SSG Platform Security Division & IOTG Jan Krueger Product Manager IoT Security Solutions
|
|
- Clarissa Briggs
- 6 years ago
- Views:
Transcription
1 SSG Platform Security Division & IOTG Jan Krueger Product Manager IoT Security Solutions
2 THIS SLIDE MUST BE USED WITH ANY SLIDES REMOVED FROM THIS PRESENTATION Legal Disclaimers Intel technologies features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more information go to All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps. Copyright 2017 Intel Corporation. All rights reserved. Intel, the Intel logo, Intel Inside, the Intel Inside logo, and Intel Xeon are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others. 2
3 Security Breaches - How they Happen Default Passwords Poor, Manual Device provisioning Delayed Image updates Lack of Security Designed in to HW
4 IoT Security Is Essential to Scale IoT Deployments HW Security is an IOT Priority Best practice guidelines Customer Requirement Barrier to IoT Adoption* Hackers exploiting poor device security Most Important Items for IOT Platform* RFP Isolation & added protections of HW security has recognized role Requirements to secure YOUR platforms and solutions. HW based security moving from shadows to key RFP requests Security solutions Designed-in to HW are keys to accelerating adoption and scale *35% of respondents Gartner 2016 IoT Backbone Survey 4
5 Intel Security Strategy and Solutions On-Demand Lifecycle Services accelerating IIoT / IoT Solutions Intel Secure Device Onboard - Provisioning of Device Trust and Credentials Remote Device Health Attestation Customer / Eco System Unified Application security API IOT sf requirements Authentication and Authorization Privacy Device Hardware and Physical Security Device Application Integrity and Authenticity Encryption and Key Management (Hardware) Security Usages HW & SW platform authentication; local and remote Ensure HW & SW image are in expected knowngood, non-compromised configuration Enables trusted apps to run sensitive code, data, and store credentials in HW isolated enclaves Protected memory for data at rest and in use On chip Trusted Platform Module cryptographic functions Designed-in foundation HW/SW Identity Platform Integrity Trusted Execution Crypto / Protect Storage
6 #
7 Base Platform- Security Accelerators Surface Area Protected Data/Keys Apps OS/VMM BIOS/FW Offload Crypto to Main CPU Crypto - Intel Data Protection Technology with AES-NI, SHA-NI, SHA256, RDRAND, RDSEED, ECC. vpro=fips L1 Crypto Block. FPGA-Security Assist Intel SoC FPGA Crypto Accelerators Maximize CPU performance with crypto offload. Extend the life of MCUs that may risk running out of performance as security needs change. Intel SoC FPGAs allow security protocols to move from software to custom hardware even after deployment-extending product lifetime. Intel Stratix 10 Secure Device Manager - Fully configurable & authenticated boot, configuration schemes, secure key mgt/storage, and tamper resistance to create an isolated co-processor Security Performance Min Max 10
8 OS Hardening-Memory, Virtualization Surface Area Protected Data/Keys Apps OS/VMM BIOS/FW Malware Protection- Intel Platform Protection Technology with OS Guard (privilege-escalation attacks), SMEP, SMAP Virtualization & VM Isolation - Intel VTx (CPU), Intel VTd (I/O), VmFunc (Hypervisor) 8
9 Base Platform Identity- Intel Enhanced Privacy ID Surface Area Protected Data/Keys Apps OS/VMM BIOS/FW TCG/ISO standard with open source SDK Remotely attests device HW ID as part of valid group without revealing identity Removes Intel from directly authenticating the device during the provisioning process Unique, In-demand, Proven billion keys distributed with IA & non-ia platforms. Simplifies key management & distribution Prevents Attack Mapping - Protects device data vs PKI that reveals data to hack device Intel EPID 1-to-many key match, unique signature every time, ANONYMOUS EPID vs. PKI Traditional PKI 1-to-1 key match, standard signature every time Enables zero touch device provisioning with onboarding services Pvt-Key 1 Pvt-Key 2 Pvt-Key X Pvt-Key Immutable hardware root of trust for IoT networks to Identify devices & secure their communications 9
