The rapid expansion of the Internet of Things has fostered convenience and connectedness for consumers. It has also opened the door for creative hackers. Recently, hackers used hundreds of thousands of common internet-connected devices in consumers’ homes, without the owners’ knowledge, to launch a DDoS attack that temporarily brought down crucial parts of the internet’s infrastructure.
Attacks in the past have shown that passwords in IoT devices provide insufficient security. Additionally, IoT devices are too constrained for implementing biometric functions.
The question then becomes how to authenticate to such devices and can the industry adopt a standardized approach despite a highly fragmented IoT landscape. This presentation by Rolf Lindemann of Nok Nok Labs, explores how FIDO Authentication can provide convenient and strong authentication in an array of IoT use cases.
“Your Security, More Simple.” by utilizing FIDO Authentication
This document summarizes a presentation given by Koichi Moriyama of NTT DOCOMO on their deployment of FIDO authentication. It discusses how NTT DOCOMO implemented FIDO standards to enable passwordless login for their d ACCOUNT system using biometric authentication on supported devices. It provides details on the motivation, user experience, and security approach taken. It also discusses future goals of using mobile devices as the primary authentication method and creating a world without passwords.
The document provides an overview of the FIDO Universal Authentication Framework (UAF) Reference Architecture. It describes the key components of the FIDO UAF ecosystem including the FIDO UAF client, server, protocols, authenticator abstraction layer, and authenticators. The goals of FIDO UAF are to enable strong, multi-factor authentication across devices and platforms while simplifying integration of new authentication capabilities and preserving user privacy.
A detailed look at the "Your Security, More Simple" d ACCOUNT initiative at NTT DOCOMO, including design principles, solution architecture, security architecture, FIDO standards and deployment of FIDO Authentication. Presented by Koichi Moriyama, Senior Director, Product Department, NTT DOCOMO, Inc.
Palo Alto Networks provides next-generation firewalls that can address all network security needs through application identification and control. Some key points:
- Founded in 2005 and now has over 1,000 employees and 11,000 enterprise customers.
- Traditional firewalls cannot adequately address today's applications that use encryption and advanced evasion techniques. Palo Alto's firewall identifies applications regardless of port or protocol to enforce fine-grained security policies.
- The firewall incorporates features like application control, user identification, content scanning, and wildfire malware analysis to safely enable applications and protect against both known and unknown threats.
Profinet network design webinar - Peter Thomas may 2020 - v1.0
Particularly relevant to people responsible for the design of PROFINET networks, highlighting the common errors and assumptions made that could make on-going support of the network rather difficult.
The document discusses Fortinet's security fabric, which provides a comprehensive network security solution through a unified platform. It summarizes the key components of the security fabric, including next-generation firewalls, switches, virtual firewalls, endpoint security, cloud security, advanced threat protection, and management solutions. It also outlines how the security fabric delivers broad, powerful and automated protection through its integration of these components and intelligence-driven capabilities.
The Second Payment Services Directive (PSD2) and the associated Regulatory Technical Standards (RTS) on strong customer authentication and secure communication impose stringent requirements on multi-factor authentication and on the security of implementations. Payment Service Providers will want to know whether the authentication solutions they put in place conform to the RTS both in terms of functionality and security.
The FIDO Alliance standards are based on multi-factor authentication and are a strong fit for PSD2 compliance. The FIDO Alliance’s certification program provides an independent evaluation of functional compliance to the standards as well as of the achieved level of security of FIDO authenticators.
Featuring industry experts, this presentation explores how FIDO can resolve key issues, including:
• How the FIDO standards conform to the RTS
• How FIDO’s certification program guarantees this conformity
• How FIDO’s certification program provides for the mandatory security evaluation imposed by the RTS
The document discusses using FIDO authenticators for IoT devices. It presents eWBM's biometric external FIDO authenticator and its security features. Potential applications of FIDO authentication for IoT are then described, including for device authentication over LoRa networks, drone control, and public WiFi access. The use of a BLE FIDO authenticator for personalized smart speaker services is also proposed. The conclusion recommends slimming down the FIDO client for embedded systems and achieving at least Security Level 2 certification for IoT authenticators.
