Presentation is loading. Please wait.

Presentation is loading. Please wait.

Smart Objects and the Internet Architecture Fred Baker.

Published byBrooke Simpson Modified over 8 years ago

Similar presentations

Presentation on theme: "Smart Objects and the Internet Architecture Fred Baker."— Presentation transcript:

1 Smart Objects and the Internet Architecture Fred Baker

2 RFC 6272 I wrote, with a lot of help, a document describing the RFCs we write and use as a toolbox from which one can build products This was requested by US NIST for the purposes of the Smart Grid If I don’t say so myself, it’s recommended reading

3 Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 3 “...the Network should enable an application in a particular domain to communicate with an application in any other domain in the information network, with proper management control over who and where applications can be interconnected.” NIST Roadmap, Version 1.0, September 2009

4 We have some real challenges out there Picking one… Car companies tell us they want to burn a 128 bit address into an automotive appliance and use it to talk with the car’s “mother ship” Services similar to OnStar Automotive maintenance reports No comprehension that the IP Address presumes an Internet Architecture in which the prefix is a locator, and has to be scalably routable by the ISP No comprehension that an IP datagram is routed from and to a customer… A better alternative: an architecture for trusted communications Whatever address I am using, I identify myself to my peer using protocol exchanges such as HIP/ESP or D/TLS

5 Don’t misunderstand the intent of networks of Smart Objects They don’t all intend to use the Internet as we understand it Smart Grid, specifically, likely to be a parallel network for the most part They do plan to use IP and some of the related protocols If a protocol doesn’t meet their needs, they plan to change or replace it Health care likely a VPN, IPsec Transport Mode, https, or D/TLS-based

6 US DOE FFRDC’s DOE / NIST / UCAIug / ASAP-SG Security Effort

7 7 What kinds of security mechanisms? Communication Layer Type of controlExample Data Content End to end integrity in message-based exchange W3C XML Signature Application Layer Application to application authentication, authorization, encryption TLS, HTTPS, DKIM, S/MIME, SSH Network Layer System-to-system authentication, authorization, encryption IPsec ESP Physical/Link Layer Limited Membership SSID, IEEE 802.1X with EAP-TLS

Download ppt "Smart Objects and the Internet Architecture Fred Baker."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.

October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.
Lecture 22 Internet Security Protocols and Standards

Lecture 22 Internet Security Protocols and Standards
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.

Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.
VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.

VPN – Technologies and Solutions CS158B Network Management April 11, 2005 Alvin Tsang Eyob Solomon Wayne Tsui.
1 © J. Liebeherr, All rights reserved Virtual Private Networks.

1 © J. Liebeherr, All rights reserved Virtual Private Networks.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 23 Virtual Private Networks (VPNs)
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
Virtual Private Network (VPN) SCSC 455. VPN A virtual private network that is established over, in general, the Internet – It is virtual because it exists.

Virtual Private Network (VPN) SCSC 455. VPN A virtual private network that is established over, in general, the Internet – It is virtual because it exists.
1. Collision domains are unsecure 2. The employees often need to remote access to corporate network resources  The Internet traffic is much more vulnerable.

1. Collision domains are unsecure 2. The employees often need to remote access to corporate network resources  The Internet traffic is much more vulnerable.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
12-Sep-15 Virtual Private Network. Why the need To transmit files securely without disclosing sensitive information to others in the Internet.

12-Sep-15 Virtual Private Network. Why the need To transmit files securely without disclosing sensitive information to others in the Internet.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
An Introduction to Encrypting Messages on the Internet Mike Kaderly INFS 750 Summer 2010.

An Introduction to Encrypting Messages on the Internet Mike Kaderly INFS 750 Summer 2010.

Similar presentations

Ads by Google