Lasse Andresen Founder / CTO ForgeRock AGL AMM, February 8th – 10th 2017, Tokyo VEHICLE PERSONALIZATION – JUST THE BEGINNING FOR IDENTITY Lasse Andresen Founder / CTO ForgeRock
Good Afternoon Texas Instruments, Software Engineer About me Texas Instruments, Software Engineer Sun Microsystems, CTO Software, Central & North Europe ForgeRock, Founder & CTO ForgeRock founded 2010 Security / Identity / IoT software company 400+ emp. / 600+ customers / 10 international offices Backed by Scott McNealy / Accel / Foundation / Meritech
IoT Reference Architecture The car is a formidable edge device
ForgeRock Identity Platform
The Challenge is an Opportunity AGL’s Identity Layer as a competitive advantage to support emerging monetization models “The key challenge will be to build trust into IoT systems from end to end — from the edge device, through the aggregation point, and into, and out of, the IoT platform.” Drue Reeves, Managing Vice President at Gartner
Cloud Profile Management and In-vehicle Authentication Cloud dev. / test platform made available to AGL members Q2/17 Identity Keys Voice Recognition Facial Recognition
Home Screen Personalized, real-time, seamless user experience
Phase One Architecture Renesas Porter Board
Near Term Next Steps Finishing OpenID Connect support, add NFC and two-way communication OpenID Connect - a simple identity layer on top of the standard OAuth 2.0 protocol Adding new biometrics authentication methods Obtain profile information about the car and user in an interoperable and REST-like manner Add NFC support in addition to bluetooth Save vehicle settings to Cloud
The Car is a formidable Edge / IoT node With over 50+ computer systems and100+ millions lines of code
Key Edge Requirements IoT Security by design Transforming the car into a secure trusted edge device IoT Security by design Establish the “Root of trust” at the edge Same security context from the edge to the enterprise Establish trusted identities across ecosystems Share security context with users to enable rich relations Secure and trusted onboarding, no human intervention Dynamic device to device authorization
The Data To be aggregated, tagged and enriched with contextual data Tagging data at source will multiply the value of big data exponentially Adding consent, context, identity and security data points are key Pre-process real-time data at the Edge
Privacy & Consent Matters Managed from the IVI using UMA Data access Data exchange Opt-in Power to delete Governmental legislation Designed for TRUST
User Managed Access (UMA) An emerging standard for Privacy and Consent
Identity is Key to Mobility Services Harvesting the connected car opportunity
Vehicle-to-Cloud A proposal for a new expert group Two-way communication between sensors, vehicles and Cloud services Secure on-boarding of vehicles ★ Trust / relationship management ★ Native IoT protocols support ★ Device and key management ATS Garage integration / AGL – SOTA - OSTree HW backed security / chip manufacture integration ★) in prototype stage
2017 High-Level Roadmap Continuing identity innovation within AGL Q1 Mobile World Congress Demo Barcelona NFC Authentication + Do-it yourself Demo Kit + Docs Q1 2018 Q3 Q4 Q2 Part of official AGL Demo @ CES Secure Vehicle Identity On-Boarding Automotive Identity White Paper – promoting AGL Automotive Identity Commercial Video – promoting AGL ALS Demo – Save Vehicle Settings to Cloud Profile Full AGL Home Screen HTML5 Integration Biometric In-vehicle authentication In-Vehicle Privacy and Consent Management V2V/V2I Authentication & Authorization Demo v1 AMM Demo – Biometric in-vehicle authentication Dev/Test Cloud Service for AGL Members