon'Layer' (Object'Security)' Policy'Data'(Integrity'protected)' Ericsson | 2014-06-25 | Page 5

  6. CONCLUSIONS 44 pt • Web of Things with services requires standardized flexible security solutions on the application layer • to protect sensitive data and user privacy t • to distribute policies and authorization information • Many pieces are available, some are in the making, some are missing pt • W3C should secure handling of data and policies in the Web of Things: • Developing standards and best practices for object security, including: • Multiparty protocol for secure exchange of information objects, metadata, identities of the information objects and endpoints, key management, etc. ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ • Browsers need APIs for key management, object encryption, decryption, manipulation etc. ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № • Interoperable scalable formats for policies syntax, semantics. • Management of large sets of policy information • Access control in general, privacy more specifically Ericsson | 2014-06-25 | Page 6

  7. REFERENCES 44 pt IETF Authentication and Authorization for Constrained Environments (ACE) https://datatracker.ietf.org/doc/charter-ietf-ace/ http://tools.ietf.org/html/draft-seitz-ace-usecases-00 t http://tools.ietf.org/html/draft-seitz-ace-problem-description-00 pt IETF Javascript Object Signing and Encryption (JOSE) https://datatracker.ietf.org/wg/jose/charter/ W3C Encrypted Media Extensions ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ http://www.w3.org/TR/encrypted-media/ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № W3C Subresource Integrity http://www.w3.org/TR/SRI/ Ericsson | 2014-06-25 | Page 7

  8. 44 pt t pt ΆΈΉΊΌΎΏΐΑΒΓΕΖΗΘΙΚΛΜΝΞΟΠΡΣΤΥΦΧΨΪΫΆΈΉΊΰαβγ δεζηθικλνξορςΣΤΥΦΧΨΩΪΫΌΎΏ ЁЂЃЄЅІЇЈЉЊЋЌЎЏАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩ ЪЫЬЭЮЯАБВГДЕЖЗИЙКЛМНОПРСТУФХЦЧШЩЪЫ ЬЭЮЯЁЂЃЄЅІЇЈЉЊЋЌЎЏѢѢѲѲѴѴҐҐәǽ № Ericsson | 2014-06-25 | Page 8

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Analysing Object-Capability Security Toby Murray Oxford University Computing Laboratory

Analysing Object-Capability Security Toby Murray Oxford University Computing Laboratory

Analysing Object-Capability Security 01 Analysing Object-Capability Security Toby Murray Oxford University Computing Laboratory Analysing Object-Capability Security 02 Cooperation and Vulnerability Much of the power and utility of modern

542 views • 50 slides
Object Oriented Object 3 Programming Object 1 Object 2 Object 4 For : COP 3330. Object

Object Oriented Object 3 Programming Object 1 Object 2 Object 4 For : COP 3330. Object

4/13/2017 OOP Object Oriented Object 3 Programming Object 1 Object 2 Object 4 For : COP 3330. Object oriented Programming (Using C++) ht t p: / / www. com pgeom . com / ~pi yush/ t each/ 3330 Objects: State (fields), Behavior (member

632 views • 6 slides
International and Global Security 1 Peer Discussion What is security? 2 International

International and Global Security 1 Peer Discussion What is security? 2 International

International and Global Security 1 Peer Discussion What is security? 2 International Security What is security? Freedom from threats to core values? Contestation over referent object: Individual? State? System? How is security achieved?

715 views • 11 slides
park ber Enforcing Verifiable Object Abstractions for Automated Compositional Security

park ber Enforcing Verifiable Object Abstractions for Automated Compositional Security

park ber Enforcing Verifiable Object Abstractions for Automated Compositional Security Analysis of a Hypervisor Amit Vasudevan (CyLab-CMU), Sagar Chaki (SEI-CMU), Petros Maniatis (Google Inc.), Limin Jia, Anupam Datta (ECE/CSD-CMU)

517 views • 24 slides
Finding Cryptography in Object Code Jason L. Wright Cyber Security Researcher Idaho National

Finding Cryptography in Object Code Jason L. Wright Cyber Security Researcher Idaho National

