iot inovacao03 e a seguranca
DESCRIPTION
IoT InovacaoTRANSCRIPT
![Page 1: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/1.jpg)
elevenpaths.com
Internet das Coisas IoT a inovação e a segurança.
Leandro Bennaton @bennaton
GTS 24 São Paulo 28 de novembro de 2014
![Page 2: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/2.jpg)
Leandro Bennaton
@bennaton
Executivo de Segurança do Grupo Telefónica: • Chief Security Officer responsável Global por
Segurança e Conformidade no TERRA • Chief Security Ambassador na ELEVEN PATHS • Security Mentor na WAYRA • Professor Pós Graduação na FIAP Pós graduado, com MBA em Gerenciamento de Segurança da Informação e certificações internacionais. Participa do Information Security Forum e ativamente no Comitê Gestor da Internet.
Premiado pelo 2º ano consecutivo como o melhor executivo de Segurança pela organização Security Leaders.
![Page 3: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/3.jpg)
Leandro Bennaton Alguns dos últimos Projetos:
• SINFONIER, uma solução open source de Apache Storm para cyber security http://sinfonier-project.net
• THE ANALOGIES PROJECT, disseminar o conhecimento segurança da informação através de analogias https://theanalogiesproject.org/
• H2HC MAGAZINE, revista com conteúdo técnico de segurança e hacking https://www.h2hc.com.br/revista/
• CYBER MANIFESTO, como proteger melhor o Brasil de ataques cibernético http://www.cyber-manifesto.org
![Page 4: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/4.jpg)
![Page 5: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/5.jpg)
IoT no topo do HypeCycle
![Page 6: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/6.jpg)
![Page 7: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/7.jpg)
![Page 8: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/8.jpg)
![Page 9: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/9.jpg)
Por que tudo é hackeado? ...
![Page 10: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/10.jpg)
Defacement de sites ...
![Page 11: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/11.jpg)
BUG
![Page 12: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/12.jpg)
Vazamento de informações ...
![Page 13: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/13.jpg)
Ataques DDoS – Timeline ...
![Page 14: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/14.jpg)
![Page 15: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/15.jpg)
![Page 16: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/16.jpg)
![Page 17: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/17.jpg)
![Page 18: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/18.jpg)
![Page 19: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/19.jpg)
![Page 20: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/20.jpg)
IoT e as pessoas mal intencionadas ...
![Page 21: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/21.jpg)
![Page 22: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/22.jpg)
![Page 23: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/23.jpg)
Smart Grid ...
![Page 24: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/24.jpg)
Stuxnet ...
![Page 25: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/25.jpg)
25
![Page 26: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/26.jpg)
![Page 27: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/27.jpg)
![Page 28: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/28.jpg)
Privacidade ?
![Page 29: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/29.jpg)
Smartphone ...
![Page 30: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/30.jpg)
Smart TV...
![Page 31: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/31.jpg)
Wearable devices ...
![Page 32: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/32.jpg)
![Page 33: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/33.jpg)
Desafios
![Page 34: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/34.jpg)
IoT – Principais desafios Os principais desafios de IoT são: • Segurança • Privacidade • Fraudes • Infraestruturas CríTcas • M2M, machine to machine • Padronização
Segurança é prevenção, não o remédio!
![Page 35: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/35.jpg)
IoT -‐ Desafios de Segurança É necessário pensar em Segurança do ponto de vista: • do DisposiTvo • da Arquitetura • da Informação • da Comunicação • da Gestão de Paths • etc. É necessário pensar na segurança e proteção dos disposiGvos de Ponta a Ponta, ou como dizemos em inglês end-‐to-‐end security.
![Page 36: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/36.jpg)
IoT -‐ Desafios de Segurança Tenha em mente que os disposiGvos podem:
• Não estarem acessíveis um disposiGvo não estará conectado na maioria das vezes
• Serem perdidos ou roubados garanGr a segurança é diMcil quando não há conexão
• Não gerenciar criptografia o processamento dos disposiGvos é limitado
• Ter um tempo de vida finito gestão das credenciais, vinculadas ao tempo de vida
• Ser portáteis desta forma podem cruzar fronteiras ...
![Page 37: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/37.jpg)
Uma ferramenta ...
![Page 38: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/38.jpg)
Credenciais de acesso ...
![Page 39: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/39.jpg)
![Page 40: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/40.jpg)
API App
![Page 41: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/41.jpg)
AutenTcação
1. Login/password
2. Valida as credenciais
3. verifica o status do Latch
4. Latch esta OFF
5. Login Error
6. Alguém tentou acessar sua conta
![Page 42: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/42.jpg)
latch.elevenpaths.com
![Page 43: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/43.jpg)
SDKs
Plugins
![Page 44: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/44.jpg)
Versão gratuita
![Page 45: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/45.jpg)
O Latch
![Page 46: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/46.jpg)
OTP – 2F AutenTcação
![Page 47: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/47.jpg)
Alertas
![Page 48: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/48.jpg)
Para usar Latch, você deve registrar sua conta através do site:
latch.elevenpaths.com
Seja um usuário
![Page 49: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/49.jpg)
Perguntas ???
![Page 50: IoT Inovacao03 e a Seguranca](https://reader034.vdocuments.pub/reader034/viewer/2022051623/5695d1d31a28ab9b02980c12/html5/thumbnails/50.jpg)
Leandro Bennaton @bennaton