Security in Machine-to-Machine Communication: The role of the Telecommunication Operator

Size: px
Start display at page:

Download "Security in Machine-to-Machine Communication: The role of the Telecommunication Operator"

Transcription

1 Security in Machine-to-Machine Communication: The role of the Telecommunication Operator Cinterion Wireless Modules GmbH 2012, All rights reserved

2 Internet of Things = Increasing need for M2M security Threats in the internet today = Threats in M2M tomorrow Increased Security Threats M2M vulnerabilities Billions of targets online Security breaches in software Decreasing cost of attacks Internet as source of attacks More devices & value Weak embedded Devices OS Connectivity/Availability Internet connected devices We need to prepare today What will be the costs of failed / compromised systems? Please adjust your paranoia level now! Page 2 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

3 Examples of M2M attacks Lack of user authentication: Zoombak tracking device (GPS/GPRS): Can be identified and tracked by non-authorized persons Can even be impersonated! Luxury car stolen in 3 minutes using security loophole: No authentication required to duplicate electronic key! Home automation: garage doors, etc. SIM stolen from South Africa s traffic lights: Not paired to the device, and usable for voice phone calls Weak device security with Internet access: Discovergy Smart Meter: Hacked to transmit meter readings (up to every 2 seconds) via HTTP, unencrypted, without authentication! Internet exposure of dutch water pumps: Could be operated by anyone from a home computer! Unprotected local wireless links: Jamming attacks e.g. preventing remote activation of alarm systems Insulin pump hack Over The Air: Uses unencrypted local radio link Could deliver fatal dosage! Heart monitor hacking: Can be turned off or forced to deliver impulse! Page 3 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

4 Different types of M2M security risks Privacy (e.g. Discovergy Smart Meter Hack): Personal data, relating to an individual, should be accessible only to authorized parties (lawful purpose or user consent) Ensure identification and authentication of involved parties Local processing by devices reduces exposure (e.g. send anonymous data) Fraud (e.g. South African Traffic lights): Unattended devices deployed in unsecured environments are open to attackers Restrict access and services to essential channels only, configure APN Do not transmit ID, password or APN on unprotected channels Use physical or logical pairing between M2M device and SIM/MIM (cf. ETSI TS ) Critical Infrastructure exposure (e.g. Dutch water pump) Resources of attackers can be commensurate to potential damages! Clearly assess liabilities with all actors Minimize risks with adequate security measures at organizational and technical levels Do not forget human factor, and remember that one weak link compromises the whole chain! Page 4 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

5 The network operator in the M2M security ecosystem The main M2M security risks rarely originate from the communication network: Weak application design or unprotected device hardware are most common causes Most M2M applications come from industrial fields which still lack ICT expertize: e.g. energy, automotive, healthcare Yet Telecommunication Operators reputation may be at stake, as affected final users may not make the difference! Play a role in developing the security awareness of M2M customers! Telecommunication Operators have opportunities and tools to assist M2M customers in securing their applications: Monitor connections using keep-alive messages Correlate location data with e.g. GPS tracking Leverage on existing trust provisioning chain (SIM) to deploy applicative security credentials Enable applications to leverage on deployed authentication and identification infrastructures Use OTA remote management for secure deployment of applications, firmware upgrades, etc. Page 5 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

6 How to make a M2M system secure enough Risk Analysis Attack Probability Cost of attack Potential Damage Defense Analysis Detection possible? Prevention possible? Cost of prevention? Physical device tamper-resistance Embedded Secure Element, e.g. SIM Modem security Application communication (e.g. encryption) Network security Application backend server security Page 6 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

7 How secure are elements of M2M communication systems? What makes an application secure? Communication Networks Connected Devices Communication components Security is a chain => all the links must be secured Page 7 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

8 How secure are the networks? Cellular Networks? There are numerous security measures built within cellular networks: User identity is obscured Traffic is encrypted Use of SIM as secure element protecting secrets used for authentication Yes, but... Internet? No security by default! Use e.g. TLS encryption Credentials must be adequately protected (tamper resistance / security certification) > Depends on MNO settings (some 2G algorithms are weak) > Beware of SMS in particular!!! (use encryption and signature) Page 8 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

9 How secure are connected devices? Cost of Attack Security demand Security demand = Attack probability * Potential damage Page 9 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

10 Examples of device security improvements Goal: increase cost of attacks that are most likely to happen Security Measures Cost of Attack Tamper-resistant enclosure $ $ $ Authenticate via certificates $ $ $ SSL/TLS* encryption Authenticate SMS $ $ $ $ $ $ $ $ $ Protocol & data encryption $ $ $ *SSL = Secure Socket Layer TLS = Transport Layer Security Page 10 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

