Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity Processor Secures IoT Systems

Published byFranz Sternberg Modified over 6 years ago

Similar presentations

Presentation on theme: "Identity Processor Secures IoT Systems"— Presentation transcript:

1 Identity Processor Secures IoT Systems
CPU Sensors & Actuators Identity-based Access Unencumbered by Passwords Unassailable Data Transactions Cryptochain Technology Identity Processor (IPU)

2 Transactions Today: Vulnerabilities
Bob Foob Router ٠٠٠ Local Data Password Cracking Man-in-the- Middle Limited SSL Lifetime Replay Attack Counterfeit Site Data Theft Transaction Repudiation Imposter ID Theft Malware No Certificate Unknown Revocation Weak Authority Online Cashier Card Scanner Skimming Misappropriation Point-of-Sale

3 Root Vulnerabilities Passwords Anonymous parties Protocol weaknesses
Physical credentials Databases of sensitive information Gray certification authorities Anonymous systems Primitive root-of-trust

4 Cryptochain: Point-of-Sale Transaction
Bob ٠٠٠ [1] Bob scans items for purchase at Foob Outlet’s Terminal 2 Foob Outlet Server [2] Bob’s smart-phone client scans Terminal 2’s label and sends an encrypted message to Foob Outlet through the cloud Router [3] The Foob Outlet server sends the encrypted message through the Cryptochain for decryption at Bob’s LTD server Foob PoS Terminal 1 Foob PoS Terminal 2 Foob PoS Terminal n

5 Cryptochain: Point-of-Sale Transaction
Bob Foob Outlet LTDa1a LTDx8x ٠٠٠ Federated Apex LTDa2a LTDx7x [6] Foob Outlet server can now decrypt the message and authorize the transaction [4] Bob’s LTD server sends the decrypted message to Foob, absolutely authenticating both parties [5] The Federated Apex audits any federated credentials in the decrypted message for ownership and authorization

6 Today’s IoT System Password-based Security Connection-based Security
Isolation-based Security Today’s IoT System

7 IoT System with Cryptochain
Cryptographic Security Password-based Security Isolation-based Security Gateway IoT System with Cryptochain

8 IoT System With Cryptochain
Root Vulnerabilities Passwords Anonymous parties Protocol weaknesses Physical credentials Databases of sensitive information Gray certification authorities Anonymous systems Primitive root-of-trust Eliminated Bypassed Obsolete

9 Jonetix Identity Processor (IPU)
Transient Identity Generator (TIG) Pseudo-Random Number (PRNG) Attestation Value Key Seeds Secure Zone Embedded in an AMD microprocessor (adds <1% to chip area) Key Derivation Function (KDF) Cryptographic Services Module (CSM) Control Unit (CU) Command Bus Addr/Data Bus

10 Identity Processor Features
Chip-unique identity Chip-unique, high-entropy random numbers Cryptographic services Autonomous key management Hardware feature options enablement Secure backup in insecure storage Secure data sharing and backup for individual across devices Chip-unique identity Public, private, and secret identity keys Chip-level root-of-trust Cloning eliminated Chip-unique, high-entropy random numbers Cryptographic services Session key generation Encryption Decryption Attestation Hash functions Autonomous key management Eliminates external key initialization services and key management services Secure backup in insecure storage Secure data sharing and backup for individual across devices

11 IoT System with IPU Gateway
Cryptographic Security IPU Gateway

12 IoT System With Cryptochain & IPU
Root Vulnerabilities Passwords Anonymous parties Protocol weaknesses Physical credentials Databases of sensitive information Gray certification authorities Anonymous systems Primitive root-of-trust Eliminated Bypassed Obsolete Chip-level

13 Jonetix Company Status
Eleven provisional patent applications filed Two full patent applications filed One patent issued Working prototype hardware and software Server and client app transaction modules Encryption, decryption, and authentication modules Principal invitation and registration to trust domains Web one-click sign-on and one-click transactions RTL for Identity Processor components Several working demos Cryptochain: video surveillance, climate control, garage door control Identity Processor: TIG, PRNG, KDF, and CSM in FPGA development boards

Download ppt "Identity Processor Secures IoT Systems"

Similar presentations

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Introduction To Windows NT ® Server And Internet Information Server.

Introduction To Windows NT ® Server And Internet Information Server.
Internet Security In the 21st Century Presented by Daniel Mills.

Internet Security In the 21st Century Presented by Daniel Mills.
OV 11 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
E-Commerce Security and Authentication Details Jerry Post

E-Commerce Security and Authentication Details Jerry Post
Cloud Computing & Security Issues Prepared by: Hamoud Al-Shammari CS 6910 Summer, 2011 University of Colorado at Colorado Springs Engineering & Applied.

Cloud Computing & Security Issues Prepared by: Hamoud Al-Shammari CS 6910 Summer, 2011 University of Colorado at Colorado Springs Engineering & Applied.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.

SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.

Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.
SODA Archiving October 2013

SODA Archiving October 2013
Troubleshooting Windows Vista Security Chapter 4.

Troubleshooting Windows Vista Security Chapter 4.
Encryption Objective 1: Explain data encryption procedures.

Encryption Objective 1: Explain data encryption procedures.
Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

Similar presentations

Ads by Google