SlideShare a Scribd company logo

The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and Gerhard Zehethofer

ForgeRock, profile picture
ForgeRock

The document discusses the shift from product-centric to user-centric business models in the context of IoT and data management. It emphasizes the importance of trust, privacy, and security in creating value through customer relationships and new business models. The integration of identity management across devices, services, and users is highlighted as essential for successful digital transformation and IoT security.

Technology
Related topics:
IoT Security Focus Internet of ThingsDigital Identity Insights
1 of 33
Downloaded 14 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and Gerhard Zehethofer
Silo Busters: The Value of User and Data Centricity beyond IoT Devices Stein Myrseth Senior Technology Solutions Director ForgeRock Gerhard Zehethofer VP, Industries (IOT & Manufacturing) ForgeRock
© 2017 ForgeRock. All rights reserved. The Value of User and Data Centricity beyond IoT Device Stein Myrseth & Gerhard Zehethofer Austin May, 2018
© 2018 ForgeRock. All rights reserved. 4
© 2017 ForgeRock. All rights reserved. … the data driven age ... … from product centric to customer / solution centricity … Security & privacy Scalability TrustBusiness Value Experience
© 2018 ForgeRock. All rights reserved. “ … market disruption has been found to be a function usually not of technology itself but rather of its changing application… ”Source: The innovators dilemma
© 2018 ForgeRock. All rights reserved. New Mobility Working Health & Life Traveling Automotive Connectivity Payment Government Insurance IoT/ Automation … … From Verticals to Horizontals
© 2018 ForgeRock. All rights reserved. Smart City and Mobility Automotive – build the Connected Car Services around Connected Cars New Mobility – Use cases of physical mobility Smart City - New Mobility & more ECUIDs->CarID ServiceID=CarID+UserID NewMobilityID=ServiceID+User’sPersonas SmartCityID=NewMobilityID+anyothereServiceID OEMSpaceEcosystemSpace
© 2018 ForgeRock. All rights reserved. Performance Customers Competition Trust 01 02 03 04 • Shifting from asset based to customer intimacy / service • Digital native demanding new experiences; Ease of use • Bespoke has become the norm Changing Customer Behavior • Mandate to reduce cost of operations • Good enough makes it hard to differentiate on product • Lack of product related differentiation • No low hanging fruits left Eroding Margins • Customer satisfaction measures are influenced by digital competition • Digital natives deploy disruptive business models • Digital rewards first movers and superfast followers New players disrupt the status quo • Privacy / New regulatory requirements on Data privacy (GDPR) • Protect IP • Trust / Image / Brand Security Trends That Force Change
© 2018 ForgeRock. All rights reserved. Performance Customers Competition Trust 01 02 03 04 • Shifting from asset based to customer intimacy / service • Digital native demanding new experiences; Ease of use • Bespoke has become the norm Changing Customer Behavior • Mandate to reduce cost of operations • Good enough makes it hard to differentiate on product • Lack of product related differentiation • No low hanging fruits left Eroding Margins • Customer satisfaction measures are influenced by digital competition • Digital natives deploy disruptive business models • Digital rewards first movers and superfast followers New players disrupt the status quo • Privacy / New regulatory requirements on Data privacy (GDPR) • Protect IP • Trust / Image / Brand Security Trends That Force Change Business Transformation • New revenue streams • New business models (transaction to service) • Value creation; value capture Customer 360 Business Optimization • Maximizing value of existing assets / investments • Increased / new efficiency • Incremental shift to OpEx Enterprise 360 The market is driven by two forces Trust creates value
© 2018 ForgeRock. All rights reserved. PWC Future of customer experience survey 2017/18 Q: When it comes to overall customer experience, how important do you think each of the following will be in the future? Which of the following things are worth paying for Attribute that can be categorized as Customer/enterprise 360 and trust are coming out on top ü Efficiency ü Convenience ü Knowledgeable Service ü Easy payment Followed by ü Up to date technology 11 What People Value Most In Their Customer Experience Source: PWC
