In time for the data privacy day the FIDO Privacy & Public Policy working group released their FIDO Privacy whitepaper. This new whitepaper is targeted at regulators, data protection authorities, and “policy makers”. Of course, everyone with interest in privacy is also welcome to take a look at it. Due
Category: Security
OMA LWM2M Tutorial
Last week Simon Lemay and I gave a tutorial about the Lightweight Machine-to-Machine (LWM2M) standard developed by the Open Mobile Alliance (OMA) to participants from the IETF ACE working group. LWM2M offers several features that are relevant for Internet of Things security and also for the work in the IETF
OAuth 2.0 for Internet of Things
During the second week of November 2015 ARM TechCon took place in Santa Clara/California. The event is packed with presentations (from ARM and from partners) and new technology gets announced, such as the TrustZone for v8-M architecture. TrustZone for v8-M brings TrustZone functionality, which was previously available only to Cortex
Internet of Things (IoT) Crypto Performance Investigation
Earlier this year I presented some performance results to the IETF LWIG working group. Here is the slide deck I presented to the community. The slides are also available for download. The idea of my presentation at the Dallas IETF meeting was to get others to enhance the performance investigations to
Smart Object Architectures
Dave Thaler, Mary Barnes, and I had the honor to talk to the participants of the IETF#92 meeting in Dallas/Texas about the recently published Smart Object Architecture document, see RFC 7452. The presentation was given during the technical plenary of the Internet Architecture Board (IAB). A recording of the talk was
OpenID Connect
Picture of the meeting venue at the Computer History Museum taken before the show started. When I attended the last Internet Identity workshop in Mountain View, California Justin Richer gave an OpenID Connect tutorial. I decided to record it since it could be useful for others as well. While my
Webinar about the Kantara User-Managed Access (UMA) working group to the IETF ACE Working Group
[UPDATED: 14. January 2015] Early 2014 we organized a couple of webinars to hear about technologies that allowed to provide authentication of Internet of Things devices and to control access to resources. We learned more about OAuth, Kerberos, and the PKI/certificate model and all talks have been recorded and can be found
Webinar about “How to Select Hardware for Internet of Things Systems?”
Various groups in the IETF currently standardize technology for use with constrained devices and the choice of hardware impacts the design of Internet of Things (IoT) systems. To provide guidance RFC 7228 “Terminology for Constrained-Node Networks” defines three classes of devices depending on their RAM and flash memory size. Class
Privacy in the IETF (May 2014 Update)
Mid 2013 I posted a summary about ongoing efforts on privacy in the IETF and I got a lots of good feedback. ISOC even published an extended version of the write-up at http://www.internetsociety.org/articles/ietf-privacy-update. Since summer 2013 a lot happened with regards to security and privacy. Here is another short update based on
Privacy Engineering or “Designing Privacy into Internet Protocols”
The privacy program of the Internet Architecture Board (IAB) has been working on a privacy tutorial for some time already and at the last IETF meeting in London I had the honor to present the work to the wider IETF community. The tutorial provided a sneak preview to a document