The document discusses FIDO Alliance's efforts to create simpler and stronger authentication standards to replace passwords. It provides an overview of FIDO authentication, including how it works, adoption rates, and certification programs. It also summarizes the Alliance's work in identity verification, binding, and FIDO Device Onboarding to fill gaps and further the passwordless vision.
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity Server
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/12/fido-universal-second-factor-u2f-for-wso2-identity-server
In this webinar, WSO2, Yubico co-creator of U2F, and WSO2's premier integrator Yenlo explain the technology, discuss the use cases for strong authentication, and demonstrate the power and ease-of-use of the U2F security key. WSO2 will present the Authentication framework of WSO2 Identity server, Multi factor and Multi step authentication configuration and more.
The FIDO Alliance was launched with the audacious goal – to move the entire world away from usernames, passwords, and traditional multi-factor authentication to a much simpler and stronger way to log in with FIDO. It’s now 2021, so … are we there yet?
Join us for a webinar to take a look at the past year’s progress, and see what’s next. Our executive director and CMO Andrew Shikiar and our director of standards development David Turner will be on the line to take your questions – ask us anything!
The FIDO Alliance's goal is for the whole world to move away from usernames, passwords, and traditional MFA to a simpler and stronger way to log in with FIDO! Here's a look at the past year’s progress and what's happening next.
The FIDO Alliance invites you to learn how simplify strong authentication for web services.
This presentation was part of our FIDO Alliance Seminar in Tokyo, Japan, in November, 2015.
NTT DOCOMO Deployment Case Study: Your Security, More Simple
NTT DOCOMO has deployed FIDO standards for strong authentication on its network in Japan to simplify security for users. It launched FIDO authentication using biometric sensors on Android devices in 2015 and later expanded to iOS devices with Touch ID. This allows d ACCOUNT users to log in and approve payments with fingerprints instead of passwords. NTT DOCOMO's implementation of open FIDO standards across multiple device platforms demonstrates the growing adoption of simpler, stronger authentication.
FortiCloud is Fortinet's cloud-based solution for provisioning, managing, and analyzing security and wireless devices. It provides a single pane of glass to remotely manage FortiGate firewalls, FortiAP access points, and other Fortinet devices from any location without incurring additional expenses. FortiCloud offers zero-touch provisioning, integrated security policies and firmware updates, wireless settings management, and reporting and visibility capabilities to help organizations reduce costs, improve operations, and strengthen security across distributed networks.
The rapid expansion of the Internet of Things has fostered convenience and connectedness for consumers. It has also opened the door for creative hackers. Recently, hackers used hundreds of thousands of common internet-connected devices in consumers’ homes, without the owners’ knowledge, to launch a DDoS attack that temporarily brought down crucial parts of the internet’s infrastructure.
Attacks in the past have shown that passwords in IoT devices provide insufficient security. Additionally, IoT devices are too constrained for implementing biometric functions.
The question then becomes how to authenticate to such devices and can the industry adopt a standardized approach despite a highly fragmented IoT landscape. This presentation by Rolf Lindemann of Nok Nok Labs, explores how FIDO Authentication can provide convenient and strong authentication in an array of IoT use cases.
“Your Security, More Simple.” by utilizing FIDO AuthenticationLINE Corporation
This document summarizes a presentation given by Koichi Moriyama of NTT DOCOMO on their deployment of FIDO authentication. It discusses how NTT DOCOMO implemented FIDO standards to enable passwordless login for their d ACCOUNT system using biometric authentication on supported devices. It provides details on the motivation, user experience, and security approach taken. It also discusses future goals of using mobile devices as the primary authentication method and creating a world without passwords.
The document provides an overview of the FIDO Universal Authentication Framework (UAF) Reference Architecture. It describes the key components of the FIDO UAF ecosystem including the FIDO UAF client, server, protocols, authenticator abstraction layer, and authenticators. The goals of FIDO UAF are to enable strong, multi-factor authentication across devices and platforms while simplifying integration of new authentication capabilities and preserving user privacy.
A detailed look at the "Your Security, More Simple" d ACCOUNT initiative at NTT DOCOMO, including design principles, solution architecture, security architecture, FIDO standards and deployment of FIDO Authentication. Presented by Koichi Moriyama, Senior Director, Product Department, NTT DOCOMO, Inc.
