July 23rd — 25th 2014
In the last 12 months, the Internet of Things (IoT) has gained tremendous market momentum with strategic investments from all of the major IT companies and governments around the world. IoT promises massive gains in efficiency, business growth and quality of life. In the next 7 years, 27 billion new devices will connect to the Internet, with half of all data traffic being generated by IoT.
Cisco’s go to market in this area is the Internet of Everything (IoE), which combines the things, with processes, data and people to create a holistic approach to derive value from the proliferation of these connected devices. In this new world we will need new infrastructure that’s much more scalable, secure, and intelligent than ever before to “connect the unconnected”. Big data generated by things will deliver new insights and predictions. This next wave of the Internet will touch every aspect of our lives: manufacturing, transportation, smart cities, energy, agriculture and health care which will all be transformed. Ultimately IoE is about the ability to get the right information to the right person at the right time and doing it in volume. For both private and public sectors.
John O’Donnell, Cisco’s IoE pre sales consultants manager for EMEAR and APJC, will explore these topics, discuss some of the challenges and the important roles that wireless and security has to play in realising the opportunities.
John O’Donnell is Cisco’s Internet of Everything (IoE) Pre Sales Consultants Manager across EMEAR & APJC. Together with his team of consultants, his key objective is to work with Cisco’s Customers and Partners to articulate and demonstrate how IoE architectures and solutions can be applied to drive business transformation across all walks of industry and government.
John has a passion for IoE, and the positive impact it can have on society and the value it can and will bring to corporations, strongly believing we are just at the dawn of the IoE era, and the immense value it will enable.
John has a strong history of driving innovative technologies enabling customers to embrace different ways of conducting business and optimizing business operations. Up until August 2013 he led the pre sales consultants team for Cisco’s Connected Safety & Security Solutions on a global basis. In the late 1990’s and early 2000’s John was instrumental in driving adoption of Cisco Unified Communications within Public Sector and other sectors in the UK, advising customers how to migrate from their proprietary silo based PBX environments to open IP based environments.
John holds an Electronics and Electrical Engineering from Loughborough University in the UK and has worked for Cisco 16 years. He lives with his family in Buckinghamshire and enjoys sports, outdoor activities and travelling.
Implementation attacks and side-channel analysis are techniques to break analytically secure ciphers. Instead of focusing on the mathematical properties, side-channel attacks target the physical implementation of cryptography, e.g., on a microcontroller or an FPGA.
This tutorial starts with an in-depth introduction into the topic, covering methods like timing attacks and simple/differential power analysis (SPA/DPA). With these techniques, unprotected implementations of standard ciphers like RSA, ECC, or AES can often be broken within minutes. Besides, the tutorial also presents typical measurement setups for the acquisition of side-channel signals and other implementation attcks, for instance fault injection.
The second part of the tutorial deals with the practical application of side-channel analysis, focusing on several real-world case studies. In particular, for RFID systems, our 2011 side-channel attacks on the DESFire MF3ICD40 smartcard are presented.
Based on the case studies, the impact of attacks on real systems is evaluated and compared. Finally, possible countermeasures on different levels (hardware, software, backend) are discussed.
A trusted execution environment (TEE) is a secure processing environment that is isolated from the “normal” processing environment where the device operating system and applications run. The first mobile phones with hardware-based TEEs appeared almost a decade ago, and today almost every smartphone and tablet contains a TEE like ARM TrustZone. Despite such a large-scale deployment, the use of TEE functionality has been limited for developers. With emerging standardization this situation is about to change. In this tutorial, we explain the security features provided by mobile TEEs and describe On-board Credentials (ObC) system that enables third-party TEE development. We discuss ongoing TEE standardization activities, including the recent Global Platform standards and the Trusted Platform Module (TPM) 2.0 specification, and identify open problems for the near future of mobile hardware security.