11 What is modem security? Modem must be secured against manipulation (e.g. firmware reflashing) against reverse engineering (e.g. through diagnostics port) Secure communication between modem and application external interfaces (serial, USB) are vulnerable against tracing / reverse engineering encryption may be an option (but key must be stored securely) Internal application (e.g. Java) Java midlet must be protected against manipulation & reverse engineering Midlet update must be secured File system access must be protected as well Rely on tamper-resistant storage/execution environment, e.g. in SIM/MIM Page 11 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

12 How does a GSM module contribute to application security? Cinterion Module Java Security API Transport Layer Security Jamming Detection Lock SIM, Module, Cell 3GPP Security Firmware & IMEI protection Page 12 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

13 Some frequent M2M threats Attack complexity Attack likelihood Attack Impact Characteristics Countermeasure Application snooping low med/high med Application-level encryption AT Command encryption Lawful interception N/A med med Legal implications Impossible to detect or prevent Application-level encryption Jamming low high med Easy to detect, impossible to prevent Jamming status detection (radio link monitoring) Air interface Interception and decryption med med high Mostly on 2G networks Application-level encryption Encryption status display/check Fake networks ( IMSI Catcher fake BTS) med med high Works in 2G mode only Equipment now affordable Possible to detect & evade Scan frequency spectrum to detect Encryption status display/check Fake networks GSM Layer 3 attacks high low high Device stack dependent May enable code injection! Protocol stack hardening Fake network avoidance Malformed SMS SMS-of-death low med med May crash some devices! SMS application hardening Page 13 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

14 The contribution of standards M2M security is addressed in standardization at several levels Communication Network: euicc work in ETSI SCP for remote change of subscriptions 3GPP SA3 Machine Type Communication enhancements ETSI TISPAN (E2NA) work on Privacy protection M2M Service/Application level: Deployed standards today are by verticals Smart Metering: IEC (consolidation under EC M/441 standardization mandate), Smart Grids: IEC (extensions under EC M/490 mandate) Electric vehicle to Grid communication: ISO (developments under EC M/468 mandate) Industrial Control Systems: IEC Tomorrow vision: Horizontal service platform for M2M application deployments Transport network agnostic concept, developed by ETSI TC M2M since 2009 Requirements (TS ), Architecture (TS ) and Protocols (TS ) Release 1 & 2 provide security on the Gateway to Infrastructure interface Credential Bootstrapping (provisioning or PKI-based) Authentication, Confidentiality, Integrity of M2M connections Diversity of M2M applications (security/cost trade off, possibility to leverage on Access Network features) results in multiple security options (GBA, EAP, TLS based) Now migrating into worldwide onem2m partnership (3GPP partners+ TIA) Will provide bootstrapping and end-to-end security services for M2M applications? Page 14 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

15 Remember Security is about prevention, not cure. Number of attacks on M2M systems will increase, Secure communication design is the insurance M2M operators should educate M2M customers about security risks, as their reputation is at stake M2M device suppliers should raise cost of attacks by simple and cost effective measures. M2M Application owners should use existing expertise and proper consulting Page 15 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

16 Page 16 8 th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

ETSI All rights reserved

ETSI All rights reserved M2M Security Standards: ETSI contributions Presented by Francois Ennesser (Gemalto), ETSI TC M2M WG4 (Security WG) chair Thanks to Contributors: M2M WG4 (Alper Yegin, Phil Hawkes, Ioannis Broustis, Yi

More information

OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE

OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE MACHINE-TO-MACHINE ENABLE AND SECURE A CONNECTED LIFE DRIVEN BY GOVERNMENT REGULATIONS, COMPANY AND CONSUMER NEEDS, PRODUCTS ARE TRANSFORMED INTO INTELLIGENT,

More information

M2M:TOWARDS A SAFER CONNECTED WORLD 21 ST SMARTEX SUMMER EVENT

M2M:TOWARDS A SAFER CONNECTED WORLD 21 ST SMARTEX SUMMER EVENT Making Mobility More Secure M2M:TOWARDS A SAFER CONNECTED WORLD 21 ST SMARTEX SUMMER EVENT Dr. Vladimir Nagin MANAGING DIRECTOR Cellnetrix M2M Application Domains and Use Cases Security Requirements Security

More information

Embedded SIMs and M2M Communications

Embedded SIMs and M2M Communications Embedded SIMs and M2M Communications Michael Walker Vodafone Fellow and Executive Technical Advisor Professor of Telecommunications, Royal Holloway University of London ETSI Security Workshop, 20th January

More information

The Importance of Secure Elements in M2M Deployments: An Introduction

The Importance of Secure Elements in M2M Deployments: An Introduction The Importance of Secure Elements in M2M Deployments: An Introduction February 2014 Securing the future of mobile services 2 Contents THE IMPORTANCE OF SECURE ELEMENTS IN M2M DEPLOYMENTS... 3 1. INTRODUCTION...

