Embed Size (px)
Citation preview
1Global Partner Summit 2017: Competing to Win
February 14 – 17 | Napa, California
Global Partner Summit 2017: Competing to Win
Guaranteeing IoT Data Integrity with Blockchain: Rail Use Case
Jonathan H. KingHead of Cloud Portfolio StrategyEricsson
Ericsson Internal | 2016-08-29 | Page 3
Internet of Data
Humangenerateddata
Machinegenerateddata
Naturegenerateddata
Netflix~30PB/daydownlink cachable
Jet Engines (US)~60PB/dayuplink non cachable
50G devices, 1GB/day-> 50 EB/day
Human genome ~ 2TB
10M people -> 20EB
~20EB one year of total harddisk production
Movie ~ 1GB
Facebookall photos ~100PBGoogle totalstorage ~10EB
Netflix catalog ~ 3PB
Ericsson Internal | 2016-08-29 | Page 4
And Data Is A Global Challenge
Multiple Jurisdictions, Different Regulations, Ever-ChangingHow Do I move My data without Breaking the law?
How Do I secure my Data Integrity?
Ericsson Internal | 2016-08-29 | Page 5
› Who is Ericsson?› Why is Data Integrity Important?› Why Ericsson Blockchain Data Integrity for Predix?› Ericsson Blockchain Data Integrity Predix Use Cases› How you can get started!
Agenda
Ericsson Internal | 2016-08-29 | Page 6
ericsson by the numbers
5thLargest Global
Software company
180countries
$4Bin annual R&D spending
© Ericsson AB 2014 | 2014-09-04 | Page 6
40%Of Global Mobile Traffic
39kpatents
2Busers on our
charging and billing
5thLargest Global
Services Company
#1vendor to operators
Ericsson Internal | 2016-08-29 | Page 7
A Programmable Distributed Cloud For 5g
Access/Mobility Service Provider Core
Devices/IoT EnterpriseIT/Cloud
Transport
Management & Control
Service Provider IT Cloud
Applications
Cloud Infrastructure
AccessMobile
Fixed
Many more devices, sensors & actuators, enhanced capabilities
More Automation, Analytics, ML Multi-Domain, Multi-Vendor
Clouds from all types of Industries
Multi-access:Multi-band, Multi-standard,
Multi-layer Radio; Fixed access
Cloud and DC infrastructure in both Telco & IT domains
Virtualization, E2E IP, Software Defined NWs
Energy efficient Devices and Network
Embedded security, Identity Management, Advanced Cryptography
A horizontal & programmable Network platform connecting all Clouds to all Devices© Telefonaktiebolaget LM Ericsson 2016
Ericsson Internal | 2016-08-29 | Page 8
Traffic safety
Industrial applications
Massive Scale with Critical Processes
Massive scale
Logistics & fleet management
Smart building
Emergency health care
Critical processes
Remotemanufacturing
• Massive numbers
• Low cost, low energy
• Small data volumes
• Smaller numbers
• Ultra reliable, high availability
• Very low latency
Smartagriculture
Smart metering
Different requirements of
connectivity
Ericsson Internal | 2016-08-29 | Page 9
Confidentiality Breach Integrity Breach
Your car Your breaking patterns are exposed Your breaking system stops working
Your flight Your flight plan is posted on Internet (note: it already is)
Your plane’s instruments report that you are 1,000 feet lower than you actually are
Your local power station Your electricity bill is published online
Critical systems compromised leading to shutdown and catastrophic failure
Your pacemaker Your heartbeat becomes public knowledge Shutdown and death
Your home The contents of your fridge are ‘leaked’. You drink how much beer?