IoT Convergence Identity Platform ASSETS ORGANIZATIONS USERS CONSUMERS
© 2018 ForgeRock. All rights reserved. Customer IAM Enterprise Supply chain FactoryReporting Audit RMA … Service Digital Identity for people Digital Identity for things ForgeRock trusted relationships IAMCIAM Audit No identity LegacyLegacy IOT point solutions (Silos) Industry specific
© 2018 ForgeRock. All rights reserved. Digital Business - With Identity as The Driver KNOW YOUR CUSTOMER SECURE DATA SHARING INTEROPERABILITY IOT SECURITY TRUSTED DIGITAL RELATIONSHIPS CUSTOMER EXPERIENCE Digital Identity
© 2018 ForgeRock. All rights reserved. Value Added Services - Leveraging Identities KNOW YOUR CUSTOMER SECURE DATA SHARING INTEROPERABILITY TRUSTED DIGITAL RELATIONSHIPS Digital Identity CUSTOMER EXPERIENCE IOT SECURITY
© 2018 ForgeRock. All rights reserved. ForgeRock Edge Security Suite
© 2018 ForgeRock. All rights reserved. © 2018 ForgeRock. All rights reserved. Why IoT Security Is Hard To Do Chip-2-Cloud Gateway Security End Node Security Application Security User Security BLE, Thread, ZWave TLS, SSL, PKI…. Application key uid, pwd, 2FA uid, pwd How to guarantee privacy and confidentiality ? Account Security
© 2018 ForgeRock. All rights reserved. #1 Top IoT Security Trends to Watch in 2018 The Identity of Things (IDoT) Trusted identity is the foundation of IoT security. It’s critical that traditional identity and access management (IAM) systems are extended to encompass all entities in IoT ecosystems— humans, devices, applications, and services.
© 2016 ForgeRock. All rights reserved. Evolution Of IoT & Internet Compared Through three phases Internet Real-time Secure encrypted transport and transactions. Two factor, biometric, password less authentication. Adaptive and context driven authorization, and user managed access. Interactive, co-creative web, interoperable profiles, integrated games, education and business, augmented reality, multi device support, federated and global identities. Share Two way, blogs, wikis, video, podcasts, sharing, personal publishing, social networks, Single Sign-On, SAML federation, transactional web, secure payments Presence Internet connected, retrieve data, multi-protocol, multi- vendor solutions Internet of Things Real-time Root of trust at the edge, onboard trusted identities, secure and trusted automation, data privacy, data encryption. Cross IoT ecosystems trust and sharing with a single security domain across IoT, consumer, customers and enterprise Share Single device identities, secure connect and onboard, connect or pair consumer devices and users, enterprise collect and share data across consumers, customers and enterprise. Closed ecosystems, disconnected security across users and IoT Presence Internet connected, retrieve data, multi-protocol, multi- vendor solutions
© 2018 ForgeRock. All rights reserved. © 2018 ForgeRock. All rights reserved. Extending the ForgeRock Platform To the Edge One single security domain BIG DATALittle Data End-to-End Security, Web, Data Objects & Management IP and Web to the edge Solutions Edge Identity Platform • Consumers • Customers • Partners • Contractors • Employees • … IoT Services Enterprise
© 2018 ForgeRock. All rights reserved. “A digital twin reflects physical objects like people or internet of things using a digital representation to better understand, predict, and control the cyber physical world.” Digital Twin
© 2018 ForgeRock. All rights reserved. Credentials - users & IoT Passport High assurance Driver’s License Medium assurance Conference Badge Low assurance Credential based on strong identity, from trusted authority Attestation based on chip-level credential security Credential only trusted within a given context Attestation given operating system level security Credential defined implicit Attestation using device-derived credential
