Go to content Phone human-readable description of the message we trying to accomplish. Search human-readable description of the message we trying to accomplish. Map pin human-readable description of the message we trying to accomplish.

My first visit to New Orleans and first CIS (Cloud Identity Summit) was exceptional and many thanks to the organisers for inviting me to talk about trust technology in IoT devices. My talk paled in comparison to Frank Abagnale’s recounting of his life story (which was somewhat less glamorous than portrayed in Catch Me If You Can), an interview with General Petraeus and a very authentic and heartfelt keynote by Andre Durand having just sold Ping Identity to Vista Equity Partners. The toughest part of CIS was choosing which sessions to attend, particularly when so many other talks ran concurrently with mine.

As an outsider to the industry (a non-Identerati), I sensed a lot of past focus on users interacting with apps served through websites, but this is where things are changing. Mobile devices with native apps now outnumber accesses by traditional browser. In the IoT world, apps can live anywhere – on small edge nodes, mobile apps, gateway devices (eg VMWare Liota) and in the cloud. The good news is that many of these devices are built to be more secure than untrusted browsers. They need to be if they are going to interact with the real world. We need to Identify All the Things.

A talk from Ian Glazer of Salesforce was revealing – The Identerati covet their InfoSec peers’ professional qualifications, and lament having none to reflect their own accomplishments. This is strange because many of the talks delivered hammer blows to yesterday’s Infosec technology – VPNs, firewalls, anti-virus, passwords – they are all proclaimed dead. The perimeter no longer exists; the new security model should assume that attackers are already inside an organization. If that’s the case, then why covet those InfoSec qualifications? Many InfoSec problems start with poor identification and enrolment, compromised authentication and over-permissioned authorizations. The Identerati don’t need to look backward; they need to keep forging ahead for Identity is the new Infosec – Forrester shows where the money is going.  We need to Identify all the Users.

Related content

The Benefits of Trusted User Interface (TUI)

Trusted User Interfaces (TUIs) are the next big thing for securing critical mobile apps. The Trusted User Interface feature allows a Trusted Application to interact directly with the user via a common display and touch screen, completely isolated from the main device OS.

Webinar: Secure IoT with Microchip and Kinibi-M

During this webinar, you will be introduced to Trustonic's Kinibi-M and shown how to program a MicroChip SAML11 microcontroller, based on the Arm Cortex-M33 processor with TrustZone technology. The webinar will show users how to generate secure messages that a server or cloud can validate from a device for decryption and display.

EE Journal: Microchip SAM11L KPH & Kinibi-M

Adding connectivity to your embedded design opens up a whole new realm of security challenges. Inviting your device to the IoT requires careful attention to building a secure foundation. In this episode of Chalk Talk, Amelia Dalton chats with Anand Rangarajan from Microchip about the SAML11-KPH MCU and how it can help you develop your application without worrying about IoT security.

All Internet of Things posts
Back to top