Your security system is remotely disabled
Why does Data Integrity matter
Ericsson Internal | 2016-08-29 | Page 10
Traditional Perimeter Security vs Data centric SECURITY
INSIDER THREAT
VENDORS
METHOD
FOCUS
MISSION
OFFERING
INNOVATION LEVEL
Data Centric Security
Continuous monitoring of the integrity state of digital assets and data
100% detection of digital asset and data compromise
Inside-out, data centric
Paradigm shifting
100% detection of insider manipulation
Generic Data solution
Ericsson
Perimeter Security
Continuous search for known vulnerabilities
100% protection of the perimeter
Outside-in, perimeter centric
Evolutionary
Limited ability to detect insider manipulation
Point solutions
FireEye, Symantec, Check Point, Fortinet
Ericsson Internal | 2016-08-29 | Page 11
Re-Invention of DATA Security
TO: VERIFY EVERYTHINGCompromise is inevitable, location matters
Data centric: every data asset is tagged, tracked, located, verified
Immutable validation of end points: every user AND all devices
Data is portable without breaking the law
Find the proof: independently verifiable, mathematical forensics
FROM: PROTECT ONLY100% Protection is possible
Perimeter centric: access control, encryption
Hardened end points, usersnot devices
Data is locked down
Illusion of liability protection:third party audits, certifications
Ericsson Internal | 2016-08-29 | Page 12
ProblemIndustrial applications are heavily regulated with stringent operational safety and compliance requirements, as well as performance and scale requirements
SolutionBlockchain Data Integrity Assurance service ensures integrity of all digital assets, auditability and evidence of compliance. It enables historical attribution of data and a forensic chain as part of the data lifecycle
BenefitsData integrity guarantee with near-real time, independent verification and evidence of regulatory and process compliance for Predixbusinesses
Blockchain Data Integrity for PREDIX
Ericsson Internal | 2016-08-29 | Page 13
The Ericsson Blockchain Data Integrity service will help reduce business risk by detecting data tampering:› By signing critical data assets in defined
threat areas
› By continually verifying the integrity of critical data assets
› By detecting data tampering of critical data assets
› By automating audit procedures of signed critical data assets
Business Risk reduction
THREATDOMAINS
› Internal employees
› Processes› Systems› External sources
– Hackers– Business
partners– Suppliers– Government
regulators
THREATCATEGORIES
› Facility environment
› Operational environment
› Supply chain› Service liability› Control framework› Legal and
regulatory compliance
› Terrorism
Ericsson Internal | 2016-08-29 | Page 14
ProblemRail side field service operations typically span multiple organizations and systems and require several hand-offs. Technicians work on remote sites for installation, monitoring and inspection of rail assets. Distributed operations make governance and auditability challenging
SolutionGE Predix Mobile team smartphone application for Predix that uses Ericsson Blockchain Data Integrity service for assuring integrity of service work orders and asset configuration
BenefitsEricsson’s Blockchain micro-service enables ownership tracking with non-repudiable proofcalendar signing to provide temporal order of events, and a provenance chain that enables a complete audit trail of who/what/when actions
BLOCKCHAIN DATA INTEGRITY USE CASE 1: GE Transportation Rail connectDISTRIBUTED CONFIguration Management
Dashboard – multi-site topology view of rail assets &
service work orders
Ericsson Internal | 2016-08-29 | Page 15
Transportation Rail ConnectDistributed Configuration Management
Ericsson Internal | 2016-08-29 | Page 16
ProblemDigitized forms often contain sensitive information so it is imperative to verify the integrity of the form itself as well as the data input into the form
SolutionSecure Forms, a web-based application that uses Ericsson Blockchain Data Integrity service to provide an additional layer of security for the Predix platform.
BenefitsPredix Users can access and fill in the form from any web-enabled device even without an Internet connection and be assured that neither the form nor the entered data have been compromised and that regulatory compliance standards have been met
BLOCKCHAIN DATA INTEGRITYUSE CASE 2: SECURE FORMS
Ericsson Internal | 2016-08-29 | Page 17
DATA INTEGRITY ISA MUST FOR IOT
› Data Integrity is critical› Ericsson and GE have partnered
to deliver Ericsson BlockchainData Integrity on Predix
› Builders should use Ericsson Blockchain Data Integrity for auditability & governance of their applications.
• Access the service today at: https://www.predix.io/catalog/services
• Free 30 day trial
• Builders should use Ericsson Blockchain Data Integrity for critical Predix applications
We’re in the predix catalog!