INL/CON-08-14597 Finding Cryptography in Object Code Jason L. Wright Cyber Security Researcher Idaho National Laboratory jason.wright@inl.gov Security Education Conference Toronto October 8, 2008 (SECTor08) Current Work Malware is

304 views • 16 slides
Specifying Interfaces Object Design: Chapter 9, Object Design ! Object design is the process of

Specifying Interfaces Object Design: Chapter 9, Object Design ! Object design is the process of

Object-Oriented Software Engineering Using UML, Patterns, and Java Specifying Interfaces Object Design: Chapter 9, Object Design ! Object design is the process of adding details to the requirements analysis and making implementation decisions

500 views • 28 slides
Object-Oriented Databases Object Oriented Databases ODMG Standard Object Model, Object

Object-Oriented Databases Object Oriented Databases ODMG Standard Object Model, Object

Object-Oriented Databases Object Oriented Databases ODMG Standard Object Model, Object Definition Language, Object Query Language Programming Language Bindings Outlook October 17, 2008 Michael Grossniklaus Department of

786 views • 27 slides
Resource discovery, Object Security and other news from CoAP Christian Ams uss

Resource discovery, Object Security and other news from CoAP Christian Ams uss

Resource discovery, Object Security and other news from CoAP Christian Ams uss <chrysn@fsfe.org> 2018-09-13 CoAP Constrained RESTful environments RST 3V3 RST RST 3V3 RST GND AREF GND AREF A0 BAT A0 BAT A1 A2 LongRange

474 views • 19 slides
Object-Oriented Paradigm http://cs.mst.edu The Concept Bundled together in one object

Object-Oriented Paradigm http://cs.mst.edu The Concept Bundled together in one object

Object-Oriented Paradigm http://cs.mst.edu The Concept Bundled together in one object Data Types Functionality Encapsulation State variables used to describe the object Functions dictating how the object interacts and

230 views • 18 slides
Chapter 8, Object Design: Object design is the process of adding details to the requirements

Chapter 8, Object Design: Object design is the process of adding details to the requirements

Object Design Object-Oriented Software Engineering Chapter 8, Object Design: Object design is the process of adding details to the requirements analysis and making implementation decisions Reuse and Patterns I The object designer must

301 views • 15 slides
Outline Object-orientation and databases CS 235: Object-oriented model: ODL Object

Outline Object-orientation and databases CS 235: Object-oriented model: ODL Object

Outline Object-orientation and databases CS 235: Object-oriented model: ODL Object Query Language Introduction to Databases Svetlozar Nestorov Lecture Notes #15 CS 235: Introduction to Databases 2 Object-Oriented DBMSs ODMG

550 views • 8 slides
Patented Object Level DRM, e-Commerce, Content Security and Tracking Centralized Content

Patented Object Level DRM, e-Commerce, Content Security and Tracking Centralized Content

Patented Object Level DRM, e-Commerce, Content Security and Tracking Centralized Content Infrastructure High overhead, marketing and support costs The New Content Infrastructure Decentralized, Low to No Overhead The Business Model for

373 views • 36 slides
Mul$-Object Synchroniza$on Mul$-Object Programs What happens

Mul$-Object Synchroniza$on Mul$-Object Programs What happens

Mul$-Object Synchroniza$on Mul$-Object Programs What happens when we try to synchronize across mul$ple objects in a large program? Each object

1.14k views • 47 slides
Mul$-Object Synchroniza$on Mul$-Object Programs What happens

Mul$-Object Synchroniza$on Mul$-Object Programs What happens

Mul$-Object Synchroniza$on Mul$-Object Programs What happens when we try to synchronize across mul$ple objects in a large program? Each object

607 views • 31 slides
Object Oriented Programming in C# February 13, 2008 The C# object model 1 Implementing an

Object Oriented Programming in C# February 13, 2008 The C# object model 1 Implementing an

Object Oriented Programming in C# February 13, 2008 The C# object model 1 Implementing an object oriented language 2 1/27 Goals of the C# object system. polymorphism the ability to write code which operates on many typesrealized by

