Security consultant and researcher
Long experience in designing and implementation of security solutions, mainly oriented on web, mobile and embedded applications. Author of penetration testing tools, recognized by OWASP organization and BackTrack Linux distribution. Researching work includes discovery of vulnerabilities of numeral applications and services, and for these, author received public apreciations by Microsoft Company..
Some photos and IoT tips from NIST @ Risk Conference, Lasko, Slovenia, year 2016
Path Forward to Securing IoT via NIST
- Categorize the threats in terms of importance: Denial of Service vs Data Loss, Confidentiality (Encryption) vs Availability (Energy), Quantify the Big Data challenge for security
- Develop primitives that can allow the IoT devices to be secure on a macroscopic vs microscopic level: Encryption of data vs Authentication of devices, Move expensive security operations on hardware vs software, Understand what is important: connectivity vs usability