Internet of Things
Security Congress Abstract
Growth in IoT endpoints has significant negative physical impacts if the APIs managing them are not protected more properly secured. Successfully managing this new IoT risk means successfully managing the security of the APIs with API security that enables their intelligent communication. An API security strategy must focus on identity through the cloud be able to:
-authenticate and authorize IoT endpoints for session setup using OIDC/Oauth2 flows
-enforce support for multi-factor authentication for secure IoT session access
This session will present technical architecture and operational demonstrations to secure IoT APIs using OIDC/Oauth2, MFA to the IoT device, and security operations mitigation to the cloud-enabled IoT identity.