Challenges in Open Source Software IoT Platforms

Similar documents
onem2m ADAPTED FOR SMART CITIES ETSI IOT M2M WORKSHOP 2016 NOV 15 TH 2016

1. Publishable Summary

Evolving IoT with Smart Objects

Helping you to be GDPR compliant

Big Data Why and Where Big Data will Matter

IoT CoAP Plugtests & Workshop November 27 th 2012

Cybersecurity ecosystem and TDL Antonio F. Skarmeta

Security and Privacy in the Internet of Things : Antonio F. Skarmeta

Effective Waste Collection with Shortest Path Semi-Static and Dynamic Routing

European Union Agency for Network and Information Security

Semantic Technologies for the Internet of Things: Challenges and Opportunities

Upcoming EC Systems Research Perspectives

Open source onem2m Platforms

D2.3 Virtualization Architecture and Technical Specifications

IOT FLAGSHIP PROJECT. Dr. Mario Drobics, AIT

All rights reserved. ITS at ETSI. Presented by Luis Jorge Romero on behalf of ETSI TC ITS

The onem2m standard Horizontal Service Layer

CSE-E4675 Systems of Systems Lecture 5

Safe, distributed computation for reluctant data sharers: At home in the Microsoft Azure cloud

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Supports for Identity Management in Ambient Environments The HYDRA Approach

Open Grid Forum. OGF s Role in the Community

EC Perspective on Connectivity and Smart Mobility and the Role of "Digital Co-production/Co-creation" in Transportation

Semainaire Objects connectés industriels, M2M, réseaux June 12th, 2014 IoT et Smart Cities: comment passer à l échelle

Erkuden Rios MARCH 2017, EXCEL LONDON

WORK PROGRAMME

Dr. Eng. Antonio Mauro, PhD October 20th 2011

SRA A Strategic Research Agenda for Future Network Technologies

Digital solutions for water: linking the physical and digital world

Project Presentation v2

Data Protection and GDPR

Web of Things: W3C Vision & Roadmap on IoT Standardizations

* Inter-Cloud Research: Vision

An Overview of Smart Sustainable Cities and the Role of Information and Communication Technologies (ICTs)

Timing in Cyber Physical Systems. Marc Weiss, Ph.D. NIST, Time and Frequency Division WSTS 2015

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

IRMOS Newsletter. Issue N 5 / January Editorial. In this issue... Dear Reader, Editorial p.1

Novel System Architectures for Semantic Based Sensor Networks Integraion

Internet of Things: The story so far

Cloud Based IoT Application Provisioning (The Case of Wireless Sensor Applications)

Dynamic Semantics for the Internet of Things. Payam Barnaghi Institute for Communication Systems (ICS) University of Surrey Guildford, United Kingdom

H2020 WP Cybersecurity PPP topics

Project Data. Proposed duration: 30 months Requested total funding: 2.87 MEUR Strategic objective addressed: IST : Software and Services

Deliverable D3.5 Harmonised e-authentication architecture in collaboration with STORK platform (M40) ATTPS. Achieving The Trust Paradigm Shift

Khartoum, Sudan Dec 2017

Enhancing resilience of communities and territories through smart technologies. A SunShine perspective

How can the Future Internet

SMART AND EFFICIENT ENERGY 5G PPP Phase 3 Topics ICT & ICT

Data Management and Security in the GDPR Era

Open mustard seed. Patrick Deegan, Ph.D. ID3

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Singapore s National Digital Identity (NDI):

ASD CERTIFICATION REPORT

Azure Active Directory B2C. Daniel Dickinson Enterprise Mobility Specialist

H2020-LEIT-ICT WP European Data Infrastructure ICT-13 Supporting the emergence of data markets and the data economy

Strong Customer Authentication and common and secure communication under PSD2. PSD2 in a nutshell

Enhancing Critical Infrastructure Protection with innovative SECurity framework

INTERNET OF THINGS FOR SMART CITIES BY ZANELLA ET AL.

National Institute of Standards and Technology

CS-AWARE. The role of Roma Capitale

CloudHealth. AWS and Azure On-Boarding

[NEC Group Internal Use Only] IoT Security. - Challenges & Standardization status. Sivabalan Arumugam.