© 2018 ForgeRock. All rights reserved. IEC – Southbound Services • Attestation, onboarding itself automatically at first boot (digital twin) • Service status • Attestation, onboarding of edge nodes & services (3rd party trust, digital twin) • Authorize itself and edge nodes/services - retrieve JWT token payload • JIT configuration – real time and context driven • Sign data key • Encrypt data key • Initiate device pairing/claim ownership - 2 step process • Token validation (offline support) • Token re-issuing (offline support) • Bidirectional channel to send action/message to edge like “update” For building secure OEM edge applications
© 2018 ForgeRock. All rights reserved. ForgeRock Identity Edge Controller Build trust into IoT systems from end to end Constrained Devices Unconstrained Devices Edge nodes Edge Gateway OEM service Edge Controller Embedded OS Core ZeroMQ* API Trustzone Trusted Agent Identity Message Broker MQTT client Identity Platform FIDO 2.0 Server FIDO - Relaying party FIDO Client *CurveZMQ NFC/BLE/Bluetooth… sensors & actuators smart devices S D K S D K
© 2018 ForgeRock. All rights reserved. Identity Edge Controller ForgeRock OP-TEE Intel SDO Samsung Trustware Infineon TPM HW root of trust integration layer (global platform) Yubico FIDO FIDO (Relaying party) A Pluggable HW Security Architecture Trustonic
Chain of Trust – Edge to Cloud Root of trust Signature Crypto key Second stage Boot loader Signature Crypto key Operating System Signature Crypto key Edge Controller Secure Execution Environment Signature Crypto key Access Management Cloud/Premise Identity Platform Signature Crypto key First stage Boot loader BIG DATALittle Data End-to-EndSecurity, Web, Data Objects & Management IP and Web to the edge Solutions Edge Identity Platform • Consumers • Customers • Partners • Contractors • Employees • … IoT Services Enterprise
© 2018 ForgeRock. All rights reserved. Data Control ZigBee,Z-Wave,Thread,6LowPAN, Sigfox,LoRaWAN,Bluetooth Identity Platform BIG DATALittle Data End-to-EndSecurity, Web, Data Objects & Management IP and Web to the edge Solutions Edge Identity Platform • Consumers • Customers • Partners • Contractors • Employees • … IoT Services Enterprise ForgeRock – Edge Security
© 2018 ForgeRock. All rights reserved. Identity Platform Hospitality IOT platform Identity Edge Controller Control plane • attestation • on-boarding • provisioning • authentication • authorization Data plane • authenticate • authorize • interaction • secure messaging • data encryption Guest • authenticate • authorize • hospitality application • loyalty program • Personalize, preferences Bluetooth/BLE • proximity based security • secure pairing/device relationships • offline mode support Service backend • backend operations • data access • data sharing and consumptions • access policies enforcement • data decryption Accountant Husband Insurance Hotel receptionist - access granted by owner
© 2018 ForgeRock. All rights reserved. Connected Car Ecosystem Control • attestation • on-boarding • provisioning • authentication • authorization Messaging • authenticate • authorize • interaction • secure messaging • data encryption Driver • authenticate • authorize • In-vehicle Application • manage data sharing • data capture Bluetooth/BLE • proximity based security • secure pairing/device relationships • offline mode support Devices • Operations • Data Service backend • backend operations • data access • data sharing and consumptions • access policies enforcement • data decryption Mechanic/specialist Husband Family Maintenance Portal - access granted by car owner Car Owner / Driver
ForgeRock Edge security • Enterprise Security for IoT • SCADA, Industrial Control Systems, Med-Tech and all embedded systems • Secure IoT Devices to Protect Against Attacks • Edge computing • Over the Air Update (OTA) • High performance secure messaging Value added partners at the edge
Protecting IP From Capturing To Consumption Root of trust Signature Crypto key Second stage Boot loader Signature Crypto key Operating System Signature Crypto key Edge Controller Secure Execution Environment Signature Crypto key OpenAM Cloud/Premise Identity Platform Signature Crypto key First stage Boot loader Trust IntegrityConfidentiality Security Data Quality User Privacy
Securing Digital Identities for People, Devices, and Things Copyright © 2018 ForgeRock. All Rights Reserved. • Privacy and Consent • Intelligent Authentication • Complex Relationships • Scalable, Unified Platform • Contextual Identity • A decade of innovation • ANY IDENTITY • ANY DEPLOYMENT • ANY SCALE - IoT NATIVE -
Thank You For Rocking!

