Securing the Internet of Things
With new technologies come new security risks. IoT Conference speaker Paul Fremantle looks at the challenges of IoT security.
The Internet of Things and Machine to Machine are growing areas, and security and privacy are prime issues. In this video session led by WSO2 CTO Paul Fremantle and filmed at the IoT Conference in Berlin, we examine the security challenges around using M2M devices with protocols such as MQTT & CoAP.
In particular we look at encryption, federated identity and authorization models. On the topic of encryption, we examine securing MQTT with TLS, challenges with Arduino, and using hardware encryption for microcontrollers.
A key privacy requirement for user-centric IoT use cases will be giving users control over how their things collect and share data. On the Internet, protocols like OAuth 2.0, OpenID Connect & User Managed Access have been defined to enable a privacy-respecting user consent & authorization model.
We look at the issues with applying these protocols to the M2M world and review existing proposals and activity for extending the above M2M protocols to include federated identity concepts. The session includes a live demonstration of Arduino and Eclipse Paho inter-operating secured by OAuth 2.0.