This document discusses creating a secure Internet of Things (IoT) architecture. It recommends three rules for IoT security: don't be stupid, be smart, and think about what's different for IoT devices. It also notes unique challenges for IoT security like long device lifecycles and limited capabilities. The document advocates for using federated identity and access control to securely manage devices and data. It presents a reference architecture for IoT that incorporates real-time stream processing, analytics, identity management, and open source components.
IoT World - creating a secure robust IoT reference architecture
1. A reference architecture for IoT:
How to create a resilient, secure IoT cloud
Paul Fremantle
CTO, WSO2 (paul@wso2.com)
PhD researcher, Portsmouth
University
(paul.fremantle@port.ac.uk)
@pzfreo #wso2
5. My three rules for IoT security
• 1. Don’t be stupid
• 2. Be smart
• 3. Think about what’s different
6. My three rules for IoT security
• 1. Don’t be stupid
– The basics of Internet security haven’t gone away
• 2. Be smart
– Use the best practice from the Internet
• 3. Think about what’s different
– What are the unique challenges of your device?
8. So what is different about IoT?
• The longevity of the device
– Updates are harder (or impossible)
• The size of the device
– Capabilities are limited – especially around crypto
• The fact there is a device
– Usually no UI for entering userids and passwords
• The data
– Often highly personal
• The mindset
– Appliance manufacturers don’t think like security experts
– Embedded systems are often developed by grabbing existing
chips, designs, etc
9. Physical Hacks
A Practical Attack on the MIFARE Classic:
http://www.cs.ru.nl/~flaviog/publications/Attack.MIFARE.pdf
Karsten Nohl and Henryk Plotz. MIFARE, Little Security, Despite Obscurity
17. Crypto on small devices
• Practical Considerations and Implementation Experiences in Securing
Smart Object Networks
– http://tools.ietf.org/html/draft-aks-crypto-sensors-02
24. Why Federated Identity for IoT?
• Can enable a meaningful consent mechanism
for sharing of device data
• Giving a device a token to use on API calls
better than giving it a password
– Revokable
– Granular
• May be relevant for both
– Device to cloud
– Cloud to app
28. Re-active vs Realtime Pro-Active
Web Architecture
• Re-active
• 10k-100k connections
• Pull-based
• Human interactions
• Some APIs
• Creating Big Data
IoT Architecture
• Push-based
• 100k-1m connections
• No human interaction
• Autonomic
• API driven
• Creating even bigger
datasets
29. Real time stream processing
1 million events/s on 4 servers in Amazon EC2
36. Really Actually Open
• 100% Open Source (no bait and switch!)
• Heterogenous
• Polyglot
• Interoperable
• Modular and based on OSGi
• Extensible
• API-driven
https://www.flickr.com/photos/jmarty/
37. Summary
• Think about security from the start
• Build a federated and secure model of Identity
for Things
• Create Autonomic models that deliver value
that surprises and delights customers
• Use Big Data Analytics and the Lambda
Architecture to understand your customers
• Be Open!