Policy and Organizational Challenges for Vehicular Communications Security

The Internet of Things

Toward Horizon 2020: INSPIRE, PSI and other EU policies on data sharing and standardization

GlobalPlatform Addressing Unique Security Challenges through Standardization

Cloud Security Standards Supplier Survey. Version 1

Mobile Connect Driving Global Economic Growth Through Secure Mobile Identity

Panel 1 Service Platform and Network Infrastructure for Ubiquitous Services

The EU OPEN meter project

Smart City, Internet of Things, Security and Privacy

Identify adequate calls and analyze the call text

The NIS Directive and Cybersecurity in

An Intelligent Service Oriented Infrastructure supporting Real-time Applications

Facing the Challenges of M2M Security and Privacy Phil Hawkes Principal Engineer at Qualcomm Inc. onem2m

USING DEVICE LIFECYCLE MANAGEMENT TO FUTURE PROOF YOUR IOT DEPLOYMENT

The NextGEOSS Project

GDPR - Are you ready?

NIS Platform Working Group 3 Individuals Digital Rights and Capabilities. Dr. Gisela Meister April

FORTIKA - Cyber Security Accelerator for trusted SMEs IT Ecosystems THE PROJECT

IoT privacy risk management in ANASTACIA project

Security Readiness Assessment

Cloud Security Standards

The FIRST Project and the Future Internet National Research Programme

Trustworthy ICT. FP7-ICT Objective 1.5 WP 2013

THE ENVIRONMENTAL OBSERVATION WEB AND ITS SERVICE APPLICATIONS WITHIN THE FUTURE INTERNET Project introduction and technical foundations (I)

A1 Information Security Supplier / Provider Requirements

OSIsoft PI Cloud Services Privacy Statement

ICT-SHOK Project Proposal: PROFI

ACTivating InnoVative IoT smart living environments for AGEing well

FP7 Information & Communication Technologies. Rules of the Programme

STORK PRESENTATION 07/04/2009. Frank LEYMAN. Manager International Relations. Stork is an EU co-funded project INFSO-ICT-PSP

Optimize Your Heterogeneous SOA Infrastructure

M2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres

Security and resilience in Information Society: the European approach

Next Generation Infrastructure Outsourcing. Copyright 2016 Tech Mahindra. All rights reserved.

PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser. CSP2015 Brussels /

Innovation policy for Industry 4.0

Technologies for Future Mobile Tactile Internet of Things (IoT)

Quality Assurance in 5G SME Engagement

Transcription:

Security and Privacy Challenges in Open Source Software IoT Platforms Arkady Zaslavsky DIGITAL PRODUCTIVITY FLAGSHIP (DPF) Securing Internet of Things (IoT) Workshop UNSW, Sydney, November 18, 2014

Outline Setting the scene -IoT Privacy & security challenges in IoT OpenIoT CAS Demo Conclusion

A dynamic global network infrastructure with self configuring capabilities are seamlessly integrated into the information network. based on standard & interoperable communication protocols Internet of Things IoT virtual personalities, use intelligent interfaces, and where physical & virtual things have identities, physical attributes,

Why is IoT security challenging? Wireless communication Physical insecurity Constrained devices Potentially sensitive data Lack of standards Heterogeneity: weakest link problem A systems, not software problem Classic web / internet threats Identity management & dynamism Inconvenience and cost

Categorisation of topics and technologies in the IoT

7 out of 10 fear security implications of IoT http://www.techrepublic.com/article/7-out-of-10-fear-security-implications-of-internet-of-things/, Frank Ohlhorst August 20, 2014

IoT security & privacy roadmap EU take Before 2010 Security mechanisms and protocols defined Security mechanisms and protocols for RFID and WSN devices 2010 2015 Usercentric context aware t areprivacy andpri privacy policies Privacy aware data processing Virtualisation and anonymisation 2015 2020 Security and privacy profiles selection based on security and privacy needs Privacy needs automatic evaluation Context centric security Beyond 2020 Self adaptive security mechanisms and protocols Vision and Challenges for Realising the Internet of Things, March 2010

Privacy Legal Framework Data Protection Directive 95/46/EC, collecting and processing the personal data of individuals in one of the following (laid down by Article 7) : Where the individual concerned, (the 'data subject'), has unambiguously given his or her consent, after being adequately informed; or Reform Directive for Data Protection, January 2012: Whenever consent is required for data processing, it will have to be given explicitly, rather than be assumed.