10 Protected Boot Solutions for Platform Integrity Ecosystem Firmware - Partner & TianoCore.org UEFI open source implementations Surface Area Protected Data/Keys SW Stack Apps OS/VMM BIOS/FW Intel Platform Protection Technology with Boot Guard Cryptographically verifies first portion of OEM bios code executing out of reset. Intel Platform Protection Technology with BIOS Guard-protection against BIOS recovery attacks. Ecosystem Values - OEMs & ISV s like as Boot Guard adds robustness to chain of trust process where UEFI boot process cryptographically verifies and/or measures each software module before executing it. Enabling - Requires BIOS enabling and OEM support in signing of the policy manifests, hashing of BIOS boot block module, programming the hash of OEM public key and boot policies in field programmable fuses. Supports both TPM families TPM 1.2 and TPM2.0 and also PTT as part of measured boot Reset Boot Guard Component and Sequence Scope of Coreboot Boot Guard Scope Boot Guard Initial Boot Block IBB Payload: Coreboot UEFI uboot OS Loader OS direct Platform Trust Technology, firmware Trusted Platform Module (TPM) 2.0
11 Transitive Trust Chain Firmware TPM - Intel Platform Trust Technology Surface Area Protected Data/Keys Intel Platform Trust Technology (Intel PTT)- HW TPM 2.0 implementation integrated in Intel ME/CSME/TXE security engines for credential storage and key management. Device Stack Applications Apps OS/VMM BIOS/FW Secure trust element to meet requirements for TPM 2.0 Measured Boot for remote attestation Systems boot block is measured by HW/FW and successfully attests if unaltered No protection for applications Trusted Code Operating System Kernel Boot Loader Hardware RoT CPU & Boot Sequence Fuses/ ROM Key Intel PTT Trusted Storage for Measurements Measured Boot to TPM Flow 12
12 Trusted Execution Environment Protected App Enclave Surface Area Protected Data/Keys Apps OS/VMM BIOS/FW Intel Software Guard Extensions (Intel SGX) memory-architecture extension designed to protect select code or data from disclosure or modification. Enables trusted in-app enclaves, which are protected areas of execution in memory. Intel Dynamic Application Loader - Intel signed & verified 3rd party java applets run in separate VM sand box within ME/Intel TXE security co-processor. Trusted apps given controlled access to security resources and services. Apollo Lake specific. TEE CO DE DA TA SNOOP SGX=on over 70 Ecosystem Platforms, Major CSP Blockchain Announcements-Azure, Alibaba, Fortranix 9
13 E-to-e Edge to cloud IOT Security Channel software Solutions #
14 Wind River Helix* Device Cloud Device Management Connect, Operate, Protect Security Specific Capabilities Rest API Secure Signed Update - OTA/FOTA integrity checked software or kernel update over encrypted channel. Reconfigure anything to respond to vulnerabilities Management Console Customer s IOT Platform & Apps Security Monitoring - alerts, secure logs, & ability to remotely decommission device Management Server - DDOS, anti spoofing, script & forgery protection Secure Update Package Deploy Decommission Full Device Monitor Device OS Device Cloud Agent Lifecycle Update Service Manage 14
15 On-demand Platform Trust Services
16 Intel Secure Device Onboard Automation - Takes seconds at power on Security - Unique HW protected onboarding w/privacy Dynamic Provisioning to customer s IoT platform of choice Scale - 1-to-many enablement for device makers INTEL SECURE DEVICEONBOARD Hardware Security Device Zero-touch IoT Platform Provider Intel Ecosystem Secure wants Device automated Onboard drives SIM scalability like approach to move that POCs ties identity to production. to platform Increases initiated devices activation. in use. No-one is solving. 16
