Re: [Embedlets-dev] Re: [Arch]embedlets & security
Status: Alpha
Brought to you by:
tkosan
Menu
▾
▴
Re: [Embedlets-dev] Re: [Arch]embedlets & security
|
From: Brill P. <bri...@ro...> - 2003-02-09 09:55:31
|
> > That doesn't help us with SSL however, which your going to need to you > > provide HTTP access directly from the device. > > Well, does one really need to encrypt the communications to and from an > embedded device? I would think that measurement data along with command and > control messages do not represent sensitive information that needs to be > encrypted. I can definitely see the need to digitally sign outgoing data posts > and to verify the digital signatures on incoming commands in certain > situations, though. The crypto iButtons should be able to handle these chores > I think. Regardless of my opinion... that's one of the first things that's going to be asked by systems people when you try to sell it to them. The system is really to be run on internal networks, but that won't make the security conscious happy... as for how sensitive the data actually is... I'm not sure... if I had to come up with an example on the spot, you could for instance find out how many of a product a company was producing, or if there where having trouble with their machinery... both of which could be used against the company... how? be inventive... ;) for instance, if you where another company trying to close a deal with them, you might find that information valuable. Anyway, I think we can get away with not implementing it for our prototypes, but I think its something that *is* a serious issue that we need to address. - Brill Pappin |
Thanks for helping keep SourceForge clean.
X