Palo Alto Networks provides next-generation firewalls that can address all network security needs through application identification and control. Some key points:
- Founded in 2005 and now has over 1,000 employees and 11,000 enterprise customers.
- Traditional firewalls cannot adequately address today's applications that use encryption and advanced evasion techniques. Palo Alto's firewall identifies applications regardless of port or protocol to enforce fine-grained security policies.
- The firewall incorporates features like application control, user identification, content scanning, and wildfire malware analysis to safely enable applications and protect against both known and unknown threats.
Particularly relevant to people responsible for the design of PROFINET networks, highlighting the common errors and assumptions made that could make on-going support of the network rather difficult.
The document discusses Fortinet's security fabric, which provides a comprehensive network security solution through a unified platform. It summarizes the key components of the security fabric, including next-generation firewalls, switches, virtual firewalls, endpoint security, cloud security, advanced threat protection, and management solutions. It also outlines how the security fabric delivers broad, powerful and automated protection through its integration of these components and intelligence-driven capabilities.
The Second Payment Services Directive (PSD2) and the associated Regulatory Technical Standards (RTS) on strong customer authentication and secure communication impose stringent requirements on multi-factor authentication and on the security of implementations. Payment Service Providers will want to know whether the authentication solutions they put in place conform to the RTS both in terms of functionality and security.
The FIDO Alliance standards are based on multi-factor authentication and are a strong fit for PSD2 compliance. The FIDO Alliance’s certification program provides an independent evaluation of functional compliance to the standards as well as of the achieved level of security of FIDO authenticators.
Featuring industry experts, this presentation explores how FIDO can resolve key issues, including:
• How the FIDO standards conform to the RTS
• How FIDO’s certification program guarantees this conformity
• How FIDO’s certification program provides for the mandatory security evaluation imposed by the RTS
Using FIDO Authenticator for IoT DevicesFIDO Alliance
The document discusses using FIDO authenticators for IoT devices. It presents eWBM's biometric external FIDO authenticator and its security features. Potential applications of FIDO authentication for IoT are then described, including for device authentication over LoRa networks, drone control, and public WiFi access. The use of a BLE FIDO authenticator for personalized smart speaker services is also proposed. The conclusion recommends slimming down the FIDO client for embedded systems and achieving at least Security Level 2 certification for IoT authenticators.
The document discusses FIDO Alliance's efforts to create simpler and stronger authentication standards to replace passwords. It provides an overview of FIDO authentication, including how it works, adoption rates, and certification programs. It also summarizes the Alliance's work in identity verification, binding, and FIDO Device Onboarding to fill gaps and further the passwordless vision.
WSO2 Guest Webinar: FIDO Universal Second Factor (U2F) for WSO2 Identity ServerWSO2
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/12/fido-universal-second-factor-u2f-for-wso2-identity-server
In this webinar, WSO2, Yubico co-creator of U2F, and WSO2's premier integrator Yenlo explain the technology, discuss the use cases for strong authentication, and demonstrate the power and ease-of-use of the U2F security key. WSO2 will present the Authentication framework of WSO2 Identity server, Multi factor and Multi step authentication configuration and more.
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance
The FIDO Alliance was launched with the audacious goal – to move the entire world away from usernames, passwords, and traditional multi-factor authentication to a much simpler and stronger way to log in with FIDO. It’s now 2021, so … are we there yet?
Join us for a webinar to take a look at the past year’s progress, and see what’s next. Our executive director and CMO Andrew Shikiar and our director of standards development David Turner will be on the line to take your questions – ask us anything!
Webinar: Catch Up with FIDO Plus AMA SessionFIDO Alliance
The FIDO Alliance's goal is for the whole world to move away from usernames, passwords, and traditional MFA to a simpler and stronger way to log in with FIDO! Here's a look at the past year’s progress and what's happening next.
The FIDO Alliance Today: Status and NewsFIDO Alliance
The FIDO Alliance invites you to learn how simplify strong authentication for web services.
This presentation was part of our FIDO Alliance Seminar in Tokyo, Japan, in November, 2015.