17 Enabling Tools Supply Chain - traceability signing tool Silicon Providers EPID SDK Device Intel EPID SDK TEE Onboard Client Mgr Agent Initial Device Identification (EPID Attestation) 2 Intel Secure Device Onboard Take Ownership 4 ONBOARD ATTEST SDO Service Identification 3 1 IoT Platform Service Provider Platform Registration Service Onboard API Device Mgt Service Supplier Ownership Proxy New Owner CSP/ISV Toolkit - integrate onboard API into their IoT Platform OEM Credential Toolkit - board and gateways - integrate client software into their platfrom Device securely on-boarded under Normal Platform Control 17
18 #
19 Secure IoT Smart Camera Mitigated Attacks 2 Default Credential Leave device vulnerable to cyberattacks. In ,011 security cameras were secured only by default credentials (i.e User: admin, Password: admin) 6 Missed FW/SW Update Not updated or older FW leaves device vulnerable to known exploits. 5 Camera plugin Weak P2P (Cloud) Link Weakness may grant remote hacker access to the local network from any remote location Web App CGI process P2P (Cloud) Agent Services (telnet, httpd, sshd, etc) SOC Linux Kernel Bootloader emmc/ SDXC SRAM COMMS 3 7 Insecure data-in-transit Sending unencrypted video 3 streams in the clear increases data privacy risks App Services Kernel FW HW Intel Boot Guard Enforced secure boot allowing only signed & untampered firmware to run Intel secure device onboard Provides service that uses HW key to secure the rendezvous of device to its owner Intel AES-NI Enable AES computation without compromising performance Intel Platform Trust Technology ftpm enables cryptographic keys to be securely stored in tampered-resistant keys vault Intel Enhanced Privacy ID Utilize unique HW based key for secure channel establishment 1? Unsigned firmware Allows hacker to easily break the integrity of the boot firmware and OS image. Hacker infiltrates the system by subverting execution flow. 4 7 Insecure key storage Leaves the cryptographic keys used to protect platform and owner secrets easily recovered by hacker Network Video Recorder 6 7 Wind River Helix device cloud Automate FW/SW over-the-air update & full device lifecycle management Intel Security Essentials API Abstracted, simplified HW security development </>
20 #
21 #
22 Internet of Things Group Intel Confidential
23 IoT Security Ecosystem HWROT Silicon Providers Equipment Providers IoT Platforms & Solution Providers Intel EPID Intel SDO Devices Intel SDO Platforms FPGA Crypto Providers Telit - HDC Oracle - HDC Device Cloud Partners
24 Portfolio Solutions to Secure Entire Device Lifecycle Manufacture FAB/OEM/ODM Configure OEM/ODM Onboard Installer Provision System Integrator Operate IT & OT Decommission Admin/End User Develop, Attest, Onboard Operational Security Management </> ONBOA RD Root of Trust Technologies Intel Security Essentials core security capabilities/ technologies Ecosystem Enabling Tools Intel Security Essentials API Intel Platform Protection Technology TianoCore UEFI Firmware Coreboot and FSP Intel EPID Identity SDK ATTE Platform Trust Services ST Intel Secure Device Onboard Services Gateway/Fog Edge Security Enhanced Security for Gateways Device Management Wind River* Helix* Device Cloud IA-enabled IoT Security ISVs 5
25 Intel SGX Ecosystem Identity/Security Cloud Solution Providers IoT Platforms & Solution Providers Blockchain Payments Telit - HDC Oracle - HDC
Amanda Lowe Director Product Marketing WindRiver, an Intel Company
October 26, 2017 Guy AlLee IoT Security Product Manager SSG Platform Security Division Amanda Lowe Director Product Marketing WindRiver, an Intel Company ONBOARD ATTEST How long does it take to securely
More informationWindows IoT Security. Jackie Chang Sr. Program Manager
Windows IoT Security Jackie Chang Sr. Program Manager Rest Physical access to a device will not give access to data Data & Control Execution Data owner has full control over data processing Motion Transport
More informationUSING DEVICE LIFECYCLE MANAGEMENT TO FUTURE PROOF YOUR IOT DEPLOYMENT
USING DEVICE LIFECYCLE MANAGEMENT TO FUTURE PROOF YOUR IOT DEPLOYMENT Tom Gibbings Market Development Manager 2017 WIND RIVER. ALL RIGHTS RESERVED. IOT IS CHANGING HOW WE LIVE AND WORK 2 2017 WIND RIVER.
