Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • LoRa Security 20160315 Pole SCS

    Загружено:

    Anonymous fqHGrbwxeF
    13 просмотров19 страниц
    Lora Security

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    Lora Security

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    13 просмотров19 страниц

    LoRa Security 20160315 Pole SCS

    Загружено:

    Anonymous fqHGrbwxeF
    Lora Security

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 19

    Securing the LoRa networks

    March 15, 2016


    Route to Safeguarding > Software Activation & Licensing > Secure Provisioning of

    Trust in IoT > Dynamic Key Management


    (for Authentication & Encryption)
    Key Credentials & Tokens

    SECURITY
    LIFECYCLE
    MANAGEMENT
    Gemalto’s approach to security
    closes the loop, managing the
    complete security lifecycle of
    the connected object together
    IOT SECURITY
    with data at rest and in motion CONSULTING &
    CERTIFICATION
    from the network to the cloud. SERVICES

    SECURE SECURE
    THE CLOUD THE DEVICE

    > Big Data Encryption > Secure Device Access


    > Server Protection > Sensitive Data Security
    > Cloud Application Security > Communication Encryption
    > Protect Software Integrity

    2 Pole SCS - Security 15/03/2016


    LoRa Context

    3 Pole SCS - Security 15/03/2016


    Connection Forecast per LPWAN Technology

    Latest Beecham Research report

    large dominance of LoRa and


    SigFox technologies for LPWAN

    Source Beecham Research

    4 Pole SCS - Security 15/03/2016


    LoRa Alliance: a rich Ecosystem

    Gemalto is now a contributor


    member since Nov 2015

    Focusing on Security related


    topics in LoRaWan evolution.

    Gemalto technically aligned


    with Semtech, Gateways,
    Providers, Network Server
    companies

    5 Pole SCS - Security 15/03/2016


    High Level Security Concept

    1
    6 Pole SCS - Security 15/03/2016
    Delivering security

    Secured Secured
    app app
    Security Security
    libs libs

    Processor Processor

    Device side Back-end

    7 Pole SCS - Security 15/03/2016


    Delivering security with SE and HSM

    Secured app Secured app

    Processor Processor

    Secure Element
    Security libs
    Security libs

    HSM
    Dedicated chip for
    Dedicated chip for
    security
    security

    Device side Back-end


    8 Pole SCS - Security 15/03/2016
    LoRa Security
    2
    9 Pole SCS - Security 15/03/2016
    LoRaTM Architecture – The Challenges ?

    Devices Gateways LoRa network Application


    server servers
    10 Pole SCS - Security 15/03/2016
    LoRaTM Architecture – What specifications says ?
    2 temporary session keys are derived: NwkSKey et AppSKey
    NwkSKey secures the network layer
    AppSKey secures the applicative layer

    AppSKey

    AppSKey
    NwkSKey

    NwkSKey

    Devices Gateways LoRa network Application


    server servers
    11 Pole SCS - Security 15/03/2016
    LoRaTM Architecture – How to build trusted relationship ?
    How
    • Diversify each key for each device?
    • Distribute the keys in a secure way to:
    • Device Manufacturers AppSkey

    • Lora Network Provider AppSkey NwkSkey

    • Application Providers
    NwkSkey

    … or to repude them

    the LoRa Network Operator keeps the device key AppKey


     He can compute the AppSKey and decrypt the data of its customers

    the Application Providers keeps the device key AppKey


     The Application Providers can compute the NwkSKey and clone devices

    How the LoRa Operator ensures the network authentication and ensures the
    confidentiality to its customers ?

    12 Pole SCS - Security  Need of a trusted party !


    15/03/2016
    Gemalto as Trusted Third Party AppSKey
    AppKey
    Clients enrollment & NwkSKey
    1 PKI
    AppKey generation

    Secure the
    2 Distribution 4
    Trusted Key Manager application
    AppSKey
    AppKey 3 Secure the
    NwkSKey network
    AppSKey

    AppKey NwkSKey

    Devices manufacturer
    The device AppKey is never disclosed between the device manufacturer, the
    network operator, and the service provider
    The device AppKey is securely stored in a tamper resistant server
    13 Pole SCS - Security 15/03/2016
    Device Security
    3
    14 Pole SCS - Security 15/03/2016
    LOGO COLOR VERSIONS
    Gemalto Embedded Security Choices
    LOGO

    TEE: Trusted Execution


    Environment
    Security BOM: Bill Of Materials

    Dedicated Tamper resistant hardware on dedicated chip.


    Secure
    LOGO IN BLACK LOGO ON BLACK
    Element
    Dedicated hardware on generic
    Hardware
    TEE processor

    Software Dedicated software on


    GTO TEE processor
    Minimum
    security on
    Software
    based generic
    processor
    + ++ +++ ++++
    0 on BOM
    Difficulty &
    0 on BOM BOM BOM
    impact impact costs
    15 Pole SCS - Security 15/03/2016
    Secure Element can be used for Device Security

    Trusted Third Party

    Device with additional security needs

    16 Pole SCS - Security 15/03/2016


    Key Management System for Device Maker / Application

    KMS
    KMS
    Trusted Third Party

    KMS

    17 Pole SCS - Security 15/03/2016


    How Gemalto brings trust to IoT

    Connect Monetize
    > Out-of-the-box > Flexible monetization
    connectivity
    > Licensing and entitlement
    > Multiple form factors software
    > Quality of Service > IoT application upgrades
    > Subscription Management Secure > Application Development
    > Secure the device

    > Secure the cloud

    > Security lifecycle


    management

    18 Pole SCS - Security 15/03/2016


    Loic Bonvarlet - loic.bonvarlet@gemalto.com

    Вам также может понравиться