More information

How can webapps benefit from automotive environment, with safety?

How can webapps benefit from automotive environment, with safety? How can webapps benefit from automotive environment, with safety? Web and automotive W3C workshop Pierre.Girard@gemalto.com Rome, November 14, 2012 Agenda! Gemalto introduction! Car as a programming platform!

More information

Advanced Metering Management Data Security

Advanced Metering Management Data Security White Paper AMM Data Security Advanced Metering Management Data Security Introduction 3 Overview of AMM security issues 4 Main Areas of Concern 6 Best Practises Ensuring confidentiality Authentication

More information

Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application

Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application Introduction Security continues to be a hot topic in all areas of technology, including machine-tomachine (M2M) applications.

More information

GSMA Embedded SIM Specification Remote SIM Provisioning for M2M. A single, common and global specification to accelerate growth in M2M

GSMA Embedded SIM Specification Remote SIM Provisioning for M2M. A single, common and global specification to accelerate growth in M2M GSMA Embedded SIM Specification Remote SIM Provisioning for M2M Purpose of this Reference Messaging Pack Appropriate slides may be selected to be used for within different presentations for multiple audiences

More information

3GPP TS V4.0.0 ( )

3GPP TS V4.0.0 ( ) TS 33.120 V4.0.0 (2001-03) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G security; Security principles and objectives (Release

More information

M2M Forum - Milan SIM Challenges 16/05/2013 1

M2M Forum - Milan SIM Challenges 16/05/2013 1 M2M Forum - Milan SIM Challenges 16/05/2013 1 M2M is a fragmented and challenging market DIM SIM 16/05/2013 2 The right Product for the right M2M Vertical Form Factor M2M Contract Hardware Specification

More information

Machine-to-machine (M2M) security. Hunz Zn000h at gmail.com

Machine-to-machine (M2M) security. Hunz Zn000h at gmail.com Machine-to-machine (M2M) security Hunz Zn000h at gmail.com CCC Camp 2011 13.08.2011 Content What's machine-to-machine anyway? Attack vectors Attacks over M2M communication channels Physical attacks on

More information

WHITE PAPER Security in M2M Communication What is secure enough?

WHITE PAPER Security in M2M Communication What is secure enough? WHITE PAPER Security in M2M Communication What is secure enough? Motivation Wireless Machine-To-Machine (M2M) communication has grown dramatically over the past decade and is still growing rapidly. In

More information

IOT SECURITY CONCERNS

IOT SECURITY CONCERNS IOT SECURITY CONCERNS RENESAS SYNERGY PLATFORM SECURITY ROADMAP WITH ARMV8-M ARCHITECTURE SYBD, Renesas Electronics Corporation ARM Tech Symposia 2016 India Dec, 2016 Presented by: Haydn Povey (Renesas

More information

Adaptive Threat and Risk Framework for Securing IoT in Healthcare

Adaptive Threat and Risk Framework for Securing IoT in Healthcare Adaptive Threat and Risk Framework for Securing IoT in Healthcare Building Elements for Next Generation Security Operations AT&T Security Solutions 2015 AT&T Intellectual Property. All rights reserved.

More information

bootstrapping security

bootstrapping security ericsson White paper 284 23-3284 Uen February 2016 bootstrapping security THE KEY TO INTERNET OF THINGS ACCESS AUTHENTICATION AND DATA INTEGRITY Security will be a major challenge as billions of devices

More information

Vodafone Global M2M. Global M2M Service Platform

Vodafone Global M2M. Global M2M Service Platform Global M2M Service Platform Opening up the potential for a new range of smart M2M services Vodafone Global M2M Services are designed to help you accelerate market entry for a new generation of connected

More information

GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M

GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M Anvay Lonkar, Marketing Manager M2M Solutions & Services Gemalto M2M FORUM, MILAN, 15 May 2013 Gemalto delivers trusted and convenient digital services to billions

More information

Challenges and Risks for a Secure Communication between a Smartcard and a Service Provider through Cellular Network

Challenges and Risks for a Secure Communication between a Smartcard and a Service Provider through Cellular Network Challenges and Risks for a Secure Communication between a Smartcard and a Service Provider through Cellular Network Kerem Ok, Vedat Coskun, Rahmi Cem Cevikbas Abstract Smart cards used in mobile phone,

More information

Enhancing Web Application Security

Enhancing Web Application Security Enhancing Web Application Security Using Another Authentication Factor Karen Lu and Asad Ali Gemalto, Inc. Technology & Innovations Austin, TX, USA Overview Introduction Current Statet Smart Cards Two-Factor