More informationProvisioning secure Identity for Microcontroller based IoT Devices
Provisioning secure Identity for Microcontroller based IoT Devices Mark Schaeffer, Sr. Product Marketing Manager, Security Solutions Synergy IoT Platform Business Division, Renesas Electronics, Inc. May
More informationKey Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge
Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer
More informationCybersecurity with Automated Certificate and Password Management for Surveillance
Cybersecurity with Automated Certificate and Password Management for Surveillance October 2017 ABSTRACT This reference architecture guide describes the reference architecture of a validated solution to
More informationTrustzone Security IP for IoT
Trustzone Security IP for IoT Udi Maor CryptoCell-7xx product manager Systems & Software Group ARM Tech Forum Singapore July 12 th 2017 Why is getting security right for IoT so important? When our everyday
More informationSecuring IoT with the ARM mbed ecosystem
Securing IoT with the ARM mbed ecosystem Xiao Sun / Senior Applications Engineer / ARM ARM mbed Connect / Shenzhen, China December 5, 2016 Lots of interest in IoT security Researchers are looking into
More informationNew Approaches to Connected Device Security
New Approaches to Connected Device Security Erik Jacobson Architecture Marketing Director Arm Arm Techcon 2017 - If you connect it to the Internet, someone will try to hack it. - If what you put on the
More informationA Developer's Guide to Security on Cortex-M based MCUs
A Developer's Guide to Security on Cortex-M based MCUs 2018 Arm Limited Nazir S Arm Tech Symposia India Agenda Why do we need security? Types of attacks and security assessments Introduction to TrustZone
More informationBeyond TrustZone PSA Reed Hinkel Senior Manager Embedded Security Market Development
Beyond TrustZone PSA Reed Hinkel Senior Manager Embedded Security Market Development Part1 - PSA Tech Seminars 2017 Agenda Platform Security Architecture Architecture overview Trusted Firmware-M IoT Threat
More informationDelivering High-mix, High-volume Secure Manufacturing in the Distribution Channel
Delivering High-mix, High-volume Secure Manufacturing in the Distribution Channel Steve Pancoast Vice President, Engineering Secure Thingz Inc Rajeev Gulati Vice President and CTO Data IO Corporation 1
More informationIntel s Architecture for NFV
Intel s Architecture for NFV Evolution from specialized technology to mainstream programming Net Futures 2015 Network applications Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION
More informationThe Road to a Secure, Compliant Cloud
The Road to a Secure, Compliant Cloud The Road to a Secure, Compliant Cloud Build a trusted infrastructure with a solution stack from Intel, IBM Cloud SoftLayer,* VMware,* and HyTrust Technology innovation
More informationUsing the tpm with iot
Using the tpm with iot David Grawrock Security Architect, Senior Principle Engineer Agenda History Lesson What Does IoT Need How Does The Fulfill Needs Usage IoT Security 2 History Worked on the from 1999
More informationSecurity of Embedded Systems
Security of Embedded Systems Matthias Schunter, Intel Labs, Ahmad Sadeghi, TU Darmstadt + Teams (F. Brasser, L. Davi, P. Koeberl, S. Schulz, et. al.) 1 2015 Intel Corporation What is an Embedded System?
More informationBeyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop
Beyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop Part2 Security Enclaves Tech Seminars 2017 Agenda New security technology for IoT Security Enclaves CryptoIsland
More informationConnecting Securely to the Cloud
Connecting Securely to the Cloud Security Primer Presented by Enrico Gregoratto Andrew Marsh Agenda 2 Presentation Speaker Trusting The Connection Transport Layer Security Connecting to the Cloud Enrico
More informationCIS 4360 Secure Computer Systems SGX
CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure
More informationSecurity: The Key to Affordable Unmanned Aircraft Systems
AN INTEL COMPANY Security: The Key to Affordable Unmanned Aircraft Systems By Alex Wilson, Director of Business Development, Aerospace and Defense WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY
More informationIntel Security Dev API 1.0 Production Release
1.0 Production Release Release Notes 24 August 2017 Version History/Revision History Date Revision Description August 2017 1.0 Limited Production Release March 2017 0.61 Limited External Distribution Intended
More informationBig and Bright - Security
Big and Bright - Security Big and Bright Security Embedded Tech Trends 2018 Does this mean: Everything is Big and Bright our security is 100% effective? or There are Big security concerns but Bright solutions?
More informationMohan J. Kumar Intel Fellow Intel Corporation
OCP Initiatives and Intel Implementations Mohan J. Kumar Intel Fellow Intel Corporation Agenda Open Firmware Firmware at Scale Platform Attestation Summary Open Firmware UEFI-based Open Firmware (for Intel-based
More informationStrong Security Elements for IoT Manufacturing
Strong Security Elements for IoT Manufacturing LANCEN LACHANCE VICE PRESIDENT PRODUCT MANAGEMENT GLOBALSIGN WHAT YOU WILL LEARN TODAY 1 2 3 Examining of security risks with smart connected products Implementing
More informationHow to protect Automotive systems with ARM Security Architecture
How to protect Automotive systems with ARM Security Architecture Thanks to this app You can manoeuvre The new Forpel Using your smartphone! Too bad it s Not my car Successful products will be attacked
More informationMASP Chapter on Safety and Security
MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio
More informationTrusted Platform Modules Automotive applications and differentiation from HSM
Trusted Platform Modules Automotive applications and differentiation from HSM Cyber Security Symposium 2017, Stuttgart Martin Brunner, Infineon Technologies Axiom: Whatever is connected can (and will)
More informationThe Open Application Platform for Secure Elements.
