Yves Goeleven

#IoT: Privacy and security considerations

Thanks to

2

Yves Goeleven

• Founder of MessageHandler.net– Shipping software since 2001– Windows Azure MVP– Developer on NServiceBus

Exhibition theater @ kinepolis

4

Agenda

• Why this talk?• What are the dangers?• Security options• Privacy options

5

Agenda

Why this talk?

You might just leave this session with more questions than answers

11

Talk!

Let’s start a conversation!

12

Challenge!

I challenge anyone to do a follow up session with your own questions and ideas.

13

Agenda

What are the dangers?

Internet of Things

What are the dangers?Personal

& invisible

White lies are the common decency

holding us together

22

Agenda

What can we do?

24

Security options

• Prevent physical access– Behind locked doors– Secure casing– Do not expose physical ports (usb, ethernet, ...)

25

Security options

• Prevent virtual access– Do not open inbound ports– Design without ’listeners’ or ‘servers’ on the devices– Instead use ‘workers’ or ‘agents’ and remote queues

with outbound connections only

27

Security options

• Prevent physical tampering– Seals, markers– Alarms– Camera’s

28

Security options

• Prevent virtual tampering– Bootloader in chip or ROM, checks firmware origin

before loading into RAM

– Note: Updating (incl. security fixes) now just got a lot harder though

30

Security options

• Keep track of device identity– Let devices register themselves/call home– Do this on boot & periodically

31

Security options

• Analyze device behavior– Include device specific & variable information– Analyze it server side to detect hacked or spoofed

devices

32

Security options

• Block compromised devices– Access control lists– Protocol/package filtering– Signal Jamming– Unplug the power– On the device, or a specialized device

34

Security options

• Many low-power devices cannot encrypt data using standard encryption techniques– Not enough memory– Drains battery too fast

35

Security options

• Do not store unencrypted data– On publicly accessible devices– Better send it elsewhere, unencrypted if needed, to

store it safely

36

Security options

• Do not send unencrypted data over long distances– Use a local ‘gateway’, a powerfull local device to

encrypt it on behalf of dumb devices

37

Security options

• Use alternative encryption & data mangling strategies– Signed at the foundry, if you can live with lock-in– Ciphers, hashes & arithmetic algorithms

39

Security options

• Audit your physical environment– Know which devices are ‘smart’– And how they communicate– Include all technologies (IR, RF, Bluetooth)

40

Security options

• Spy on your things– Intercept communication between your ‘things’– Analyze the communication & detect anomalies

41

Security options

• Physical canary– Apply ‘social control’ amongst devices– Let devices report that other devices are talking to

them inappropriately

42

Internet of things, reference architecture

44

Privacy options

• There are privacy laws– Make sure not to break these!– Do not store, send or process information that you’re

not allowed to

– http://en.wikipedia.org/wiki/Data_Protection_Directive

45

Privacy options

• Is it clear what laws apply when?– Multinationals spread across different countries– Difference in laws where data is collected vs data is

processed or stored

– US vs EU: direct conflict

48

Privacy options

• Trust is paramount for adoption of IoT– Make it your policy not to break it– People may choose not to buy products from

violators

49

Privacy options

• Question is: is this really true?– Facebook is huge, yet no one trusts them (I hope)– Will convenience win over privacy concerns for

majority of people?

50

Privacy options

• Build trust by asking for user consent– On data collection devices– Oauth great for this!?– But how about devices without a screen?

52

Privacy options

• And how about exchanging and correlating information with 3rd parties in backend?– Need for federated authorization?– With context?– F.e. I allow you to analyse my energy consumption,

send the results to government, but not to utility?

Loyalty plan

Give me your address and you'll get 10% off on your next pair of jeans…

56

Other things we can do?

There’s a lot we can do

57

Other things we can do?

Also a lot of open questions

58

Other things we can do?

But maybe consumers just don’t care

(aren’t prepared to pay for it?)

59

Other things we can do?

What do you think?

60

A big thank you to our sponsors

Gold Partners

Silver & Track Partners

Platinum Partners