OWASP Internet of Things Top 10. -â I1 Insecure Web Interface. -â I2 Insufficient Authenecaeon/. Authorizaeon. -â I3 Insecure Network Services. -â I4 Lack of ...
Challenges Towards Secure Internet of Things Carlos Becker Westphall Networks and Management Laboratory
Federal University of Santa Catarina NOVEMBER 17TH, LISBON, PORTUGAL
IARIA SECURWARE 2014 -‐ PANEL
1
Some quesAons -‐ All of that data being harvested in an automated fashion but, who has access to the data? -‐ What type of informaAon is actually being collected? -‐ How do you go about managing the username/ passwords for your ever increasing number of connected devices and appliances? -‐ What about the privacy of your informaAon?
NOVEMBER 17TH, LISBON, PORTUGAL
IARIA SECURWARE 2014 -‐ PANEL
2
OWASP Internet of Things Top 10 -‐ I1 Insecure Web Interface -‐ I 2 I n s u ffi c i e n t A u t h e n A c a A o n / AuthorizaAon -‐ I3 Insecure Network Services -‐ I4 Lack of Transport EncrypAon -‐ I5 Privacy Concerns
hYps://www.owasp.org/index.php/ OWASP_Internet_of_Things_Top_Ten_Project#tab=OWASP_Internet_of_Things_Top_10_for_2014 NOVEMBER 17TH, LISBON, PORTUGAL
IARIA SECURWARE 2014 -‐ PANEL
3
OWASP Internet of Things Top 10 -‐ I6 Insecure Cloud Interface -‐ I7 Insecure Mobile Interface -‐ I8 Insufficient Security Configurability -‐ I9 Insecure Soeware/Firmware -‐ I10 Poor Physical Security hYps://www.owasp.org/index.php/ OWASP_Internet_of_Things_Top_Ten_Project#tab=OWASP_Internet_of_Things_Top_10_for_2014 NOVEMBER 17TH, LISBON, PORTUGAL