More Related Content

PDF
Identity Live in Austin Keynote
ForgeRock
 
PDF
Applying Innovative Tools for GDPR Success
ForgeRock
 
PDF
Customer Safeguarding, Fraud and GDPR: Manah Khalil
ForgeRock
 
PPTX
The Road to Intelligent Authentication Journeys
ForgeRock
 
PDF
Intelligent Authentication (Identity Live Berlin 2018)
ForgeRock
 
PDF
Opening Keynote (Identity Live Berlin 2018)
ForgeRock
 
PDF
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
ForgeRock
 
PDF
Identity Live Sydney: Intelligent Authentication
ForgeRock
 
Identity Live in Austin Keynote
ForgeRock
 
Applying Innovative Tools for GDPR Success
ForgeRock
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
ForgeRock
 
The Road to Intelligent Authentication Journeys
ForgeRock
 
Intelligent Authentication (Identity Live Berlin 2018)
ForgeRock
 
Opening Keynote (Identity Live Berlin 2018)
ForgeRock
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
ForgeRock
 
Identity Live Sydney: Intelligent Authentication
ForgeRock
 

What's hot (20)

PDF
Shift from GDPR readiness to sustained compliance to improve your business an...
ForgeRock
 
PDF
Identity Live Singapore 2018 Keynote Presentation
ForgeRock
 
PDF
Identity Live Sydney: Building Trust and Privacy in a Connected Society
ForgeRock
 
PPTX
Gartner - ForgeRock Identity Live 2017 - Dusseldorf
ForgeRock
 
PPTX
Amer Sports - ForgeRock Identity Live - Dusseldorf
ForgeRock
 
PDF
Identity Live Sydney 2018 Keynote Presentation
ForgeRock
 
PDF
Identity Live Singapore: Just Ask 'Em
ForgeRock
 
PDF
Identity Live Singapore: Building Trust & Privacy in a Connected Society
ForgeRock
 
PDF
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
ForgeRock
 
PDF
SecureMAG Volume 6 - 2014
Chin Wan Lim
 
PDF
Go Beyond PSD2 Compliance with Digital Identity
ForgeRock
 
PPTX
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
PiyushHipparkar
 
PDF
SecureMAG Vol 3
Chin Wan Lim
 
PPTX
Tarya - Stolen identities
CyberX-Labs
 
PDF
Winning with GDPR: How to Win Customer Loyalty and Trust
ForgeRock
 
PPTX
Using Identity to Empower the Enterprise: Identity Relationship Management
ForgeRock
 
PDF
The ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
ForgeRock
 
PPTX
Identity Live Sydney 2017 - Tim Sheedy
ForgeRock
 
PDF
Trends in IRM: Internet of Things
ForgeRock
 
PDF
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
ForgeRock
 
Shift from GDPR readiness to sustained compliance to improve your business an...
ForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
ForgeRock
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
ForgeRock
 
Gartner - ForgeRock Identity Live 2017 - Dusseldorf
ForgeRock
 
Amer Sports - ForgeRock Identity Live - Dusseldorf
ForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
ForgeRock
 
Identity Live Singapore: Just Ask 'Em
ForgeRock
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
ForgeRock
 
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
ForgeRock
 
SecureMAG Volume 6 - 2014
Chin Wan Lim
 
Go Beyond PSD2 Compliance with Digital Identity
ForgeRock
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
PiyushHipparkar
 
SecureMAG Vol 3
Chin Wan Lim
 
Tarya - Stolen identities
CyberX-Labs
 
Winning with GDPR: How to Win Customer Loyalty and Trust
ForgeRock
 
Using Identity to Empower the Enterprise: Identity Relationship Management
ForgeRock
 
The ForgeRock Identity Platform Extends CIAM, Fall 2017 Release
ForgeRock
 
Identity Live Sydney 2017 - Tim Sheedy
ForgeRock
 
Trends in IRM: Internet of Things
ForgeRock
 
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
ForgeRock
 
Ad

Similar to The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and Gerhard Zehethofer (20)

PDF
Deploying FIDO Authentication - Business Considerations
FIDO Alliance
 
PPTX
2015 Identity Summit - CTO Innovation Center
ForgeRock
 
PDF
Security On The Edge - A New Way To Think About Securing the Internet of Things
ForgeRock
 