NTT DOCOMO Deployment Case Study: Your Security, More SimpleFIDO Alliance
NTT DOCOMO has deployed FIDO standards for strong authentication on its network in Japan to simplify security for users. It launched FIDO authentication using biometric sensors on Android devices in 2015 and later expanded to iOS devices with Touch ID. This allows d ACCOUNT users to log in and approve payments with fingerprints instead of passwords. NTT DOCOMO's implementation of open FIDO standards across multiple device platforms demonstrates the growing adoption of simpler, stronger authentication.
Similar to Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf (20)
RPA In Healthcare Benefits, Use Case, Trend And Challenges 2024.pptxSynapseIndia
Your comprehensive guide to RPA in healthcare for 2024. Explore the benefits, use cases, and emerging trends of robotic process automation. Understand the challenges and prepare for the future of healthcare automation
Kief Morris rethinks the infrastructure code delivery lifecycle, advocating for a shift towards composable infrastructure systems. We should shift to designing around deployable components rather than code modules, use more useful levels of abstraction, and drive design and deployment from applications rather than bottom-up, monolithic architecture and delivery.
Implementations of Fused Deposition Modeling in real worldEmerging Tech
The presentation showcases the diverse real-world applications of Fused Deposition Modeling (FDM) across multiple industries:
1. **Manufacturing**: FDM is utilized in manufacturing for rapid prototyping, creating custom tools and fixtures, and producing functional end-use parts. Companies leverage its cost-effectiveness and flexibility to streamline production processes.
2. **Medical**: In the medical field, FDM is used to create patient-specific anatomical models, surgical guides, and prosthetics. Its ability to produce precise and biocompatible parts supports advancements in personalized healthcare solutions.
3. **Education**: FDM plays a crucial role in education by enabling students to learn about design and engineering through hands-on 3D printing projects. It promotes innovation and practical skill development in STEM disciplines.
4. **Science**: Researchers use FDM to prototype equipment for scientific experiments, build custom laboratory tools, and create models for visualization and testing purposes. It facilitates rapid iteration and customization in scientific endeavors.
5. **Automotive**: Automotive manufacturers employ FDM for prototyping vehicle components, tooling for assembly lines, and customized parts. It speeds up the design validation process and enhances efficiency in automotive engineering.
6. **Consumer Electronics**: FDM is utilized in consumer electronics for designing and prototyping product enclosures, casings, and internal components. It enables rapid iteration and customization to meet evolving consumer demands.
7. **Robotics**: Robotics engineers leverage FDM to prototype robot parts, create lightweight and durable components, and customize robot designs for specific applications. It supports innovation and optimization in robotic systems.
8. **Aerospace**: In aerospace, FDM is used to manufacture lightweight parts, complex geometries, and prototypes of aircraft components. It contributes to cost reduction, faster production cycles, and weight savings in aerospace engineering.
9. **Architecture**: Architects utilize FDM for creating detailed architectural models, prototypes of building components, and intricate designs. It aids in visualizing concepts, testing structural integrity, and communicating design ideas effectively.
Each industry example demonstrates how FDM enhances innovation, accelerates product development, and addresses specific challenges through advanced manufacturing capabilities.
How Social Media Hackers Help You to See Your Wife's Message.pdfHackersList
In the modern digital era, social media platforms have become integral to our daily lives. These platforms, including Facebook, Instagram, WhatsApp, and Snapchat, offer countless ways to connect, share, and communicate.
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfNeo4j
Presented at Gartner Data & Analytics, London Maty 2024. BT Group has used the Neo4j Graph Database to enable impressive digital transformation programs over the last 6 years. By re-imagining their operational support systems to adopt self-serve and data lead principles they have substantially reduced the number of applications and complexity of their operations. The result has been a substantial reduction in risk and costs while improving time to value, innovation, and process automation. Join this session to hear their story, the lessons they learned along the way and how their future innovation plans include the exploration of uses of EKG + Generative AI.
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsMydbops
This presentation, delivered at the Postgres Bangalore (PGBLR) Meetup-2 on June 29th, 2024, dives deep into connection pooling for PostgreSQL databases. Aakash M, a PostgreSQL Tech Lead at Mydbops, explores the challenges of managing numerous connections and explains how connection pooling optimizes performance and resource utilization.