More information

CONNECTED CAR SECURITY THREAT ANALYSIS AND RECOMMENDATIONS

CONNECTED CAR SECURITY THREAT ANALYSIS AND RECOMMENDATIONS CONNECTED CAR SECURITY THREAT ANALYSIS AND RECOMMENDATIONS Version: 1.00 Author: Sławomir Jasek SecuRing Slawomir.jasek@securing.pl Date: 2015-10-08 This work is licensed under a Creative Commons Attribution-ShareAlike

More information

Mobile Payment Services- Security Risks, Trends and Countermeasures

Mobile Payment Services- Security Risks, Trends and Countermeasures Mobile Payment Services- Security Risks, Trends and Countermeasures Agenda Trends in mobile payments Security risks in mobile payments applications and devices Mitigation strategy through secure SDLC Mobile

More information

Enabling Secure Edge-to-Cloud Iot Solutions. TELIT white paper. A white paper that examines security challenges and security mechanisms JULY 2015

Enabling Secure Edge-to-Cloud Iot Solutions. TELIT white paper. A white paper that examines security challenges and security mechanisms JULY 2015 JULY 2015 TELIT white paper Enabling Secure Edge-to-Cloud Iot Solutions A white paper that examines security challenges and security mechanisms By Mihai Voicu, CIO/CSO Telit IoT Platforms This paper addresses

More information

3GPP and ETSI Security Standards

3GPP and ETSI Security Standards 3GPP and ETSI Security Standards Charles Brookson, ETSI OCG Security Chairman Carmine Rizzo, ETSI Technical Officer Dionisio Zumerle, 3GPP Technical Officer ETSI 2010. All rights reserved 3GPP and ETSI

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 12 Advanced Cryptography

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 12 Advanced Cryptography Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 12 Advanced Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are

More information

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges Multi-vendor Penetration Testing in the Advanced ing Infrastructure: Future Challenges DIMACS Workshop on Algorithmic Decision Theory for the Smart Grid Stephen McLaughlin - Penn State University 1 Data

More information

Sebastian Hans. [ETSI CoAP workshop] 1

Sebastian Hans. [ETSI CoAP workshop]  1 Secure Environment management based on CoAP Sebastian Hans [ETSI CoAP workshop] Sophia Antipolis November 2012 2012 @GlobalPlatform_ www.linkedin.com/company/globalplatform 1 GlobalPlatform reaches 100

More information

Norton Mobile Privacy Notice

Norton Mobile Privacy Notice Effective: April 12, 2016 Symantec and the Norton brand have been entrusted by consumers around the world to protect their computing devices and most important digital assets. This Norton Mobile Privacy

More information

Smartcard Web Server Enabler Architecture

Smartcard Web Server Enabler Architecture Smartcard Web Server Enabler Architecture Approved Version 1.2 05 Mar 2013 Open Mobile Alliance OMA-AD-Smartcard_Web_Server V1_2-20130305-A OMA-AD-Smartcard_Web_Server V1_2-20130305-A Page 2 (21) Use of

More information

MACHINE TO MACHINE COMMUNICATIONS. ETSI TC M2M Overview June 2011

MACHINE TO MACHINE COMMUNICATIONS. ETSI TC M2M Overview June 2011 MACHINE TO MACHINE COMMUNICATIONS ETSI TC M2M Overview June 2011 About the ETSI TC M2M ETSI: the European Telecommunication Standards Institute One of the 3 European SDOs (CEN, CENELEC, ETSI). ETSI is

More information

Defending the Internet of Things

Defending the Internet of Things Defending the Internet of Things Identity at the Core of Security +1-888-690-2424 entrust.com Table of contents Introduction Page 3 Challenge: protecting & managing identity Page 4 Founders of identity

More information

Norton Mobile Privacy Notice

Norton Mobile Privacy Notice Effective: October 25, 2016 Symantec and the Norton brand have been entrusted by consumers around the world to protect their computing devices and digital assets. This Norton Mobile Privacy Notice tells

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

CASE STUDY. Gemalto Drives Smart Car Connectivity

CASE STUDY. Gemalto Drives Smart Car Connectivity CASE STUDY Gemalto Drives Smart Car Connectivity The Connected Car Challenge Today, mobile technology is fully incorporated into virtually every aspect of our lives regardless of income, ethnicity and

More information

Secure Authentication for the Development of Mobile Internet Services Critical Considerations

Secure Authentication for the Development of Mobile Internet Services Critical Considerations Secure Authentication for the Development of Mobile Internet Services Critical Considerations December 2011 V1 Mobile Internet Security Working Group, SIMalliance AGENDA SIMalliance presentation What s

