Securing IoT Applications
The Internet of Things and Machine to Machine are growing areas, and security and privacy are prime issues. In this session we will examine the security challenges around using M2M devices with protocols such as MQTT & CoAP. In particular we will look at encryption, federated identity and authorization models. On the topic of encryption, we’ll examine securing MQTT with TLS, challenges with Arduino, and using hardware encryption for microcontrollers. A key privacy requirement for user-centric IoT use cases will be giving users control over how their things collect and share data. On the Internet, protocols like OAuth 2.0, OpenID Connect & User Managed Access have been defined to enable a privacy-respecting user consent & authorization model. We'll look at the issues with applying these protocols to the M2M world and review existing proposals & activity for extending the above M2M protocols to include federated identity concepts. The session will include a live demonstration of Arduino and Eclipse Paho inter-operating secured by OAuth 2.0.