PDF
Aditro - IAM as part of Cloud Business strategy
Ubisecure
 
PDF
The IoT Food Chain – Picking the Right Dining Partner is Important with Dean ...
gogo6
 
PPTX
Cisco on Distributed Ledgers & Blockchain
Matteo Masi
 
PDF
Frost Entrust Datacard-award-write-up-final
Wendy Murphy
 
PPTX
ForgeRock Gartner 2016 Security & Risk Management Summit
ForgeRock
 
PPTX
Catalyst 2015: Patrick Harding
Ping Identity
 
PDF
Securing your IoT Implementations
TechWell
 
PDF
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
PPTX
Aalto cyber-10.4.18
japijapi
 
PDF
Power at the edge: l'analisi del ciao di produzione previene guasti, riduce g...
FaberLab
 
PPTX
Provisioning IoT...Oh Baby You Know Meeee!
ForgeRock
 
PDF
monogoto Programmable Cellular
monogoto
 
PPTX
Global Regulatory Landscape for Strong Authentication
FIDO Alliance
 
PDF
No IoT Without Identity
ForgeRock
 
PDF
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2
 
PPTX
Victor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - Dusseldorf
ForgeRock
 
PDF
Market Study on Mobile Authentication
FIDO Alliance
 
Deploying FIDO Authentication - Business Considerations
FIDO Alliance
 
2015 Identity Summit - CTO Innovation Center
ForgeRock
 
Security On The Edge - A New Way To Think About Securing the Internet of Things
ForgeRock
 
Aditro - IAM as part of Cloud Business strategy
Ubisecure
 
The IoT Food Chain – Picking the Right Dining Partner is Important with Dean ...
gogo6
 
Cisco on Distributed Ledgers & Blockchain
Matteo Masi
 
Frost Entrust Datacard-award-write-up-final
Wendy Murphy
 
ForgeRock Gartner 2016 Security & Risk Management Summit
ForgeRock
 
Catalyst 2015: Patrick Harding
Ping Identity
 
Securing your IoT Implementations
TechWell
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
Aalto cyber-10.4.18
japijapi
 
Power at the edge: l'analisi del ciao di produzione previene guasti, riduce g...
FaberLab
 
Provisioning IoT...Oh Baby You Know Meeee!
ForgeRock
 
monogoto Programmable Cellular
monogoto
 
Global Regulatory Landscape for Strong Authentication
FIDO Alliance
 
No IoT Without Identity
ForgeRock
 
WSO2CON 2024 - IoT Needs CIAM: The Importance of Centralized IAM in a Growing...
WSO2
 
Victor Ake and Chris Kawalek - ForgeRock Identity Live 2017 - Dusseldorf
ForgeRock
 
Market Study on Mobile Authentication
FIDO Alliance
 
Ad

More from ForgeRock (15)

PDF
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
ForgeRock
 
PPTX
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
ForgeRock
 
PDF
Identity Live Sydney: Identity Management - A Strategic Opportunity
ForgeRock
 
PDF
Identity Live Singapore: Transform Your Cybersecurity Capability
ForgeRock
 
PDF
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
ForgeRock
 
PPTX
Get the Exact Identity Solution You Need - In the Cloud - Overview
ForgeRock
 
PDF
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 
PDF
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
ForgeRock
 
PDF
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
ForgeRock
 
PDF
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
ForgeRock
 
PDF
What the Internet of Things Means for Consumer Privacy: Veronica Lara
ForgeRock
 
PDF
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch
ForgeRock
 
PPTX
Identity Live Paris 2017 | Ian Sorbello, HSBC
ForgeRock
 
PPT
Identity Live Paris 2017 | Jean-François Dupitier & Christophe Lemaire, Pôle ...
ForgeRock
 
PPTX
Identity Live Paris 2017 | Monetising Digital Customer Relationships
ForgeRock
 
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
ForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
ForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
ForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
ForgeRock
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
ForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
ForgeRock
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
ForgeRock
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
ForgeRock
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
ForgeRock
 
What the Internet of Things Means for Consumer Privacy: Veronica Lara
ForgeRock
 
Where Biometrics, Blockchains, and Bots are Taking Digital Identity: David Birch
ForgeRock
 
