Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security, Internet of Things, DNS and ICANN

Published byRolf Marsh Modified over 6 years ago

Similar presentations

Presentation on theme: "Security, Internet of Things, DNS and ICANN"— Presentation transcript:

1 Security, Internet of Things, DNS and ICANN
domainfest.asia 20 Sep 2016 Hong Kong

2 What’s all this I hear about the Internet of Things
What’s all this I hear about the Internet of Things? (A recent visit to CES in Las Vegas) Yes – IoT has become a marketing term blurring the lines between “things”. Could be a light bulb or a car or a medical device …or… a router or a firewall. BTW: That IoT light bulb is connected to the same home network on which you do your banking transactions…hmmm. Accompanied with hype there is investment and IoT is another example of a lot of investment.

3 BS or Not BS? Does it matter? Where do “WE” fit in? Royal WE

4 A picture is worth 1001 words (but I am no artist)
Currently a mixture of gateway systems between Internet and other protocols. But technology and efforts quickly catching up to make all devices Internet capable.

5 Numbers, Identifiers, Protocols
Spectrum MHz, 900MHz, 2.4/5GHz, 24GHz… (GOVTs/ITU) Modulation, Media Access Control, e.g. bluetooth, wifi, zigbee,.. (IG/IEEE) MAC addresses, e.g., 00:20:68:XX:XX:XX/ISDYNE (IEEE) Other numbers: ports: 80/HTTP, 161/SNMP, OID/PEN: /Huawei (IETF/ICANN) IPv4, IPv6: , 2001:500:9f::42 (RIR/ICANN) ASN: AS2706/Wharf TT… (RIR/ICANN) Domain Names: … (ICANN) HTTP, SMTP, SIP, XMPP, RTP, app specific… (IETF/ITU/IG) Security: SSL/TLS, RSA, ECC, AES, … (Academia/IG/IETF/GOVTs) IoT is a reason for IPv6, i,.e., IPv6lopan

6 Obviously we need domain names to lay claim to our presence on the Internet
…and to provide a mechanism for customers to locate our services But where might domain names fit in the IoT discussion?

7 DNS: The first Cloud service?
DNS has been part of the Internet since 1983 Faithfully managed by 100s of operators and 1000s of entities Already built into software Currently mostly one way from static DNS servers to clients Why not both ways? The DNS has already been increasingly relied upon for machine-to-machine communication. e.g., between systems. Why not IoT?

8 Examples of DNS data channel use:
Sure, this “channel” is slow but most IoT applications are low data rate (e.g., door open, door closed) Examples of DNS data channel use: Botnet command and control Internet accesses over DNS (e.g., iodine) Web analytics Caching delays can be controlled or eliminated Relatively easy to write/modify nameserver to act on specific queries, e.g., set-light-on-<changing-string>.my.iot.domain get-alarm-state-<changing-string>.my.iot.domain I have one setup xxxxx.iot.dc.org that ESP8266/$2 IoT devices use to communicate with each other. Responses can be application specific encoded/encrypted.

9 DNSSEC: Solution to IoT’s Security Headache?
Security is a well known missing piece for IoT Many IoT applications have physical safety implications DNS with DNSSEC can solve this problem Examples: DANE: publish public keys in the DNS. End user validates using DNSSEC. SmartGrid Result: a secure, global, cross-organizational, trans-national communication channel between devices Holy grail of true end-2-end security. Makes some nervous. German ISPs have embraced DANE. This is a recognized issue but businesses are too busy focusing forward. This will be an issue and is therefore an opportunity for those looking ahead with skills. BTW: That IoT light bulb is connected to the same home network on which you do your banking transactions…hmmm.