The Open Application Platform for Secure Elements. Java Card enables secure elements, such as smart cards and other tamper-resistant security chips, to host applications, called applets, which employ Java
More informationARM Security Solutions and Numonyx Authenticated Flash
ARM Security Solutions and Numonyx Authenticated Flash How to integrate Numonyx Authenticated Flash with ARM TrustZone* for maximum system protection Introduction Through a combination of integrated hardware
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including steep financial losses, damage
More informationIntel Software Guard Extensions
Intel Software Guard Extensions Dr. Matthias Hahn, Intel Deutschland GmbH July 12 th 2017 cryptovision Mindshare, Gelsenkirchen Intel SGX Making Headlines Premium Content requiring Intel SGX on PC Intel
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including
More informationMassively Parallel Hardware Security Platform
Massively Parallel Hardware Security Platform Dan Cvrček, Enigma Bridge, UK dan@enigmabridge.com Petr Švenda, CRoCS, Masaryk University, CZ svenda@fi.muni.cz Overview 1. Cryptography as a Service 2. Usage
More informationEDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE PUBLIC
EDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE 6 2018 PUBLIC PUBLIC 2 Key concerns with IoT.. PUBLIC 3 Why Edge Computing? CLOUD Too far away Expensive connectivity
More informationDate: 13 June Location: Sophia Antipolis. Integrating the SIM. Dr. Adrian Escott. Qualcomm Technologies, Inc.
Date: 13 June 2018 @qualcomm Location: Sophia Antipolis Integrating the SIM Dr. Adrian Escott Qualcomm Technologies, Inc. Agenda 1 2 3 4 5 6 Path to isim isim Size benefit Hardware Architecture Certification
More informationIntel, OpenStack, & Trust in the Open Cloud. Intel Introduction
Intel, OpenStack, & Trust in the Open Cloud Intel Introduction 1 Intel enables OpenStack Cloud Deployments 2 Intel Contributions to OpenStack Telemetry (Ceilometer) Object Store (Swift) Erasure Code Metrics
More informationResilient IoT Security: The end of flat security models
Resilient IoT Security: The end of flat security models Xiao Sun Senior Application Engineer ARM Tech Symposia China 2015 November 2015 Evolution from M2M to IoT M2M Silos of Things Standards Security
More informationTerra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have
More informationThe Future of Security is in Open Silicon Linux Security Summit 2018
The Future of Security is in Open Silicon Linux Security Summit 2018 Joel Wittenauer - Embedded Software Architect Rambus Cryptography Research August 28, 2018 Agenda About Rambus Cryptography Research
More informationProject Cerberus Hardware Security
Project Cerberus Hardware Security Bryan Kelly / Principal Firmware Eng Manager Microsoft Azure Cloud Hardware Infrastructure Yigal Edery / Principal Program Manager Microsoft Azure Security Talk Outline
More informationIoT Market: Three Classes of Devices
IoT Market: Three Classes of Devices Typical Silicon BOM PC-Like Embedded Devices ~100 million units ATM, Retail Point of Service Intel Core $100+ Smart Things ~800 million units PLC, Edge Gateway, Thermostat
More informationLecture 3 MOBILE PLATFORM SECURITY
Lecture 3 MOBILE PLATFORM SECURITY You will be learning: What techniques are used in mobile software platform security? What techniques are used in mobile hardware platform security? Is there a common
More informationTrusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague
Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July 2017 -- IETF 99 th, Prague 2 What do we mean by security? Communication Security Aims
More informationSecuring Devices in the Internet of Things
AN INTEL COMPANY Securing Devices in the Internet of Things WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe
More informationWindows 10 IoT Core Azure Connectivity and Security
Windows 10 IoT Core Azure Connectivity and Security Published July 27, 2016 Version 1.0 Table of Contents Introduction... 2 Device identities... 2 Building security into the platform... 3 Security as a
More informationPartner Center: Secure application model
Partner Center: Secure application model The information provided in this document is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including
More informationDesigning Security & Trust into Connected Devices
Designing Security & Trust into Connected Devices Eric Wang Sr. Technical Marketing Manager Tech Symposia China 2015 November 2015 Agenda Introduction Security Foundations on ARM Cortex -M Security Foundations
More informationBuilding Trust in the Internet of Things
AN INTEL COMPANY Building Trust in the Internet of Things Developing an End-to-End Security Strategy for IoT Applications WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Recent security breaches
More informationIntel and Symantec: Improving performance, security, manageability and data protection
Intel and Symantec: Improving performance, security, manageability and data protection Terry Cutler Enterprise Solution Architect Omid Meshkin Strategic Business Development 1 Session Objectives By the
More informationHow Secure is your Server?