Key Takeaways:
* Understand why connection pooling is essential for high-traffic applications
* Explore various connection poolers available for PostgreSQL, including pgbouncer
* Learn the configuration options and functionalities of pgbouncer
* Discover best practices for monitoring and troubleshooting connection pooling setups
* Gain insights into real-world use cases and considerations for production environments
This presentation is ideal for:
* Database administrators (DBAs)
* Developers working with PostgreSQL
* DevOps engineers
* Anyone interested in optimizing PostgreSQL performance
Contact info@mydbops.com for PostgreSQL Managed, Consulting and Remote DBA Services
Choose our Linux Web Hosting for a seamless and successful online presencerajancomputerfbd
Our Linux Web Hosting plans offer unbeatable performance, security, and scalability, ensuring your website runs smoothly and efficiently.
Visit- https://onliveserver.com/linux-web-hosting/
How RPA Help in the Transportation and Logistics Industry.pptxSynapseIndia
Revolutionize your transportation processes with our cutting-edge RPA software. Automate repetitive tasks, reduce costs, and enhance efficiency in the logistics sector with our advanced solutions.
Support en anglais diffusé lors de l'événement 100% IA organisé dans les locaux parisiens d'Iguane Solutions, le mardi 2 juillet 2024 :
- Présentation de notre plateforme IA plug and play : ses fonctionnalités avancées, telles que son interface utilisateur intuitive, son copilot puissant et des outils de monitoring performants.
- REX client : Cyril Janssens, CTO d’ easybourse, partage son expérience d’utilisation de notre plateforme IA plug & play.
TrustArc Webinar - 2024 Data Privacy Trends: A Mid-Year Check-InTrustArc
Six months into 2024, and it is clear the privacy ecosystem takes no days off!! Regulators continue to implement and enforce new regulations, businesses strive to meet requirements, and technology advances like AI have privacy professionals scratching their heads about managing risk.
What can we learn about the first six months of data privacy trends and events in 2024? How should this inform your privacy program management for the rest of the year?
Join TrustArc, Goodwin, and Snyk privacy experts as they discuss the changes we’ve seen in the first half of 2024 and gain insight into the concrete, actionable steps you can take to up-level your privacy program in the second half of the year.
This webinar will review:
- Key changes to privacy regulations in 2024
- Key themes in privacy and data governance in 2024
- How to maximize your privacy program in the second half of 2024
YOUR RELIABLE WEB DESIGN & DEVELOPMENT TEAM — FOR LASTING SUCCESS
WPRiders is a web development company specialized in WordPress and WooCommerce websites and plugins for customers around the world. The company is headquartered in Bucharest, Romania, but our team members are located all over the world. Our customers are primarily from the US and Western Europe, but we have clients from Australia, Canada and other areas as well.
Some facts about WPRiders and why we are one of the best firms around:
More than 700 five-star reviews! You can check them here.
1500 WordPress projects delivered.
We respond 80% faster than other firms! Data provided by Freshdesk.
We’ve been in business since 2015.
We are located in 7 countries and have 22 team members.
With so many projects delivered, our team knows what works and what doesn’t when it comes to WordPress and WooCommerce.
Our team members are:
- highly experienced developers (employees & contractors with 5 -10+ years of experience),
- great designers with an eye for UX/UI with 10+ years of experience
- project managers with development background who speak both tech and non-tech
- QA specialists
- Conversion Rate Optimisation - CRO experts
They are all working together to provide you with the best possible service. We are passionate about WordPress, and we love creating custom solutions that help our clients achieve their goals.
At WPRiders, we are committed to building long-term relationships with our clients. We believe in accountability, in doing the right thing, as well as in transparency and open communication. You can read more about WPRiders on the About us page.
Paradigm Shifts in User Modeling: A Journey from Historical Foundations to Em...Erasmo Purificato
Slide of the tutorial entitled "Paradigm Shifts in User Modeling: A Journey from Historical Foundations to Emerging Trends" held at UMAP'24: 32nd ACM Conference on User Modeling, Adaptation and Personalization (July 1, 2024 | Cagliari, Italy)
UiPath Community Day Kraków: Devs4Devs ConferenceUiPathCommunity
We are honored to launch and host this event for our UiPath Polish Community, with the help of our partners - Proservartner!
We certainly hope we have managed to spike your interest in the subjects to be presented and the incredible networking opportunities at hand, too!
