In a Wired magazine article from early 2014 Bruce Schneier, an internationally renowned security technologist and author, described the Internet of Things (IoT) as "wildly insecure and often unpatchable". Schneier writes this article at the time when the size of the Maker Movement explodes and Web developers learn more about electronics as well as embedded systems designers start to use Web technologies. Every day innovative companies and crowd funding projects launch new products in the area of smart cities, home automation, and wearables. Companies as well as researchers are exploring ways to make software and hardware development easier for the masses. Standardized Internet protocols and the availability of software libraries play an important role in lowering the barrier of entry. Soon you will be able to build your own autonomous drone, create a sensor that assess the watering needs of your plants, and develop a cat tracking device with minimal coding and hardware skills. What is the place of security and privacy in this exciting development? Is Bruce Schneier correct with his observation and are we building the next generation of Internet security vulnerabilities right now? In his talk Hannes Tschofenig will describe how a security solution for Internet of Things could look and what threats can be mitigated based on his work at ARM, the industry's leading supplier of microprocessor technology.About the Expert
Hannes Tschofenig is employed by ARM Limited, a company known for their widely used low-power microprocessors found in tablets, mobile phones, and embedded devices. Prior employers include the European Data Protection Supervisor, Nokia/Nokia Networks, and Siemens. His work life focused on developing global standards to make the Internet work better. He has been active in one of the leading Internet standards developing organizations, the Internet Engineering Task Force (IETF), for the past 14+ years and has contributed to more than 60 RFCs on security, privacy, and emergency services. Hannes co-chaired various IETF groups, including the "Web Authorization Protocol" (OAuth) working group and the "Authentication and Authorization for Constrained Environments (ace)" working group. OAuth is a protocol to enable secure and privacy-friendly data sharing on the Web/Internet. ACE is a working group focused on Internet of Things security. For the past four years Hannes was a member of the Internet Architecture Board (IAB), a committee of the IETF. He is also vice-chair of the FIDO Alliance Privacy and Public Policy Working Group. The FIDO (Fast IDentity Online) Alliance aims to change the nature of authentication on the Web by developing specifications that reduce the reliance on passwords.