OpenIoT Factsheet Contract No.: 287305 Objective: ICT- 2011.1.3 Internet-connected Objects Coordinator: NUIG-DERI, Galway, Ireland Contact Person: Dr. Martin Serrano DERI NUI Galway IDA Business Park Lower Dangan, Galway, Ireland Cloud Computing http:\\www.openiot.eu Management Data Privacy and Security Sensor Mobility Linked Data EC Contribution 2,455,000.00 Euro Internet of Things Open Source Project Start Date: 01 Dec 2011 Duration: Open Source Cloud Solution for the Internet of Things 36 months

OpenIoT General Vision OpenIoT providing a cloud-based middleware infrastructure in order to deliver on-demand access to IoT services, which could be formulated over multiple l infrastructure t providers. (such as smart cities and smart enterprises) OpenIoT User (Citizen, Corporate) Step 1: Sensing-as-a-Service Request Step 3: Service Provisioning (Utility Metrics) Knowledge Based Future Internet Step 2: Sensor/Cloud Formulation Domain #1 Domain #N Infrastructure s provider(s) (e.g., Smart City)

OpenIoT Open Source Project Open Source License http://github.com/openiot/openiot Open Source Release of OpenIoT software (1 Oct, 2014, release 2.0) OpenIoT will be released under LGPL (Business Friendly) Ensures compatibility with background libraries/projects Master governed planning Masters(OpenIoT partners) defined for major subprojects Governance ( p p )

OpenIoT and Standards W3C Use and Enhancement of W3C SSN Ontology StandardizedSolutionfor Solution Dynamic Discovery of Sensors and Internet Connected Objects (ICO) OGC Open Architecture for IoT/Cloud Integration Best Practice Paper RESTful RESTful access to sensors and ICO (CoAP) Implementation of Driver/Virtual Sensor in GSN

High Level Architecture

Overview of (Supported) OpenIoT Capabilities What can I do with OpenIoT? Dynamic Sensor/ICO Discovery Visual IoT Service Definition & Deployment IoT Service Visualization (via Mashups) p) Sensor/ICO Deployment & Registration IoT Platform Architecture & Capabilities Resource Management and Optimization

Scenarios Use Cases Community sensing for large scale (collaborative) e Science Experiments Phenonet Enabling Service Platform for Resilient City Services Smart Campus Silver Angel Crowd Sensing Intelligent Manufacturing and Logistics Smart Industry

OpenIoT IDE Monitor Discover Present Authenticatee Define P resent Configure Present

CAS - Central authorization and authentication service

OpenIoT Security and Privacy Proper access control by means of sticky policies Accountability on data access through logging of actions Safe storage by means of encryption and with durability guarantees Confidentiality through encrypted communication User side privacy leakagecontrol through Privacy Enhancing User side privacy leakage control through Privacy Enhancing Technologies Automatically configured based on a SLA

OpenIoT Architecture WP5 T5.3 Secure, Trustworthy and Privacy Friendly Interactions Security & Privacy Module

Security & Privacy Module OpenIoT CAS OpenIoT Security Console Security Client API & Tag libraries Security & Privacy Module OpenIoT CAS: Centralised Authentication and Authorisation server OpenIoT TSecurity Console: Web application for Users, roles and Permissions management Security Client API & Tag Libraries: Enable security and CAS integration in all OpenIoT modules

OpenIoT CAS Central authorization and authentication service for all OpenIoT applications User credentials checked and maintained only by CAS Token based authorization Based on OAuth2.0 framework

OpenIoT Security Management Console Registering OpenIoT services Managing permissions and roles Assigning/revoking permissions to/from users

OpenIoT Client API & Tag Libraries Client API to enable security in all OpenIoT Application and Web Services Java classes, provide common authentication and authorization ti methods CAS interaction and forwarding

OpenIoT Client API & Tag Libraries Tag Libraries for JSF (Java Server Faces) and JSP Ready to use in Web applications Simpleintegration integration, CAS interaction behind thescenes

Access control using the OpenIoTCAS Copyright 2014 OpenIoT Consortium DEMO

Thank you! Dr Arkady Zaslavsky, Professor Senior Principal Research Scientist Email: arkady.zaslavsky@csiro.au y

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback