Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Privacy, a competitive advantage.

Privacy, a competitive advantage.

Mrinal Wadhwa

November 18, 2020
Tweet

More Decks by Mrinal Wadhwa

Other Decks in Technology

Transcript

  1. Privacy, a competitive advantage.
    Mrinal Wadhwa
    CTO, Ockam
    @mrinal

    View full-size slide

  2. Privacy.
    The ability of an individual or group to control the
    f
    l
    ow of
    information about themselves.

    View full-size slide

  3. Security.
    The degree of resistance to encountering an
    unfortunate event.

    View full-size slide

  4. The degree of resistance to encountering an
    unfortunate event.

    View full-size slide

  5. To maximize this degree of resistance, we need to understand
    the possible set of unfortunate events, your threat model.

    View full-size slide

  6. THREAT DESIRED PROPERTY
    S Spoo
    f
    i
    ng identity Identi
    f
    i
    cation, Authentication
    T Tampering with data Integrity
    R Repudiation Non-repudiability (some applications desire the opposite)
    I Information disclosure Con
    f
    i
    dentiality
    D Denial of service Availability
    E Elevation of privilege Authorization
    The STRIDE threat model.

    View full-size slide

  7. THREAT DESIRED PROPERTY
    S Spoo
    f
    i
    ng identity Identi
    f
    i
    cation, Authentication
    T Tampering with data Integrity
    R Repudiation Non-repudiability (some applications desire the opposite)
    I Information disclosure Con
    f
    i
    dentiality
    D Denial of service Availability
    E Elevation of privilege Authorization
    The STRIDE threat model.

    View full-size slide

  8. The tool that system architects use to guarantee
    data integrity, authenticity and con
    f
    i
    dentiality.
    Cryptography.

    View full-size slide

  9. Content Systems & Apps
    Commerce
    Everything useful on Internet relies on
    Cryptography.

    View full-size slide

  10. The willingness of one party to rely on the
    actions of another party.
    Trust.

    View full-size slide

  11. 3845 8855 2663 2213
    3845 8855 2663 2213
    Initially the focus was on client-server trust.
    0x217c5111…

    View full-size slide

  12. Hello
    0x217c5111… 0x8621f842…
    Hello
    Hello

    View full-size slide

  13. Hello
    0x217c5111…
    Hello

    View full-size slide

  14. Designed for Signal, now used in WhatsApp, Skype, Facebook Messenger, Allo etc.

    View full-size slide

  15. 0x217c5111… 0x8621f842…
    80 bpm
    80 bpm
    80 bpm

    View full-size slide

  16. 80 bpm 80 bpm
    0x217c5111…

    View full-size slide

  17. Gateway
    Flood Warning Sensor
    Flood Monitoring System
    Sensors Vendor’s Service
    LPWAN
    TLS TLS
    Usually has different security properties,
    compared to TLS, often not as well designed.
    Various protocols have various different secure channel designs.

    View full-size slide

  18. D D D … Devices …
    … Gateways …
    Lighting HVAC
    Water


    Monitoring
    Elevators
    Access


    Control
    Fire Safety Waste Parking
    … Vendor IoT Backends …
    System Integrator 1
    Building Management System
    … SI IoT Backends … System Integrator 2
    G G
    D D D D D D D D D D D D D D D D D D D D D
    G G G G G G G G G G G G G G
    Complexity & attack surfaces grow to be unmanageable. Proprietary data is leaked. Security becomes untenable.

    View full-size slide

  19. Remove backend infrastructure from an end users threat model.
    The end user may be an individual or a business.

    View full-size slide

  20. github.com/ockam-network/ockam

    View full-size slide