Identity Live Paris 2017 | Ian Sorbello, HSBC
ForgeRock
 
Identity Live Paris 2017 | Jean-François Dupitier & Christophe Lemaire, Pôle ...
ForgeRock
 
Identity Live Paris 2017 | Monetising Digital Customer Relationships
ForgeRock
 

Recently uploaded (20)

PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Cloud computing and distributed systems.
kkkkkhan
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 

The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and Gerhard Zehethofer

  • 2. Silo Busters: The Value of User and Data Centricity beyond IoT Devices Stein Myrseth Senior Technology Solutions Director ForgeRock Gerhard Zehethofer VP, Industries (IOT & Manufacturing) ForgeRock
  • 3. © 2017 ForgeRock. All rights reserved. The Value of User and Data Centricity beyond IoT Device Stein Myrseth & Gerhard Zehethofer Austin May, 2018
  • 4. © 2018 ForgeRock. All rights reserved. 4
  • 5. © 2017 ForgeRock. All rights reserved. … the data driven age ... … from product centric to customer / solution centricity … Security & privacy Scalability TrustBusiness Value Experience
  • 6. © 2018 ForgeRock. All rights reserved. “ … market disruption has been found to be a function usually not of technology itself but rather of its changing application… ”Source: The innovators dilemma
  • 7. © 2018 ForgeRock. All rights reserved. New Mobility Working Health & Life Traveling Automotive Connectivity Payment Government Insurance IoT/ Automation … … From Verticals to Horizontals
  • 8. © 2018 ForgeRock. All rights reserved. Smart City and Mobility Automotive – build the Connected Car Services around Connected Cars New Mobility – Use cases of physical mobility Smart City - New Mobility & more ECUIDs->CarID ServiceID=CarID+UserID NewMobilityID=ServiceID+User’sPersonas SmartCityID=NewMobilityID+anyothereServiceID OEMSpaceEcosystemSpace
  • 9. © 2018 ForgeRock. All rights reserved. Performance Customers Competition Trust 01 02 03 04 • Shifting from asset based to customer intimacy / service • Digital native demanding new experiences; Ease of use • Bespoke has become the norm Changing Customer Behavior • Mandate to reduce cost of operations • Good enough makes it hard to differentiate on product • Lack of product related differentiation • No low hanging fruits left Eroding Margins • Customer satisfaction measures are influenced by digital competition • Digital natives deploy disruptive business models • Digital rewards first movers and superfast followers New players disrupt the status quo • Privacy / New regulatory requirements on Data privacy (GDPR) • Protect IP • Trust / Image / Brand Security Trends That Force Change
  • 10. © 2018 ForgeRock. All rights reserved. Performance Customers Competition Trust 01 02 03 04 • Shifting from asset based to customer intimacy / service • Digital native demanding new experiences; Ease of use • Bespoke has become the norm Changing Customer Behavior • Mandate to reduce cost of operations • Good enough makes it hard to differentiate on product • Lack of product related differentiation • No low hanging fruits left Eroding Margins • Customer satisfaction measures are influenced by digital competition • Digital natives deploy disruptive business models • Digital rewards first movers and superfast followers New players disrupt the status quo • Privacy / New regulatory requirements on Data privacy (GDPR) • Protect IP • Trust / Image / Brand Security Trends That Force Change Business Transformation • New revenue streams • New business models (transaction to service) • Value creation; value capture Customer 360 Business Optimization • Maximizing value of existing assets / investments • Increased / new efficiency • Incremental shift to OpEx Enterprise 360 The market is driven by two forces Trust creates value
  • 11. © 2018 ForgeRock. All rights reserved. PWC Future of customer experience survey 2017/18 Q: When it comes to overall customer experience, how important do you think each of the following will be in the future? Which of the following things are worth paying for Attribute that can be categorized as Customer/enterprise 360 and trust are coming out on top ü Efficiency ü Convenience ü Knowledgeable Service ü Easy payment Followed by ü Up to date technology 11 What People Value Most In Their Customer Experience Source: PWC
