Privacy, a competitive advantage.

Transcript

1. Privacy, a competitive advantage. Mrinal Wadhwa CTO, Ockam @mrinal

2. Privacy. The ability of an individual or group to control

   the f l ow of information about themselves.

3. Security. The degree of resistance to encountering an unfortunate event.

4. The degree of resistance to encountering an unfortunate event.

5. To maximize this degree of resistance, we need to understand

   the possible set of unfortunate events, your threat model.

6. THREAT DESIRED PROPERTY S Spoo f i ng identity Identi

   f i cation, Authentication T Tampering with data Integrity R Repudiation Non-repudiability (some applications desire the opposite) I Information disclosure Con f i dentiality D Denial of service Availability E Elevation of privilege Authorization The STRIDE threat model.

7. THREAT DESIRED PROPERTY S Spoo f i ng identity Identi

   f i cation, Authentication T Tampering with data Integrity R Repudiation Non-repudiability (some applications desire the opposite) I Information disclosure Con f i dentiality D Denial of service Availability E Elevation of privilege Authorization The STRIDE threat model.

8. The tool that system architects use to guarantee data integrity,

   authenticity and con f i dentiality. Cryptography.

9. Content Systems & Apps Commerce Everything useful on Internet relies

   on Cryptography.

10. The willingness of one party to rely on the actions

    of another party. Trust.

11. 3845 8855 2663 2213 3845 8855 2663 2213 Initially the

    focus was on client-server trust. 0x217c5111…

12. Hello 0x217c5111… 0x8621f842… Hello Hello

13. Hello 0x217c5111… Hello

14. Designed for Signal, now used in WhatsApp, Skype, Facebook Messenger,

    Allo etc.

15. 0x217c5111… 0x8621f842… 80 bpm 80 bpm 80 bpm

16. 80 bpm 80 bpm 0x217c5111…

17. Gateway Flood Warning Sensor Flood Monitoring System Sensors Vendor’s Service

    LPWAN TLS TLS Usually has different security properties, compared to TLS, often not as well designed. Various protocols have various different secure channel designs.

18. D D D … Devices … … Gateways … Lighting

    HVAC Water Monitoring Elevators Access Control Fire Safety Waste Parking … Vendor IoT Backends … System Integrator 1 Building Management System … SI IoT Backends … System Integrator 2 G G D D D D D D D D D D D D D D D D D D D D D G G G G G G G G G G G G G G Complexity & attack surfaces grow to be unmanageable. Proprietary data is leaked. Security becomes untenable.

19. Remove backend infrastructure from an end users threat model. The

    end user may be an individual or a business.
20. None
21. None
22. None
23. None
24. None

25. Ockam

26. github.com/ockam-network/ockam