How Secure is your Server? Key Things To Consider For Building A Safe, Robust IT Infrastructure Mukund Khatri Sr. Distinguished Engineer / VP Server & Infrastructure Solutions Rick Hall Sr. Product Planning
More informationBeyond TrustZone PSA. Rob Coombs Security Director. Part1 - PSA Tech Seminars Arm Limited
Beyond TrustZone PSA Rob Coombs Security Director Part1 - PSA Tech Seminars 2017 Agenda Platform Security Architecture Architecture overview Trusted Firmware-M IoT Threat models & security analyses Summary
More informationIoT Edge within the IoT Framework
IoT Edge within the IoT Framework Axel Dittmann Diplom-Betriebswirt (FH) Diplom-Wirtschaftsinformatiker (FH) Global Technical Solution Specialist IOT CISSP, MCP Twitter: @DittmannAxel Waves of Innovation
More informationAn Introduction to Platform Security
presented by An Introduction to Platform Security Spring 2018 UEFI Seminar and Plugfest March 26-30, 2018 Presented by Brent Holtsclaw and John Loucaides (Intel) Legal Notice No computer system can be
More informationGSE/Belux Enterprise Systems Security Meeting
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 1 In the news Microsoft Exposes Scope of Botnet Threat By Tony Bradley, October 15, 2010 Microsoft's
More informationAgenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2
GRC3386BUS GDPR Readiness with IBM Cloud Secure Virtualization Raghu Yeluri, Intel Corporation Shantu Roy, IBM Bill Hackenberger, Hytrust #VMworld #GRC3386BUS Agenda GDPR Overview & Requirements IBM Secure
More informationDesigning Security & Trust into Connected Devices
Designing Security & Trust into Connected Devices Rob Coombs Security Marketing Director TechCon 11/10/15 Agenda Introduction Security Foundations on Cortex-M Security Foundations on Cortex-A Use cases
More informationMobile Platform Security Architectures A perspective on their evolution
Mobile Platform Security Architectures A perspective on their evolution N. Asokan CARDIS 2012 Graz, Austria November 29, 2012 1 NA, KKo, JEE, Nokia Resarch Center 2011-2012 Introduction Recent interest
More informationA Peek at the Future Intel s Technology Roadmap. Jesse Treger Datacenter Strategic Planning October/November 2012
A Peek at the Future Intel s Technology Roadmap Jesse Treger Datacenter Strategic Planning October/November 2012 Intel's Vision This decade we will create and extend computing technology to connect and
More informationAMD Security and Server innovation
presented by AMD Security and Server innovation UEFI PlugFest March 18-22, 2013 Roger Lai AMD TATS BIOS Development Group Updated 2011-06-01 UEFI Spring PlugFest March 2013 www.uefi.org 1 Agenda Exciting
More informationTERRA. Boneh. A virtual machine-based platform for trusted computing. Presented by: David Rager November 10, 2004
TERRA Authored by: Garfinkel,, Pfaff, Chow, Rosenblum,, and Boneh A virtual machine-based platform for trusted computing Presented by: David Rager November 10, 2004 Why there exists a need Commodity OS
More informationReal-Time Systems and Intel take industrial embedded systems to the next level
Solution brief Industrial IoT (IIoT) Embedded Software and Systems Real-Time Systems and Intel take industrial embedded systems to the next level Innovative hypervisor and partitioning software increases
More informationTrusted Computing and O/S Security
Computer Security Spring 2008 Trusted Computing and O/S Security Aggelos Kiayias University of Connecticut O/S Security Fundamental concept for O/S Security: separation. hardware kernel system user Each
More informationIntroduction to Device Trust Architecture
Introduction to Device Trust Architecture July 2018 www.globalplatform.org 2018 GlobalPlatform, Inc. THE TECHNOLOGY The Device Trust Architecture is a security framework which shows how GlobalPlatform
More informationTrusted Platform Module explained
Bosch Security Systems Video Systems Trusted Platform Module explained What it is, what it does and what its benefits are 3 August 2016 2 Bosch Security Systems Video Systems Table of contents Table of
More informationSmart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability
Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability Communications and Embedded Systems Department Southwest Research Institute Gary Ragsdale, Ph.D., P.E. August 24 25,
More informationRISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas
RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS
More informationTRUSTED COMPUTING TECHNOLOGIES
TRUSTED COMPUTING TECHNOLOGIES TEE = Trusted Execution Environment Mandatory reading Innovative Instructions and Software Model for Isolated Execution, Frank McKeen, Ilya Alexandrovich, Alex Berenzon,
More informationNFV Platform Service Assurance Intel Infrastructure Management Technologies
NFV Platform Service Assurance Intel Infrastructure Management Technologies Meeting the service assurance challenge to nfv (Part 1) Virtualizing and Automating the Network NFV Changes the Game for Service
More informationDesigning Security & Trust into Connected Devices
Designing Security & Trust into Connected Devices Eric Wang Senior Technical Marketing Manager Shenzhen / ARM Tech Forum / The Ritz-Carlton June 14, 2016 Agenda Introduction Security Foundations on Cortex-A
More informationFast-track Hybrid IT Transformation with Intel Data Center Blocks for Cloud
Fast-track Hybrid IT Transformation with Intel Data Center Blocks for Cloud Kyle Corrigan, Cloud Product Line Manager, Intel Server Products Group Wagner Diaz, Product Marketing Engineer, Intel Data Center
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationHow I Learned to Stop Worrying and Love the Internet of Things
SESSION ID: SSC-W07 How I Learned to Stop Worrying and Love the Internet of Things Steven Sprague CEO Rivetz Corp @skswave The Big Shift Known Networks Ports Firewalls Packets SSL Known Devices Identity
More informationOut-of-band (OOB) Management of Storage Software through Baseboard Management Controller Piotr Wysocki, Kapil Karkra Intel
Out-of-band (OOB) Management of Storage Software through Baseboard Management Controller Piotr Wysocki, Kapil Karkra Intel 2018 Storage Developer Conference. Intel Corporation. All Rights Reserved. 1 Notices
More informationTechnical Brief Distributed Trusted Computing
Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,
More informationIntel Clear Containers. Amy Leeland Program Manager Clear Linux, Clear Containers And Ciao
Intel Clear Containers Amy Leeland Program Manager Clear Linux, Clear Containers And Ciao Containers are... Speedy Fast create, update and uninstall cycle. Request and provision in (milli)seconds Manageable
More informationTPM v.s. Embedded Board. James Y
TPM v.s. Embedded Board James Y What Is A Trusted Platform Module? (TPM 1.2) TPM 1.2 on the Enano-8523 that: How Safe is your INFORMATION? Protects secrets from attackers Performs cryptographic functions
More informationMitigating Security Breaches in Retail Applications WHITE PAPER
Mitigating Security Breaches in Retail Applications WHITE PAPER Executive Summary Retail security breaches have always been a concern in the past, present and will continue to be in the future. They have
More informationSecuring IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region
Securing IoT devices with STM32 & STSAFE Products family Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region 2 The leading provider of products and solutions for Smart Driving and
More informationDICE: Foundational Trust for IoT
DICE: Foundational Trust for IoT Dennis Mattoon, Microsoft Santa Clara, CA 1 Introduction Modern cyber-attacks are often sophisticated and relentless in their continual efforts to seek out vulnerabilities
More informationSealing and Attestation in Intel Software Guard Extensions (SGX)
Sealing and Attestation in Intel Software Guard Extensions (SGX) Rebekah Leslie-Hurd Intel Corporation January 8 th, 2016 2016 Intel Corporation. All rights reserved. A Typical Computing Platform Application
More informationDigital Trust Ecosystem
Digital Trust Ecosystem IoT Risks and Solutions Chris Edwards CTO - Intercede What s the Problem? Billions of devices Millions of services Mixed closed / open trust networks Devices transferring between
More informationCIS 4360 Secure Computer Systems Secured System Boot
CIS 4360 Secure Computer Systems Secured System Boot Professor Qiang Zeng Spring 2017 Previous Class Attacks against System Boot Bootkit Evil Maid Attack Bios-kit Attacks against RAM DMA Attack Cold Boot
More informationProtecting Keys/Secrets in Network Automation Solutions. Dhananjay Pavgi, Tech Mahindra Ltd Srinivasa Addepalli, Intel
Protecting Keys/Secrets in Network Automation Solutions Dhananjay Pavgi, Tech Mahindra Ltd Srinivasa Addepalli, Intel Agenda Introduction Private Key Security Secret Management Tamper Detection Summary
