WoTT Security BlogMusings, thoughts, ideas, releases on security
open-sourceThe significance of mTLS and why you should care about itBy Fiona McAllister on September 09, 2019
Introduction Note there are some tutorials within this article. These vary in difficulty. All require a linux distribution to be compatible with our agent. Cybersecurity is an ever-growing, ever-complicating field. As a new developer, it can be daunting to think of where to start. Here we’re going to talk a little about... Continue reading
IoT Encryption Failures and how to avoid themBy Nikoletta Triantafyllopoulou on August 28, 2019
IoT encryption failures and how to avoid them Introduction The stories of misconfigured security systems leading to leaks of client data are common. Take for example the Equifax data breach back in 2017. The vulnerability was detected with a great delay due to expired certificates. According to Venafi The device inspecting encrypted... Continue reading
The Future of IoTBy Nikoletta Triantafyllopoulou on August 16, 2019
The Future of IoT Introduction The Future of IoT is both fascinating and challenging. As the number of connected devices is expected to triple by 2025, there are many significant questions and issues rising. Such as what does this mean for the Industry? What implications does this create? To start with, security... Continue reading
IoT Security Issues and ChallengesBy Nikoletta Triantafyllopoulou on August 12, 2019
IoT Security Issues and Challenges IoT Security issues are quite a challenge for this burgeoning industry. There is a growing number of devices, applications and systems which turn to IoT. This helps them to upscale their efficiency and their services and to make life easier for users. So let us take a... Continue reading
Using WoTT to Secure a Paho MQTT ClientBy Fiona McAllister on July 19, 2019
Using WoTT to Secure a Connection from a Paho MQTT Client to an MQTT Server (Mosquitto MQTT Example included) Introduction In a previous example we discussed how to secure connections between an Mosquitto MQTT broker and the Mosquitto client. In that there are several different brokers for an MQTT brokers, there are... Continue reading
Connecting Edge IoT devices with KubernetesBy Viktor Petersson on July 18, 2019
Bridging Edge IoT devices with Kubernetes Required Skill Level: Medium to Expert In my last blog post, we covered how to configure Nginx to use Mutual TLS (mTLS). This illustrated how mTLS can both simplify the back-end, while also make it more secure. In this article, we will take this one step... Continue reading
Using WoTT to Secure Access to a Mosquitto MQTT ServerBy Fiona McAllister on July 15, 2019
Using WoTT to Cryptographically Secure Access Between a Mosquitto Brokered MQTT Client and Server Introduction Mosquitto is a lightweight message broker for MQTT. MQTT itself is a pub-sub messaging protocol that is particularly popular amongst IoT applications due to its optimisation for high-latency networks. Together, they are effective for IoT usage being... Continue reading
Configuring Nginx with client certificate authentication (mTLS)By Viktor Petersson on July 15, 2019
Configuring Nginx with client certificate authentication (mTLS) Required Skill Level: Medium to Expert Time to complete: 15-20 min In this post we will walk through how to configure Nginx to support mutual TLS to authenticate a client request in 3 steps: Install certificate on client Set up a server Whitelist client One... Continue reading
Using WoTT credentials to manage access to Adafruit IO feedsBy Fiona McAllister on June 27, 2019
Using Adafruit IO with WoTT Credentials Introduction Adafruit IO is a free cloud service interested in making IoT accessible to everyone through presenting data in a useful and user-friendly way. Services that they provide include linking your IoT devices to Twitter and weather services. You can also use Adafruit IO to monitor... Continue reading
Using WoTT credentials to manage access to Screenly OSEBy Fiona McAllister on June 25, 2019
Using WoTT to secure access to Screenly Introduction Screenly is a service that provides digital signage and acts as an OS on the host device. Essentially it treats your host device as a streaming service that projects visual media (such as images and webpages) onto a monitor from multiple different sources. Think... Continue reading