  • 12. IoT Convergence Identity Platform ASSETS ORGANIZATIONS USERS CONSUMERS
  • 13. © 2018 ForgeRock. All rights reserved. Customer IAM Enterprise Supply chain FactoryReporting Audit RMA … Service Digital Identity for people Digital Identity for things ForgeRock trusted relationships IAMCIAM Audit No identity LegacyLegacy IOT point solutions (Silos) Industry specific
  • 14. © 2018 ForgeRock. All rights reserved. Digital Business - With Identity as The Driver KNOW YOUR CUSTOMER SECURE DATA SHARING INTEROPERABILITY IOT SECURITY TRUSTED DIGITAL RELATIONSHIPS CUSTOMER EXPERIENCE Digital Identity
  • 15. © 2018 ForgeRock. All rights reserved. Value Added Services - Leveraging Identities KNOW YOUR CUSTOMER SECURE DATA SHARING INTEROPERABILITY TRUSTED DIGITAL RELATIONSHIPS Digital Identity CUSTOMER EXPERIENCE IOT SECURITY
  • 16. © 2018 ForgeRock. All rights reserved. ForgeRock Edge Security Suite
  • 17. © 2018 ForgeRock. All rights reserved. © 2018 ForgeRock. All rights reserved. Why IoT Security Is Hard To Do Chip-2-Cloud Gateway Security End Node Security Application Security User Security BLE, Thread, ZWave TLS, SSL, PKI…. Application key uid, pwd, 2FA uid, pwd How to guarantee privacy and confidentiality ? Account Security
  • 18. © 2018 ForgeRock. All rights reserved. #1 Top IoT Security Trends to Watch in 2018 The Identity of Things (IDoT) Trusted identity is the foundation of IoT security. It’s critical that traditional identity and access management (IAM) systems are extended to encompass all entities in IoT ecosystems— humans, devices, applications, and services.
  • 19. © 2016 ForgeRock. All rights reserved. Evolution Of IoT & Internet Compared Through three phases Internet Real-time Secure encrypted transport and transactions. Two factor, biometric, password less authentication. Adaptive and context driven authorization, and user managed access. Interactive, co-creative web, interoperable profiles, integrated games, education and business, augmented reality, multi device support, federated and global identities. Share Two way, blogs, wikis, video, podcasts, sharing, personal publishing, social networks, Single Sign-On, SAML federation, transactional web, secure payments Presence Internet connected, retrieve data, multi-protocol, multi- vendor solutions Internet of Things Real-time Root of trust at the edge, onboard trusted identities, secure and trusted automation, data privacy, data encryption. Cross IoT ecosystems trust and sharing with a single security domain across IoT, consumer, customers and enterprise Share Single device identities, secure connect and onboard, connect or pair consumer devices and users, enterprise collect and share data across consumers, customers and enterprise. Closed ecosystems, disconnected security across users and IoT Presence Internet connected, retrieve data, multi-protocol, multi- vendor solutions
  • 20. © 2018 ForgeRock. All rights reserved. © 2018 ForgeRock. All rights reserved. Extending the ForgeRock Platform To the Edge One single security domain BIG DATALittle Data End-to-End Security, Web, Data Objects & Management IP and Web to the edge Solutions Edge Identity Platform • Consumers • Customers • Partners • Contractors • Employees • … IoT Services Enterprise
  • 21. © 2018 ForgeRock. All rights reserved. “A digital twin reflects physical objects like people or internet of things using a digital representation to better understand, predict, and control the cyber physical world.” Digital Twin
  • 22. © 2018 ForgeRock. All rights reserved. Credentials - users & IoT Passport High assurance Driver’s License Medium assurance Conference Badge Low assurance Credential based on strong identity, from trusted authority Attestation based on chip-level credential security Credential only trusted within a given context Attestation given operating system level security Credential defined implicit Attestation using device-derived credential
  • 23. © 2018 ForgeRock. All rights reserved. IEC – Southbound Services • Attestation, onboarding itself automatically at first boot (digital twin) • Service status • Attestation, onboarding of edge nodes & services (3rd party trust, digital twin) • Authorize itself and edge nodes/services - retrieve JWT token payload • JIT configuration – real time and context driven • Sign data key • Encrypt data key • Initiate device pairing/claim ownership - 2 step process • Token validation (offline support) • Token re-issuing (offline support) • Bidirectional channel to send action/message to edge like “update” For building secure OEM edge applications
