October 31 - November 1 - Co-Located Events
October 28-30 - Conference
Lyon Convention Centre - Lyon, France
More information for Open Source Summit + Embedded Linux Conference Europe 2019
Back To Schedule
Wednesday, October 30 • 16:15 - 16:50
How Secure is Your Edge with EdgeX? - Tingyu Zeng, Dell/RSA & Malini Bhandaru, VMware

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
IoT presents a large attack surface, stemming from the number of connected components, physical distribution, and bugs in hardware and software. In this talk we focus on the Edge, systems close to the IoT sensors and actuators to reduce network bandwidth needs yet lower response latencies. EdgeX Foundry, an open source LF project, is a collection of microservices that collect, process, and respond to sensor data along with various support services. We review its threat model and the security best practices it adopts, such as code scans for known CVEs and security anti-patterns, use of Kong for secure gateway/proxy, use of Vault for secure storage of keys and authentication credentials, audit logging, and deployment prescriptions to limit privilege escalation and stolen media type attacks, and incidence response. Lastly, we touch on security roadmap items such as PKI for authenticated secure inter-service interaction and Trusted Platform Modules for secure boot and encrypted storage .

avatar for Malini Bhandaru

Malini Bhandaru

Sr. Staff, VMware
Malini Bhandaru leads open source ML efforts at VMware's Open Source Technology Centre and has worked on IoT/Edge, Cloud Computing, faster cryptography implementations, designing processor power and performance features, and early eCommerce. She is currently involved with Kubeflow... Read More →

Tingyu Zeng

Sr. Principal Engineer, Dell/RSA
Tingyu Zeng, Senior Principal Software Engineer and Security Lead for Dell Technologies’ IoT Platform Development Team. Tingyu is a co-chair of the Security Work Group of EdgeX Foundry, an open framework for building industrial IoT edge computing system under Apache 2 license project... Read More →

Wednesday October 30, 2019 16:15 - 16:50 CET
Bellecour 3
  Security & Safety
  • Session Slides Included Yes