Internet of Things (IoT) Security: from specification to code – Hannes Tschofenig
During the last 10 years security researchers and standards experts have been working on specifications to ensure that state-of-the-art cryptography can be used on low end IoT devices. Most of those standards efforts have either been completed or are in the final stages. At the same time, industry groups and governmental agencies have written IoT security guidelines offering valuable suggestions for developers to design more secure IoT products. Even IoT security regulation exists asking for state-of-the-art crypto, the use of standards, and for a ban of passwords.
What challenges do developers face designing IoT products? Can they use open source software implementations and follow IoT security guidelines? In this talk Hannes Tschofenig will make an attempt to answer this question.
About the speaker:
Hannes Tschofenig is employed by Arm; prior employers include the European Data Protection Supervisor, Nokia Siemens Networks, and Siemens. His work life focused on developing global standards to make the Internet more secure. He has been active in the IETF for the past 15 years and contributed to more than 80 RFCs on security, privacy and various Internet protocols. Hannes co-chaired several IETF working groups, including OAuth, ACE, KEYPROV, DIME, and ECRIT. From 2010 to 2014 Hannes was a member of the Internet Architecture Board (IAB), a committee of the IETF. Currently, he is a board member and chair of the Device Management and Service Enablement working group of OMA SpecWorks.