More information

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's: Security.01 Penetration Testing.02 Compliance Review.03 Application Security Audit.04 Social Engineering.05 Security Outsourcing.06 Security Consulting.07 Security Policy and Program.08 Training Services

More information

Learning Objectives. attacks. 2. Describe the common security practices of businesses of

Learning Objectives. attacks. 2. Describe the common security practices of businesses of E-Commerce Security Learning Objectives 1. Document the trends in computer and network security attacks. 2. Describe the common security practices of businesses of all sizes. 3. Understand the basic elements

More information

WHITE PAPER. An Enterprise M2M Application Enablement Platform

WHITE PAPER. An Enterprise M2M Application Enablement Platform WHITE PAPER An Enterprise M2M Application Enablement Platform EXECUTIVE SUMMARY In today s complex, competitive landscape, it is no longer enough to have a basic M2M solution in place. Increased price

More information

Femtocell: Femtostep to the Holy Grail

Femtocell: Femtostep to the Holy Grail . Femtocell: Femtostep to the Holy Grail... Ravishankar Borgaonkar, Kévin Redon.. Technische Universität Berlin, SecT ravii/kredon@sec.t-labs.tu-berlin.de TROOPERS 2011, 30 March 2011 3G/UMTS femtocells

More information

MACHINE TO MACHINE COMMUNICATIONS. MWC, Barcelona. February 2011

MACHINE TO MACHINE COMMUNICATIONS. MWC, Barcelona. February 2011 MACHINE TO MACHINE COMMUNICATIONS MWC, Barcelona. February 2011 Cluster Home for Future Internet activities in ETSI is the key ehealth (domain) CLOUD (enabler) Wireless Factory (application) RFID (identification)

More information

ETSI M2M HORIZONTAL PLATFORM STRATEGY

ETSI M2M HORIZONTAL PLATFORM STRATEGY ETSI M2M HORIZONTAL PLATFORM STRATEGY Presented by Marylin Arndt, Joachim Koss for DG CONNECT & ETSI Workshop on Smart Appliances, 27 May 2014 Content of the presentation Horizontal Platform Vision Current

More information

Internet of Things: Challenges and Opportunities

Internet of Things: Challenges and Opportunities 14th International Conference Regulatory activity in the electronic communications sector Internet of Things: Challenges and Opportunities Željko Popović Strategic Solution Manager The networked society

More information

Cellular M2M Communications using. The InvisiConnect System

Cellular M2M Communications using. The InvisiConnect System Cellular M2M Communications using The InvisiConnect System From A Division of Mercury Instruments Copyright Metretek Inc. June 2007 A bit About Cellular s two technologies each with two paths data or voice

More information

Preparing for IPv6 migration

Preparing for IPv6 migration Preparing for IPv6 migration What is IPv6 The current Internet Protocol (IP) addressing system IPv4 will eventually run out of addresses IPv6 is a new protocol that has been introduced that will, over

More information

Secure VidyoConferencing SM TECHNICAL NOTE. Protecting your communications. www.vidyo.com 1.866.99.VIDYO

Secure VidyoConferencing SM TECHNICAL NOTE. Protecting your communications. www.vidyo.com 1.866.99.VIDYO TECHNICAL NOTE Secure VidyoConferencing SM Protecting your communications 2012 Vidyo, Inc. All rights reserved. Vidyo, VidyoTechnology, VidyoConferencing, VidyoLine, VidyoRouter, VidyoPortal,, VidyoRouter,

More information

EXPANDING THE ROLE OF THE MOBILE NETWORK OPERATOR IN M2M

EXPANDING THE ROLE OF THE MOBILE NETWORK OPERATOR IN M2M EXPANDING THE ROLE OF THE MOBILE NETWORK OPERATOR IN M2M STRATEGIC WHITE PAPER INTRODUCTION Machine-to-machine (M2M) communications is on the rise. Most mobile network operators (MNOs) are turning to M2M

More information

THE INFORMATION SECURITY OF A BLUETOOTH-ENABLED HANDHELD DEVICE

THE INFORMATION SECURITY OF A BLUETOOTH-ENABLED HANDHELD DEVICE THE INFORMATION SECURITY OF A BLUETOOTH-ENABLED HANDHELD DEVICE Frankie Tvrz¹ and Marijke Coetzee² 1 Department of Business Information Technology 2 Academy for Information Technology University of Johannesburg

More information

GSM security country report: Estonia

GSM security country report: Estonia GSM security country report: Estonia GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin March 2013 Abstract. GSM networks differ widely in their protection capabilities against common attacks.