Check out our proposed agenda below 👇👇
08:30 ☕ Welcome coffee (30')
09:00 Opening note/ Intro to UiPath Community (10')
Cristina Vidu, Global Manager, Marketing Community @UiPath
Dawid Kot, Digital Transformation Lead @Proservartner
09:10 Cloud migration - Proservartner & DOVISTA case study (30')
Marcin Drozdowski, Automation CoE Manager @DOVISTA
Pawel Kamiński, RPA developer @DOVISTA
Mikolaj Zielinski, UiPath MVP, Senior Solutions Engineer @Proservartner
09:40 From bottlenecks to breakthroughs: Citizen Development in action (25')
Pawel Poplawski, Director, Improvement and Automation @McCormick & Company
Michał Cieślak, Senior Manager, Automation Programs @McCormick & Company
10:05 Next-level bots: API integration in UiPath Studio (30')
Mikolaj Zielinski, UiPath MVP, Senior Solutions Engineer @Proservartner
10:35 ☕ Coffee Break (15')
10:50 Document Understanding with my RPA Companion (45')
Ewa Gruszka, Enterprise Sales Specialist, AI & ML @UiPath
11:35 Power up your Robots: GenAI and GPT in REFramework (45')
Krzysztof Karaszewski, Global RPA Product Manager
12:20 🍕 Lunch Break (1hr)
13:20 From Concept to Quality: UiPath Test Suite for AI-powered Knowledge Bots (30')
Kamil Miśko, UiPath MVP, Senior RPA Developer @Zurich Insurance
13:50 Communications Mining - focus on AI capabilities (30')
Thomasz Wierzbicki, Business Analyst @Office Samurai
14:20 Polish MVP panel: Insights on MVP award achievements and career profiling
Sustainability requires ingenuity and stewardship. Did you know Pigging Solutions pigging systems help you achieve your sustainable manufacturing goals AND provide rapid return on investment.
How? Our systems recover over 99% of product in transfer piping. Recovering trapped product from transfer lines that would otherwise become flush-waste, means you can increase batch yields and eliminate flush waste. From raw materials to finished product, if you can pump it, we can pig it.
Understanding Insider Security Threats: Types, Examples, Effects, and Mitigat...Bert Blevins
Today’s digitally connected world presents a wide range of security challenges for enterprises. Insider security threats are particularly noteworthy because they have the potential to cause significant harm. Unlike external threats, insider risks originate from within the company, making them more subtle and challenging to identify. This blog aims to provide a comprehensive understanding of insider security threats, including their types, examples, effects, and mitigation techniques.
2. FIDO Taipei Workshop: Securing the Edge with FDO
2
What problem does FDO solve?
When a new enterprise, edge or IOT solution is being
installed in a facility (factory, hospital, car, store etc.),
the device must be “onboarded” to its management
platform (on-premise or cloud)
FDO provides secure “plug and play” onboarding for
almost any device/network.
3. FIDO Taipei Workshop: Securing the Edge with FDO
3
Manual Vs FDO onboarding
Manual
Slow – often 20 mins/device
Poor security
Need skilled technician
Expensive
FDO
Fast – about 1 min/device
High security
No skills needed for installation
Lower installation costs
Open standard
4. FIDO Taipei Workshop: Securing the Edge with FDO
4
FDO: Fast, Scalable Device Provisioning, Onboarding & Activation
Zero touch onboarding – integrates with existing zero touch solutions
Fast & more secure – ~1 minute
Hardware flexibility – any hardware - ARM MCU to Intel
®
Xeon
®
Any cloud – internet, intranet & closed network, multi-tenant
Late binding – reduces number of product SKUs needed
Multiple implementations – 5 implementations in various programming languages
Certification program – Available from FIDO Alliance
4
1. Drop ship device to
installation location
2. Power-up & connect
to Network 3. Auto-provisions, Onboards
to Device Management
Service
4
1. No product or component can be absolutely secure
5. FIDO Taipei Workshop: Securing the Edge with FDO
5
How FDO works
Device Manufacturer
3
Load Ownership
Voucher (OV) to
Cloud
Device in box shipped
to installation location
1
Ownership
Voucher (OV)
FDO
Manufacturing
tool
FDO Client, Credentials
path to RV server
a. FDO agent & FDO credentials
places in device.