439 views • 30 slides
Multi-Object Tracking Challenge CV3DST Lecture Exercises Multi-Object Tracking Multi-Object

Multi-Object Tracking Challenge CV3DST Lecture Exercises Multi-Object Tracking Multi-Object

Multi-Object Tracking Challenge CV3DST Lecture Exercises Multi-Object Tracking Multi-Object Tracking Origins SONAR, RADAR Given a raw stream of sensory data: Localize objects Estimate object identities over time

340 views • 16 slides
Data Workgroup February 7, 2019 Welcome, Meeting Purpose & Introductions Agenda SWACH

Data Workgroup February 7, 2019 Welcome, Meeting Purpose & Introductions Agenda SWACH

Data Workgroup February 7, 2019 Welcome, Meeting Purpose & Introductions Agenda SWACH updates Workgroup updates Review official pay for performance measure baseline results Update on monitoring data products 3 4 Action

825 views • 46 slides
APNA 29th Annual Conference Session 3034: October 30, 2015 Understand the process of the

APNA 29th Annual Conference Session 3034: October 30, 2015 Understand the process of the

APNA 29th Annual Conference Session 3034: October 30, 2015 Understand the process of the development of high- 1. fidelity simulation experiences for nursing students. Describe the nursing faculty role in high-fidelity 2. simulation. Joanne M.

200 views • 6 slides
Traje jectories Of f Long-term Exposure To Antic icholi linergic And Sedativ ive Drugs: A

Traje jectories Of f Long-term Exposure To Antic icholi linergic And Sedativ ive Drugs: A

Traje jectories Of f Long-term Exposure To Antic icholi linergic And Sedativ ive Drugs: A Latent Cla lass Growth Analy lysis is Hans Wouters, Sarah Hilmer, Jos Van Campen, Heleen Van der Meer, Helga Gardarsdottir, Laura Schaap, Martijn

719 views • 14 slides
Audi%ng Search Engines for Differen%al Sa%sfac%on across

Audi%ng Search Engines for Differen%al Sa%sfac%on across

Audi%ng Search Engines for Differen%al Sa%sfac%on across Demographics Rishabh Mehrotra , Ashton Anderson, Fernando Diaz, Amit Sharma , Hanna Wallach, Emine Yilmaz

677 views • 43 slides
Chirality in discrete structures Marston Conder University of Auckland Email:

Chirality in discrete structures Marston Conder University of Auckland Email:

Chirality in discrete structures Marston Conder University of Auckland Email: m.conder@auckland.ac.nz Shanghai Jiao Tong University, 25 October 2019 [Let me know if you want a copy of my slides] Where is New Zealand? What is New Zealand

495 views • 30 slides
Can we predict the onset of seizures? Behnaam Aazhang J.S. Abercrombie Professor Electrical and

Can we predict the onset of seizures? Behnaam Aazhang J.S. Abercrombie Professor Electrical and

Can we predict the onset of seizures? Behnaam Aazhang J.S. Abercrombie Professor Electrical and Computer Engineering Rice University Can we predict the onset of seizures? Lets step back with a few more fundamental questions. How can

764 views • 58 slides
Each year we have more reason to thank FACES and Dr. Devinsky. His unwavering optimism,

Each year we have more reason to thank FACES and Dr. Devinsky. His unwavering optimism,

Each year we have more reason to thank FACES and Dr. Devinsky. His unwavering optimism, intellectual rigor, deep humanity and complete dedication to his patients and their families are legendary. We are privileged to know Dr. Devinsky, his

1.3k views • 116 slides
Characterizing Network Cohesion Gonzalo Mateos Dept. of ECE and Goergen Institute for Data

Characterizing Network Cohesion Gonzalo Mateos Dept. of ECE and Goergen Institute for Data

Characterizing Network Cohesion Gonzalo Mateos Dept. of ECE and Goergen Institute for Data Science University of Rochester gmateosb@ece.rochester.edu http://www.ece.rochester.edu/~gmateosb/ February 25, 2020 Network Science Analytics

438 views • 32 slides

More recommend