More information

Bellevue University Cybersecurity Programs & Courses

Bellevue University Cybersecurity Programs & Courses Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320

More information

Security Goals Services

Security Goals Services 1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;

More information

Vehicular On-board Security: EVITA Project

Vehicular On-board Security: EVITA Project C2C-CC Security Workshop 5 November 2009 VW, MobileLifeCampus Wolfsburg Hervé Seudié Corporate Sector Research and Advance Engineering Robert Bosch GmbH Outline 1. Project Scope and Objectives 2. Security

More information

RSA ADAPTIVE AUTHENTICATION A Comprehensive Authentication & Fraud Detection Platform

RSA ADAPTIVE AUTHENTICATION A Comprehensive Authentication & Fraud Detection Platform RSA ADAPTIVE AUTHENTICATION A Comprehensive Authentication & Fraud Detection Platform AT A GLANCE Measures risk of login and post login activities by evaluating over 100 indicators in real-time Determines

More information

The Wireless Application Protocol (WAP)

The Wireless Application Protocol (WAP) The Wireless Application Protocol (WAP) Dave Singelée, Bart Preneel COSIC Internal Report September 2003 Abstract The Wireless Application Protocol (WAP) is a protocol stack for wireless communication

More information

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 1 Royal Holloway, University of London 2 University of Strathclyde ABSTRACT Future mobile

More information

M2M / Internet of Things Towards M2M/IoT architecture - Global SDOs activities. Sivabalan Arumugam NEC India Pvt Ltd

M2M / Internet of Things Towards M2M/IoT architecture - Global SDOs activities. Sivabalan Arumugam NEC India Pvt Ltd M2M / Internet of Things Towards M2M/IoT architecture - Global SDOs activities Sivabalan Arumugam NEC India Pvt Ltd Outline Introduction M2M Services across Industry Verticals Why M2M standards? What improvements

More information

Hacking Femtocells. a femtostep to the holy grail. Ravishankar Borgaonkar. Kevin Redon.

Hacking Femtocells. a femtostep to the holy grail. Ravishankar Borgaonkar. Kevin Redon. a femtostep to the holy grail Ravishankar Borgaonkar ravii@sec.t-labs.tu-berlin.de Kevin Redon kredon@sec.t-labs.tu-berlin.de Security in Telecommunication Technical University of Berlin Introduction Ravishankar

More information

Mobile network security report: Poland

Mobile network security report: Poland Mobile network security report: Poland GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin August 2016 Abstract. Mobile networks differ widely in their protection capabilities against common

More information

GSM and Similar Architectures Lesson 03 GSM System Architecture

GSM and Similar Architectures Lesson 03 GSM System Architecture GSM and Similar Architectures Lesson 03 GSM System Architecture 1 Mobile communication using base station in cellular networks A mobile station, MS, communicates with a GSM public land mobile network (PLMN)

More information

Protecting Legacy Host Systems with Enterprise Authentication and Authorization Technologies

Protecting Legacy Host Systems with Enterprise Authentication and Authorization Technologies Protecting Legacy Host Systems with Enterprise Authentication and Authorization Technologies WHITE PAPER Protecting Legacy Host Systems with Enterprise Authentication and Authorization Technologies Under

More information

Smart Grid Cyber Security. The Smart Grid. What is a Smart Grid?

Smart Grid Cyber Security. The Smart Grid. What is a Smart Grid? GE Energy Smart Grid Cyber John D. McDonald, P.E. GM, Marketing IEEE PES Past President IEEE Division VII Director IEEE Fellow POWERING POTENTIA L The Smart Grid What is a Smart Grid? The integration of

More information

3G Security Overview

3G Security Overview 3G Security Overview Peter Howard Research and Standards Engineer Communications Security and Advanced Development Vodafone Limited peter.howard@vf.vodafone.co.uk IIR Fraud and Security Conference, March

More information

Accelerating the Internet of Things

Accelerating the Internet of Things Accelerating the Internet of Things Matthew Lear Director of Product Management Internet of Things mlear@iconectiv.com +1.732.699.5074 April 14, 2016 Prepared for IoT North America 2016 Chicago, IL iconectiv.

More information

More Secure Computing

More Secure Computing Backgrounder November 2006 More Secure Computing Businesses, governments, academic institutions, and individual users are becoming increasingly interconnected through a variety of wired and wireless communication

More information

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011

More information

Security and Privacy Challenges in 5G Networks. Georgios Karopoulos Department of Informatics and Telecommunications University of Athens

Security and Privacy Challenges in 5G Networks. Georgios Karopoulos Department of Informatics and Telecommunications University of Athens Security and Privacy Challenges in 5G Networks Georgios Karopoulos Department of Informatics and Telecommunications University of Athens Outline 5G architecture 5G use cases 5G characteristics Security