b. Ownership Voucher (OV)
created
8
7
a. Mutual authentication
takes place
b. Secure channel is
established
c. Onboarding takes place
using FSIM’s
Device given network
connectivity and powers up
Target Cloud
Application
Data
/
Control
→
Cloud Managed,
Device data flows
FDO owner
5
Device contacts RV
and is re-directed to
Cloud
6
Rendezvous
server (RV)
4
Register OV
with
Rendezvous
Server
FDO Client &
credentials
2
Onboarding
Data
→
6. FIDO Taipei Workshop: Securing the Edge with FDO
6
How FDO works (with spec terms)
Device Manufacturer
Ownership
Voucher (OV)
FDO
Manufacturing
tool
FDO Client &
Credentials
Device Initialization (DI)
• Places FDO device credentials in Device
• Creates FDO Ownership Voucher
Target Cloud
FDO owner
Rendezvous
server (RV)
FDO Client &
credentials
T00/T01 protocols
• The interaction between Device and
Rendezvous Server
• Device identifies itself to the
Rendezvous Server. Obtains mapping to
connect to the Owner’s IP address.
T02 protocol
• The interaction between
Device and Owner.
• Device contacts Owner.
Establishes trust and then
performs onboarding
Application
Data
/
Control
→
Onboarding
Data
→
Final State
Cloud Managed,
Device data flows
7. FIDO Taipei Workshop: Securing the Edge with FDO
7
FIDO Device Onboard: Late Binding in Supply Chain
Customer 1
Build-to-order
Manufacturing
Infrastructure
• Zero Touch without FDO
Device software and security
customization happens at manufacture
• ➔ Complicated manufacturing
infrastructure, many SKUs, higher cost
Customer 1
Customer 2
Customer 3
Build-to-plan
Manufacturing
Infrastructure
• Zero Touch with FDO
Device software and security
customization happens at installation
• ➔ Simplified supply chain, lower costs
FDO reduces costs & complexity in supply chain – a single device SKU for all customers
Customer 1
Customer 1
Customer 2
Customer 3
FDO late
binding
8. FIDO Taipei Workshop: Securing the Edge with FDO
8
Authors of the FDO specification
The FDO spec was written by
technology leaders:
• Intel
• Amazon
• Google
• Microsoft
• Qualcomm
• ARM Link to FDO 1.1 specification
9. FIDO Taipei Workshop: Securing the Edge with FDO
9
Why adopt an onboarding standard like FDO?
Open standards are built on the contribution of security experts from multiple companies –
this often brings broader expertise and ideas than an individual company
As security threats evolve, the standard can evolve to address them
The standard expands over times to add more capabilities, while keeping backward
compatibility as a critical element. It can therefore meet short term and long term needs.
Ability to mix and match with confidence solutions from different vendors – via FIDO FDO
interoperability testing
Simplifies system security analysis
Users don’t need to own the upkeep of their solution as this is handled by open source or
commercial companies
With proprietary solutions, if the in-house expert leaves, that can create a long term support
issue
11. FIDO Taipei Workshop: Securing the Edge with FDO
11
Potential application of FDO to
Manufacturing Applications
Manufacturing Cloud
Local Server (ACP)
PLC/DCN
12. FIDO Taipei Workshop: Securing the Edge with FDO
12
Potential application of FDO to
Retail Applications
Retail Cloud
Local Server
POS
Security
Camera
Cloud
13. FIDO Taipei Workshop: Securing the Edge with FDO
13
Potential application of FDO to
Medical Applications
Cloud
Local Server
14. FIDO Taipei Workshop: Securing the Edge with FDO
14
Potential application of FDO to
Automotive Applications
Software update
15. FIDO Taipei Workshop: Securing the Edge with FDO
15
Potential application of FDO to
In-vehicle Automotive Applications
Vehicle
computer
Zone
controller
17. FIDO Taipei Workshop: Securing the Edge with FDO
17
FDO is highly flexible and therefore can users can choose the architecture that
best meets there needs
As a users needs evolved, FDO can be extended without breaking backwards
compatibility
single cloud ➔ multi-cloud ➔ closed network ➔ ‘bring your own devices’
Choosing the right FDO deployment model for
your application
18. FIDO Taipei Workshop: Securing the Edge with FDO
18
