View More
View Less
System Message
An unknown error has occurred and your request could not be completed. Please contact support.
Wait Listed
Personal Calendar
Conference Event
Times for this session to be announced soon
Conflict Found
This session is already scheduled at another time. Would you like to...
Please enter a maximum of {0} characters.
{0} remaining of {1} character maximum.
Please enter a maximum of {0} words.
{0} remaining of {1} word maximum.
must be 50 characters or less.
must be 40 characters or less.
Session Summary
We were unable to load the map image.
This has not yet been assigned to a map.
Search Catalog
Replies ()
New Post
Microblog Thread
Post Reply
Your session timed out.
This web page is not optimized for viewing on a mobile device. Visit this site in a desktop browser to access the full set of features.
LiveWorx 2017

The Mind Map of an IoT Chief Security Architect

Session Description

The mind map of a security architect for an end-to-end IoT platform may look like the map Lewis and Clark started with for their expedition through the Louisiana Territory. Like those intrepid explorers, security architects need a wide range of skills and experience to navigate in Terra Incognito. And, even with all the right experiences, the architect cannot be sure when they will reach their destination and at what cost. In this talk, we will identify some of the core elements of a successful end-to-end IoT platform and consider whether the same level of security is required at all corners of such an IoT ecosystem. Like intrepid explorers: we'll help you navigate a highly fragmented market to deliver products and platforms to customers, executing multiple steps of Sacagawean-like translations between elements such as: (1) SOC, BLE and Wifi chips to high availability load balancers; (2)Docker-based micro services on AWS; (3) Secure Element API and device SDK to REST API and COAP; (4) Secure boot and firmware update to AWS authorized OS images and CloudFormation templates; (5) Device factory provisioning to commissioning, on boarding, and cloud registration; (6) Device secure storage to AWS KMS for DB encryption; and (7) Code static analysis to DDOS incident response

Session Presenter
Additional Information
Security and Privacy
There are standards for IOT security as a whole, so you need to build a Frankenstein of your own until the industry settles down
There is one size fits all, so you need to apply levels
Resources are limited, so you need to engage the entire organization, use tools and consultants, and work with roadmaps
Breakout Session
45 minutes
Session Schedule