More information

MACHINE-TO-MACHINE COMMUNICATIONS

MACHINE-TO-MACHINE COMMUNICATIONS MACHINE-TO-MACHINE COMMUNICATIONS THE NEED FOR SMART SOLUTIONS Marc Jadoul Sophia Antipolis, 26 October 2011 THE INTERNET OF THINGS REALIZING THE POTENTIAL OF A CONNECTED SOCIETY Energy Security Environment

More information

End User Devices Security Guidance: Apple ios 8

End User Devices Security Guidance: Apple ios 8 GOV.UK Guidance End User Devices Security Guidance: Apple ios 8 Published Contents 1. Changes since previous guidance 2. Usage scenario 3. Summary of platform security 4. How the platform can best satisfy

More information

GSMA Embedded SIM MWC14 Ian Pannell Chief Engineer GSMA. Accelerating growth and operational efficiency in the M2M world

GSMA Embedded SIM MWC14 Ian Pannell Chief Engineer GSMA. Accelerating growth and operational efficiency in the M2M world GSMA Embedded SIM MWC14 Ian Pannell Chief Engineer GSMA Accelerating growth and operational efficiency in the M2M world Introducing the GSMA Embedded SIM The GSMA Embedded SIM has been developed to promote

More information

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability

More information

Mobile Based User Authentication for Guaranteed Password Security Using key

Mobile Based User Authentication for Guaranteed Password Security Using key Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 2, Issue. 10, October 2013,

More information

Mobile ID usnadňuje život jak uživatelům tak poskytovatelům služeb!

Mobile ID usnadňuje život jak uživatelům tak poskytovatelům služeb! usnadňuje život jak uživatelům tak poskytovatelům služeb! Jan Němec Gemalto Květen 2012 Valimo Solution Makes Things Easier both for end users and service providers! Allows you to forget all passwords,

More information

Building a trusted Foundation for the Internet of Things GUIDE BOOK. Home

Building a trusted Foundation for the Internet of Things GUIDE BOOK. Home Building a trusted Foundation for the Internet of Things GUIDE BOOK Home Contents Introduction...3 The Promise of the Internet of Things...3 What Makes the Internet of Things Different?...4 Building Blocks

More information

5G Security CHALLENGES

5G Security CHALLENGES 5G Security CHALLENGES KTH ACCESS-FORCES CPS Workshop - Mats Näslund, Ericsson Research and KTH/CSC Oct 27, 2015 Contents Part I: Background Mobile network evolution Mobile network security history What

More information

Good Dynamics. Security White Paper

Good Dynamics. Security White Paper Good Dynamics Security White Paper Table of Contents 1 Overview... 3 1.1 Security Features... 4 1.2 How Data is Protected... 4 2 The Good Dynamics Client... 5 2.1 Data Storage on the Client... 5 2.2 User

More information

Subscription Management. a key point for the embedded UICC success in the M2M Connected World

Subscription Management. a key point for the embedded UICC success in the M2M Connected World Subscription Management a key point for the embedded UICC success in the M2M Connected World Agenda 2 Agenda 14/5/2013 A. Vanore About ST M2M SIM euicc Subscription Management Who we are 3 A global semiconductor

More information

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS

More information

Hardware Security Modules for Protecting Embedded Systems

Hardware Security Modules for Protecting Embedded Systems Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &

More information

Closing Wireless Loopholes for PCI Compliance and Security

Closing Wireless Loopholes for PCI Compliance and Security Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop

More information

BUILDING TRUST IN THE INTERNET OF THINGS. Developing an End-to-End Security Strategy for IoT Applications

BUILDING TRUST IN THE INTERNET OF THINGS. Developing an End-to-End Security Strategy for IoT Applications BUILDING TRUST IN THE INTERNET OF THINGS Developing an End-to-End Security Strategy for IoT Applications EXECUTIVE SUMMARY Recent security breaches in the Internet of Things (IoT) have brought to light

More information

Adobe Flash Access Overview on Protected Streaming

Adobe Flash Access Overview on Protected Streaming Adobe Flash Access Overview on Protected Streaming Table of contents 1 Traditional DRM workflow 2 Flash Access workflow for downloads 2 Flash Access workflow optimized for protected streaming 5 Comparing

More information

Overview of ETSI TC M2M Activities Enrico Scarrone, ETSI TC M2M Chairman, Telecom Italia David Boswarthick, ETSI TC M2M Technical Officer

Overview of ETSI TC M2M Activities Enrico Scarrone, ETSI TC M2M Chairman, Telecom Italia David Boswarthick, ETSI TC M2M Technical Officer Overview of ETSI TC Activities Enrico Scarrone, ETSI TC Chairman, Telecom Italia David Boswarthick, ETSI TC Technical Officer March 2012 in the context of IoT Smart Energy Smart Health Smart Consumer Smart

