iHub.eu presented the Challenge “FIWARE Security Challenge” – a challenge for developers willing to learn about FIWARE technologies and contribute to their security by testing, stressing and discovering its vulnerabilities.
The FIWARE standard was developed as part of a European program FI-PPP, which involved the cooperation of the EU with the major European ICT industries, with a total investment (public-private) about 450 MEuro. FIWARE provides core technologies for developing smart applications usable on any instrument connectivity between integrating their technologies for the Internet of Things, Big Data, Security and Privacy, networks, and of course infrastructure cloud. All FIWARE technologies are developed as Open Source Software.
The challenge is organized by iHub.eu (http://ihub.eu/) a network of Internet innovation hubs, part of FIWARE initiative.
Scope:
Stress test FIWARE! Identify possible vulnerabilities which will cause security problems starting from the FIWARE GE orion context broker (e.g by SQL Injections, RCE, Buffer Overflow etc…):
http://catalogue.fiware.org/enablers/publishsubscribe-context-broker-orion-context-broker
Source Code https://github.com/telefonicaid/fiware-orion
API EndPoints: FiwareLab: https://account.lab.fiware.org/sign_up/
The participants can also check other GE’s if they wish.
Evaluation:
The Challenge coordination team (Stefano de Panfilis, Ionut, Pislar, Barnabas Nagy, Simona Laza) will assess the submitted vulnerabilities and award points for each found vulnerability based on it’s complexity and impact created upon the service.
Prize:
The winner will be awarded 500€.
Winner
Ambrosie Ionut