Upload
forgerock
View
247
Download
0
Embed Size (px)
Citation preview
© 2017 ForgeRock. All rights reserved.
Security On The Edge A New Way To Think About Securing the Internet of Things
Ashley Stevenson – Identity Technology Director, ForgeRock
Chris Kawalek – Product Marketing Director, ForgeRock
© 2017 ForgeRock. All rights reserved.
This technology preview contains descriptions of planned features and
functionality, please refer to the product documentation for full details of
included features.
© 2017 ForgeRock. All rights reserved.
2010 Founded in Norway
10 Offices worldwide with headquarters in San Francisco
420+ Employees
720+ Customers
50% Americas / 50% International commercial revenue
30+ Countries
1.2+ Billion Identities
ForgeRock The leading, next-generation, identity security software
platform, driving digital transformation
© 2017 ForgeRock. All rights reserved.
Identity Evolution
Employees
Partners
Mobile
Customers
IoT / Edge
Relationships
Legacy Identity
Customer Identity
Relational Identity
© 2017 ForgeRock. All rights reserved.
Everyone And
Every Thing
Identity For
Identity Relationship Management
© 2017 ForgeRock. All rights reserved.
Authorization Federation
Identity Workflow Self Service
Authentication
Identity Synchronization
Adaptive Risk
Identity Store
User-Managed Access
Identity Gateway
ForgeRock Identity Platform
Social Identity
Identity Proxy
ForgeRock Identity Edge
Controller
ForgeRock Identity
Message Broker
ForgeRock Edge Security
© 2017 ForgeRock. All rights reserved.
IoT Is More Than You Think… Smart Home Retail Smart City Health
Robotics Transportation Oil & Gas Manufacturing
© 2017 ForgeRock. All rights reserved.
The Trouble with Today’s IoT Approach • Security is not “by design”, it takes a back
seat to functionality • Transport security is not enough • Hard coded usernames and passwords, or
management of thousands of PKI certificates is standard operating procedure
• There is no way to know if devices are authentic, or if a bad actor is siphoning or manipulating their data
• No trust between decoupled IoT platforms • Data is used to make autonomous
decisions Bad data = bad decisions
© 2017 ForgeRock. All rights reserved.
Introducing: ForgeRock Edge Security • Ensure trust in IoT devices and their communications using a
combination of strong cryptography and standards-based Identity technologies
• Hardware Root of Trust on supported devices and encryption • Secure configuration and attestation of devices and services • Rich, policy-based controls for securely managing IoT
interactions • Secure messaging support for protocols like MQTT and CoAP
© 2017 ForgeRock. All rights reserved.
How to Protect Devices “On The Edge”
• Establish the Root of Trust at the edge
• Provide a single security platform across edge to enterprise
• Establish trusted identities across ecosystems
• Share security context to enable rich relationships
• Enable secure and trusted onboarding, no human intervention
© 2017 ForgeRock. All rights reserved.
ForgeRock Identity Edge Controller • Software for edge hardware • Ensures authenticity and security • No more hard coded usernames and passwords or
managing thousands of PKI certifications • Features hardware root of trust on supported
architectures for chip-to-cloud security • Simple on-boarding of devices with zero-
configuration device discovery • Manages secure credentials, data signing, data
encryption, data tagging, device attestation, and more
© 2017 ForgeRock. All rights reserved.
ForgeRock Identity Message Broker • Secure message authorization and
translation, purpose-built for IoT • Brings authentication and authorization
policies to data streams generated by IoT devices
• Works as a “translator”, securely transforming simple IoT protocols to HTTP and WebSockets
• Leverages the full power of the ForgeRock Identity Platform
© 2017 ForgeRock. All rights reserved.
Providing personalized driver experience and trusted vehicle identities for connected cars
© 2017 ForgeRock. All rights reserved.
• Authenticates drivers, passengers, and vehicles
• Allows for profile management in the cloud, personalization in the car
• Trusted identities for vehicles, their sensors, software and data with ForgeRock Identity Edge Controller
THE CONNECTED CAR SOLUTION FOR AGL
© 2017 ForgeRock. All rights reserved.
Access Management
Profile Management
Identity Repository
Identity Gateway
FORGEROCK IDENTITY PLATFORM
AGL IN-VEHICLE OS
Application Framework
App 1 App 2 App 3
Standards-based Identity Agent
Bluetooth WiFi
Identity Edge Controller
© 2017 ForgeRock. All rights reserved.
Access Management
Identity Management
Directory Services
Identity Gateway
FORGEROCK IDENTITY PLATFORM
FORGEROCK EDGE SECURITY UNIFIED PLATFORM
FORGEROCK IDENTITY MESSAGE BROKER
FORGEROCK IDENTITY EDGE CONTROLER
X
© 2017 ForgeRock. All rights reserved.
If It’s Connected, It Needs to be Secured
Cargo Container Energy Substation Smartphone Wearables Animals Shopping Cart Vehicles Bike Computer
Smart Meter
Stoplight
Parking Meter Sensor Camera Oil Barrel Forklift Buildings
Wind Turbine
Gas Pump