What is the IoT security paradigm currently and what is the issue with it?
What is the IoT security paradigm currently and what is the issue with it?
This is a pretty broad question. I am not sure that there is a single paradigm today, communication link security might be the closest i.e. using SSL or TLS to secure HTTP links from device to cloud service. During the presentation I discussed ( at a high level ) a range of different control that must be in place to ensure overall system security. These include :
(1) Server & Client authentication: Ensuring that both the Server and Client have the correct credential to authenticate and connect to each other.
(2) Identity and Root-of-Trust Management.
(3) Provisioning.
There are may other area that I also mentioned. Integrating these features into products from the ground up will be key. Today security is often considered as an afterthought which can lead to many risks.