More information

IoT Security Guidelines Overview Document Version February 2016

IoT Security Guidelines Overview Document Version February 2016 IoT Security Guidelines Overview Document Version 1.0 08 February 2016 This is a Non-binding Permanent Reference Document of the GSMA Security Classification: Access to and distribution of this document

More information

Table of Contents. Page 2/13

Table of Contents. Page 2/13 Page 1/13 Table of Contents Introduction...3 Top Reasons Firewalls Are Not Enough...3 Extreme Vulnerabilities...3 TD Ameritrade Security Breach...3 OWASP s Top 10 Web Application Security Vulnerabilities

More information

Gaining a competitive edge with Vodafone s M2M solutions

Gaining a competitive edge with Vodafone s M2M solutions Vodafone Global M2M Gaining a competitive edge with Vodafone s M2M solutions Industry credentials Vodafone Global M2M 3 Vodafone has provided M2M connectivity for customers around the world in a wide range

More information

MOBILE WIRELESS COMMUNICATIONS. Aditya K. Jagannatham Indian Institute of Technology Kanpur

MOBILE WIRELESS COMMUNICATIONS. Aditya K. Jagannatham Indian Institute of Technology Kanpur MOBILE WIRELESS COMMUNICATIONS Aditya K. Jagannatham Indian Institute of Technology Kanpur Wireless Communications Channel is the air medium. Multiple users can simultaneously transmit over the air medium

More information

Create value. in the IoT world. Huawei IoT Connection Management Platform

Create value. in the IoT world. Huawei IoT Connection Management Platform Create value Copyright Huawei Technologies Co., Ltd. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei

More information

Dr. György Kálmán gyorgy@mnemonic.no

Dr. György Kálmán gyorgy@mnemonic.no COMMUNICATION AND SECURITY IN CURRENT INDUSTRIAL AUTOMATION Dr. György Kálmán gyorgy@mnemonic.no Agenda Connected systems historical overview Current trends, concepts, pre and post Stuxnet Risks and threats

More information

The Shift to Wireless Data Communication

The Shift to Wireless Data Communication The Shift to Wireless Data Communication Choosing a Cellular Solution for Connecting Devices to a WWAN Dana Lee, Senior Product Manager dana.lee@moxa.com Recent developments in the wireless and industrial

More information

AMI security considerations

AMI security considerations AMI security considerations Jeff McCullough Introduction Many electric utilities are deploying or planning to deploy smart grid technologies. For smart grid deployments, advanced metering infrastructure

More information

Cisco Connected Grid Security for Field Area Network

Cisco Connected Grid Security for Field Area Network White Paper Cisco Connected Grid Security for Field Area Network Introduction Utilities all over the world are undergoing significant transition in their grid from transmission to consumption. Regulatory

More information

OVERVIEW OF ETSI M2M RELEASE 1 USE CASES & REQUIREMENTS

OVERVIEW OF ETSI M2M RELEASE 1 USE CASES & REQUIREMENTS OVERVIEW OF ETSI M2M RELEASE 1 USE CASES & REQUIREMENTS Presented by Patricia MARTIGNE at ETSI M2M Workshop, 26-27 October 2011 ETSI 2011. All rights reserved Outline Structure of ETSI M2M Release 1 Requirements

More information

Keywords online internet banking, QR, OTP, IMEI, shared private key, physical possession.

Keywords online internet banking, QR, OTP, IMEI, shared private key, physical possession. Volume 5, Issue 3, March 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Online Banking

More information

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview

More information

About Sectra Communications

About Sectra Communications Tiger 7401 About Sectra Communications We provide secure communication solutions for European government authorities, defence departments and other critical functions of society. We have a solid core expertise

More information

The Hidden Dangers of Public WiFi

The Hidden Dangers of Public WiFi WHITEPAPER: OCTOBER 2014 The Hidden Dangers of Public WiFi 2 EXECUTIVE SUMMARY 4 MARKET DYNAMICS 4 The Promise of Public WiFi 5 The Problem with Public WiFi 6 MARKET BEHAVIOR 6 Most People Do Not Protect

More information

Locking down a Hitachi ID Suite server

Locking down a Hitachi ID Suite server Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime

More information

Key RADIUS/AAA Considerations for Hotspot Operators

Key RADIUS/AAA Considerations for Hotspot Operators Key RADIUS/AAA Considerations for Hotspot Operators December 2005 A Juniper Networks company Funk Software, Inc. 222 Third Street Cambridge, MA 02142 (617) 497-6339 http://www.funk.com Copyright 2004 Funk

More information

The Key to Secure Online Financial Transactions

The Key to Secure Online Financial Transactions Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on

More information