  • 24. © 2018 ForgeRock. All rights reserved. ForgeRock Identity Edge Controller Build trust into IoT systems from end to end Constrained Devices Unconstrained Devices Edge nodes Edge Gateway OEM service Edge Controller Embedded OS Core ZeroMQ* API Trustzone Trusted Agent Identity Message Broker MQTT client Identity Platform FIDO 2.0 Server FIDO - Relaying party FIDO Client *CurveZMQ NFC/BLE/Bluetooth… sensors & actuators smart devices S D K S D K
  • 25. © 2018 ForgeRock. All rights reserved. Identity Edge Controller ForgeRock OP-TEE Intel SDO Samsung Trustware Infineon TPM HW root of trust integration layer (global platform) Yubico FIDO FIDO (Relaying party) A Pluggable HW Security Architecture Trustonic
  • 26. Chain of Trust – Edge to Cloud Root of trust Signature Crypto key Second stage Boot loader Signature Crypto key Operating System Signature Crypto key Edge Controller Secure Execution Environment Signature Crypto key Access Management Cloud/Premise Identity Platform Signature Crypto key First stage Boot loader BIG DATALittle Data End-to-EndSecurity, Web, Data Objects & Management IP and Web to the edge Solutions Edge Identity Platform • Consumers • Customers • Partners • Contractors • Employees • … IoT Services Enterprise
  • 27. © 2018 ForgeRock. All rights reserved. Data Control ZigBee,Z-Wave,Thread,6LowPAN, Sigfox,LoRaWAN,Bluetooth Identity Platform BIG DATALittle Data End-to-EndSecurity, Web, Data Objects & Management IP and Web to the edge Solutions Edge Identity Platform • Consumers • Customers • Partners • Contractors • Employees • … IoT Services Enterprise ForgeRock – Edge Security
  • 28. © 2018 ForgeRock. All rights reserved. Identity Platform Hospitality IOT platform Identity Edge Controller Control plane • attestation • on-boarding • provisioning • authentication • authorization Data plane • authenticate • authorize • interaction • secure messaging • data encryption Guest • authenticate • authorize • hospitality application • loyalty program • Personalize, preferences Bluetooth/BLE • proximity based security • secure pairing/device relationships • offline mode support Service backend • backend operations • data access • data sharing and consumptions • access policies enforcement • data decryption Accountant Husband Insurance Hotel receptionist - access granted by owner
  • 29. © 2018 ForgeRock. All rights reserved. Connected Car Ecosystem Control • attestation • on-boarding • provisioning • authentication • authorization Messaging • authenticate • authorize • interaction • secure messaging • data encryption Driver • authenticate • authorize • In-vehicle Application • manage data sharing • data capture Bluetooth/BLE • proximity based security • secure pairing/device relationships • offline mode support Devices • Operations • Data Service backend • backend operations • data access • data sharing and consumptions • access policies enforcement • data decryption Mechanic/specialist Husband Family Maintenance Portal - access granted by car owner Car Owner / Driver
  • 30. ForgeRock Edge security • Enterprise Security for IoT • SCADA, Industrial Control Systems, Med-Tech and all embedded systems • Secure IoT Devices to Protect Against Attacks • Edge computing • Over the Air Update (OTA) • High performance secure messaging Value added partners at the edge
  • 31. Protecting IP From Capturing To Consumption Root of trust Signature Crypto key Second stage Boot loader Signature Crypto key Operating System Signature Crypto key Edge Controller Secure Execution Environment Signature Crypto key OpenAM Cloud/Premise Identity Platform Signature Crypto key First stage Boot loader Trust IntegrityConfidentiality Security Data Quality User Privacy
  • 32. Securing Digital Identities for People, Devices, and Things Copyright © 2018 ForgeRock. All Rights Reserved. • Privacy and Consent • Intelligent Authentication • Complex Relationships • Scalable, Unified Platform • Contextual Identity • A decade of innovation • ANY IDENTITY • ANY DEPLOYMENT • ANY SCALE - IoT NATIVE -