More informationAzure Sphere Transformation. Patrick Ward, Principal Solutions Specialist
Azure Sphere Transformation Patrick Ward, Principal Solutions Specialist IoT @_pdubya pward@microsoft.com Microcontrollers (MCUs) LOW-COST, SINGLE CHIP COMPUTERS TMS1100: 300 KHz core, 2KB ROM, 64B RAM,
More informationSecurity of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices
Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices Dr. Johann Heyszl, Head of Hardware Security Department Fraunhofer-Institute for Applied and Integrated Security
More informationThe Next Steps in the Evolution of Embedded Processors
The Next Steps in the Evolution of Embedded Processors Terry Kim Staff FAE, ARM Korea ARM Tech Forum Singapore July 12 th 2017 Cortex-M Processors Serving Connected Applications Energy grid Automotive
More informationA Comparison Study of Intel SGX and AMD Memory Encryption Technology
A Comparison Study of Intel SGX and AMD Memory Encryption Technology Saeid Mofrad, Fengwei Zhang Shiyong Lu Wayne State University {saeid.mofrad, Fengwei, Shiyong}@wayne.edu Weidong Shi (Larry) University
More information#RSAC #RSAC Thing Thing Thing Thing Thing Thing Edge Edge Gateway Gateway Cut costs Create value Find information in data then act Maintain Things Enrol Authorized Users & Things Authentication
More informationIntel Analysis of Speculative Execution Side Channels
Intel Analysis of Speculative Execution Side Channels White Paper Revision 1.0 January 2018 Document Number: 336983-001 Intel technologies features and benefits depend on system configuration and may require
More informationPrivilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer
Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing
More informationBuilding a Better Mousetrap:
Building a Better Mousetrap: Deploying and Managing IoT Solutions for ITPros Anthony Bartolo Sr. Cloud Advocate Microsoft #ITDEVCONNECTIONS ITDEVCONNECTIONS.COM Engage customers Optimize operations p Connected
More informationIntel Software Guard Extensions Platform Software for Windows* OS Release Notes
Intel Software Guard Extensions Platform Software for Windows* OS Release Notes Installation Guide and Release Notes November 3, 2016 Revision: 1.7 Gold Contents: Introduction What's New System Requirements
More informationDemonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin
Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions Topic Prerequisites Security concepts Security-related concepts (e.g., entropy) Virtualization
More informationSecuring Edge Devices
Securing Edge Devices Derrick Lavado Sr. Manager, OSBU What we will cover.. Cybersecurity Risks in a Software Defined World Wind River Security Overview Introduction to Pulsar Linux 2 Our software has
More informationDeploying Secure Boot: Key Creation and Management
presented by Deploying Secure Boot: Key Creation and Management UEFI Summer Summit July 16-20, 2012 Presented by Arie van der Hoeven (Microsoft Corporation) Updated 2011-06-01 1 Agenda Introduction Secure
More information9 GENERATION INTEL CORE DESKTOP PROCESSORS
PRODUCT BRIEF 9 GENERATION INTEL CORE DESKTOP PROCESSORS TH The Most Powerful Generation of Intel Core Processors Introducing the NEW 9th Gen Intel Core desktop processors - the most powerful generation
More informationBlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module
BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE Cryptographic Appliances with Integrated Level 3+ Hardware Security Module The BlackVault hardware security platform keeps cryptographic material
More informationARM mbed Towards Secure, Scalable, Efficient IoT of Scale
ARM mbed Towards Secure, Scalable, Efficient IoT of Scale Kirsi Maansaari Product Manager, ARM Copenhagen/Embedded Everywhere 2016 Faster route to secure IoT from chip to cloud Announced at ARM TechCon
More informationCisco Secure Boot and Trust Anchor Module Differentiation
Solution Overview Cisco Secure Boot and Trust Anchor Module Differentiation Cisco Trust Anchor Technologies provide the foundation for Cisco Trustworthy Systems. Cisco Secure Boot helps ensure that the
More information2013 Cisco and/or its affiliates. All rights reserved. 1
2013 Cisco and/or its affiliates. All rights reserved. 1 Building the Internet of Things Jim Green - CTO, Data & Analytics Business Group, Cisco Systems Brian McCarson Sr. Principal Engineer & Sr. System
More information