Application Security Options - SmartThings Case Study
When building a modern IoT platform you will have security concerns that span from hardware all the way out to consumers phones. We will go through a deep dive of many security concepts and talk about pros/cons of each option while discussing how we have scaled our solutions.
The SmartThings cloud platform is a microservice architecture built out across many deployment methodologies in the cloud and we allow deep integrations from external developers.
Some of the security tech we will cover while also talking about how to scale these practices:
- HTTP Signatures
- JWT/JWS/JWE
- OAuth
After we get through a foundation of these security approaches we will work through these scenarios with real world examples from my experience at SmartThings
- OAuth Provider
- OAuth Consumer
- API Security
- Connected Hardware
- Service to Service Security
By the end I you will have a good understanding of when you could make use of these different security methods.