Linux Security Summit 2014/Abstracts/Schaufler
Tizen, Security and the Internet of Things
Casey Schaufler, Intel
The Internet Of Things (IOT) is upon us. Smart cars are the norm, smart televisions and watches are common and smart shirts are available. Smart phones are ubiquitous. The Tizen operating system is running on all of these devices. The security features of Tizen are heavily driven by the needs and requirements of the IOT. There is an organic, interactive and continuously surprising process driving both the expectations of security and the technology that provides it. This is the story of how Tizen is driving and responding to the other security drivers in the Internet Of Things.
The talk begins with a brief description of the Tizen operating system. The kernel, service and web runtime security models are explained. An overview of the philosophy behind customizing the system for specific use profiles and products comes next.
We move on to a discussion of the security issues inherent in a distributed, asymmetric, device oriented computing system. The problems that crop up when mixing communications technologies get mentioned, as do those associated with non-uniform policy.
Finally, the Tizen approach to addressing the situation is presented. Standards from W3C, industry initiatives, and a veritable plethora of open source projects get identified and tied together. The strong points and shortcomings get approximately equal time in the spotlight.