Scenario 1: Onboarding devices with direct internet access,
single cloud/platform
Cloud 1
19. FIDO Taipei Workshop: Securing the Edge with FDO
19
Scenario 2: Onboarding devices with direct internet access,
multiple clouds
Cloud 1 Cloud 2
Clouds could be
different geographies
Same type of
hardware is
deployed to
different Clouds
20. FIDO Taipei Workshop: Securing the Edge with FDO
20
Scenario 3: Onboarding devices without direct internet access
(On-premise/Closed Network)
21. FIDO Taipei Workshop: Securing the Edge with FDO
21
Scenario 4: Onboarding devices – some with and some without
direct internet access
Cloud 1 Cloud 2
Cloud 3
22. FIDO Taipei Workshop: Securing the Edge with FDO
22
Scenario 5: Onboarding devices with direct internet access,
single cloud/platform, multi-tenant
Cloud 1
Tenant 1
Tenant 2
Tenant 3
Customer 1
Customer 2
Customer 3
23. FIDO Taipei Workshop: Securing the Edge with FDO
23
Scenario 6: Onboarding devices with internet access and
Closed Network, single cloud/platform, Roaming customers
and multi-tenant
Cloud 1
Tenant 1
Tenant 2
Tenant 3
Customer 1
Customer 2
Cloud 2
Roaming
Customer 3
24. FIDO Taipei Workshop: Securing the Edge with FDO
24
FDO – A Flexible and extensible
solution
25. FIDO Taipei Workshop: Securing the Edge with FDO
25
FDO Deployment Flexibility
Architectural Sophistication
Single Internet
Cloud
Internet Cloud
& On-
prem/Closed
Single Cloud
with Multi-
tenant
Multi-Cloud,
Internet and
closed network
with Multi-
tenant
26. FIDO Taipei Workshop: Securing the Edge with FDO
26
ExxonMobil
ExxonMobil is a leader in the move to standards-based, open,
secure, interoperable process control solutions (OPAF)
ExxonMobil and Yokogawa successfully used FDO in their
Texas testbed.
They expect to start running a field trial in the next year at an
ExxonMobil Manufacturing facility in Baton Rouge, LA
ExxonMobil’s integrator, Yokogawa, has integrated FDO to
automate device installation.
ExxonMobil’s collaborators for the field trial include various IT
and OT suppliers
Source: Yokogawa
FDO demo on LinkedIn
27. FIDO Taipei Workshop: Securing the Edge with FDO
27
FDO Business FAQ
1. Do I need to join the FIDO Alliance to use the FDO specification?
➢ No. FDO is an open standard. The spec can be downloaded from the FIDO Alliance web site.
➢ Joining the FIDO Alliance will allow you to impact the evolution of FDO and learn from other users and ecosystem
partners
2. What is the license agreement for the FDO technical specification
➢ The FIDO Alliance IPR terms can be found here:
https://media.fidoalliance.org/wp-content/uploads/2019/12/FIDO-IPR-flowchart-v4-W3C.pdf
3. Do I need to pay for certification?
➢ The FIDO Alliance does offer a paid FDO Certification program.
➢ There is no obligation for members to certify their products, however if companies want to use a FIDO FDO certification
logo then certification of the product is required.
➢ Members do receive a discount on Certification costs.
3. Is there software available that implements FDO? Do I need to pay for them?
➢ Yes, multiple versions. Some are open source, some are commercial version.
28. FIDO Taipei Workshop: Securing the Edge with FDO
28
Extending FDO applications with FSIMs
Hardware ships
with FDO only
Software deployed
at facility via FDO
Remote SW deployment
Firmware update
deployed at facility
via FDO
Remote firmware updated
Hardware ships with
FDO and SW load
FSIM protocols
• Embedded
protocols within
FDO that perform
onboarding
actions
• Examples: File
transfers, key
generation, shell
commands
29. FIDO Taipei Workshop: Securing the Edge with FDO
29
Conclusion
FDO is highly flexible and extensible
A wide range of deployment architectures are supported
Customers can evolve their architecture over time while retaining compatibility
FDO has been developed to offer a high degree of security
Customers can further extend the security as needed in their application
Users can mix-and-match their credential storage approach as needed
FDO can be used with a wide range of processors and Operating systems
In conclusion, FDO meets your onboarding needs for today and the future