10 A thought: Scalable Security for IoT
root DNS is already there DNSSEC adds security com and crosses organizational boundaries. google.com za co.za iotdevices.co.za security.co.za electric.co.za An opportunity to build security into IoT devices from the start. car.rickshome.iotdevices.co.za water.rickshome.security.co.za aircond.rickshome.electric.co.za window.rickshome.security.co.za thermostat.rickshome.iotdevices.co.za meter.rickshome.electric.co.za door.rickshome.security.co.za refrigerator.rickshome.iotdevices.co.za Animated slide

11 The Opportunity Domain Names as a ubiquitous, scalable, decentralized (cloud) communication channel for IoT infrastructure Locked down with DNSSEC to secure the channel and bootstrap application specific security mechanisms

12 Thank you, Q+A Naysayers: Other attempts to use DNS as a global directory servie RFID EPC Global: Devices not Internet capable; E164 Poor timing. Telco identifiers losing to Internet identifiers. Solution ISO problem; +IoT devices DNS ready and security for IoT a problem.

Download ppt "Security, Internet of Things, DNS and ICANN"

Similar presentations

Deployment of the Light Weight IPv6 protocols In the Internet of Things(IoT) draft-fu-lwig-iot-usecase-00 Qiao Fu China Mobile 2014.11.13 1.

Deployment of the Light Weight IPv6 protocols In the Internet of Things(IoT) draft-fu-lwig-iot-usecase-00 Qiao Fu China Mobile
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
ITGS Networks Based on the textbook “Information Technology in a Global Society for the IB Diploma” by Stuart Gray.

ITGS Networks Based on the textbook “Information Technology in a Global Society for the IB Diploma” by Stuart Gray.
The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments.

The Operator Neutral Access At KistaIP. KistaIP ? Is a student dorm with 144 apartments.
Intro to MIS – MGS351 The World Wide Web and the Internet Extended Learning Module B.

Intro to MIS – MGS351 The World Wide Web and the Internet Extended Learning Module B.
A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.

A machine that acts as the central relay between computers on a network Low cost, low function machine usually operating at Layer 1 Ties together the.
Cyber Opportunity CAN ICT Conference 1 Feb 2016 Kathmandu, Nepal

Cyber Opportunity CAN ICT Conference 1 Feb 2016 Kathmandu, Nepal
Cafanh Seminar Saturday 15, 2015 Speaker: Jean Bernard Choudja.

Cafanh Seminar Saturday 15, 2015 Speaker: Jean Bernard Choudja.
Aarnet Australia's Academic and Research Network Glen Turner 2011-07-14 IPv6 birds of a feather meeting QUESTnet 2011 IPv6 — the elevator pitch.

Aarnet Australia's Academic and Research Network Glen Turner IPv6 birds of a feather meeting QUESTnet 2011 IPv6 — the elevator pitch.
By: Hunza, Omar and Anum Chapter 4 pg(76-79).

By: Hunza, Omar and Anum Chapter 4 pg(76-79).
Unit 36: Internet Server Management

Unit 36: Internet Server Management
Troubleshooting Networked Video

Troubleshooting Networked Video
IoT Security Part 2, The Malware

IoT Security Part 2, The Malware
Device Maintenance and Management, Parental Control, and Theft Protection for Home Users Made Easy with Remo MORE and Power of Azure MICROSOFT AZURE APP.

Device Maintenance and Management, Parental Control, and Theft Protection for Home Users Made Easy with Remo MORE and Power of Azure MICROSOFT AZURE APP.
Internet Of Things (IoT)

Internet Of Things (IoT)
Instructor Materials Chapter 10: Application Layer

Instructor Materials Chapter 10: Application Layer
IoT Integration Patterns, REST, and CoAP

IoT Integration Patterns, REST, and CoAP
Healthcare IT Solutions on Azure – Designed by Doctors, Delivered by Experts. Increase Revenue, Improve Efficiency and Enhance Patient Care MICROSOFT AZURE.

Healthcare IT Solutions on Azure – Designed by Doctors, Delivered by Experts. Increase Revenue, Improve Efficiency and Enhance Patient Care MICROSOFT AZURE.
Secure Hyperconnectivity with TeamViewer and Windows technologies

Secure Hyperconnectivity with TeamViewer and Windows technologies
Smart home introduction

Smart home introduction

Similar presentations

Ads by Google