This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, October 14 • 10:45am - 11:45am
Patterns of Authentication and Self-Announcement in the Internet of Things (IoT)

Sign up or log in to save this to your schedule and see who's attending!

The need to connect ‘things’ to each other in the IoT ecosystem introduces new security requirements for authentication and self-announcement due to four major characteristics of IoT
1. Physical access and infinite time available to adversaries to take apart devices 
2. Lower computation power of standalone devices 
3. Unforeseen and emergent behavior of the system if arbitrary nodes are compromised 
4. Endless possibility of privacy intrusion based on data intelligence and indirect identity inference. 
In this work the IoT systems are modelled using a number of elements: person, machine/device, service, server, client (esp. mobile), and passive marker. New authentication scenarios emerge when these items introduce themselves to each other on trusted or untrusted networks. The majority of authentication and self-announcement needs could be modelled using the above elements. For major authentication and self-announcement scenarios, possible authentication patterns are presented. Here are four examples of how these patterns apply to sample IoT scenarios: 
• Home automation as enabled by NEST devices
• Device collaboration in Zigbee-based networks
• Smart inventory management using NFC/RFID
• Remote device control based on XMPP (SASL authentication)
The minimum computation power (capability to perform cryptographic operations) and privacy preserving considerations are analyzed in each case.

avatar for Amir Pourafshar

Amir Pourafshar

Application Security Researcher, Security Compass
Amir Pourafshar is an application security researcher at Security Compass. Amir is currently part of a research team working on an IoT project that aims to investigate and formulate the security requirements of system design/development in internet of things (IoT) ecosystem. Amir has done his masters in computer science at Information Security Centre of eXcellence (University of New Brunswick). Amir's experience includes active participation in... Read More →

Friday October 14, 2016 10:45am - 11:45am
Grand North Renaissance Washington, DC Downtown Hotel 999 9th St NW, Washington, DC 20001

Attendees (34)