FIWARE Security Challenge at DefCamp 2015

iHub.eu presented the Challenge “FIWARE Security Challenge” – a challenge for developers willing to learn about FIWARE technologies and contribute to their security by testing, stressing and discovering its vulnerabilities.
fiware
The FIWARE standard was developed as part of a European program FI-PPP, which involved the cooperation of the EU with the major European ICT industries, with a total investment (public-private) about 450 MEuro. FIWARE provides core technologies for developing smart applications usable on any instrument connectivity between integrating their technologies for the Internet of Things, Big Data, Security and Privacy, networks, and of course infrastructure cloud. All FIWARE technologies are developed as Open Source Software.
The challenge is organized by iHub.eu (http://ihub.eu/) a network of Internet innovation hubs, part of FIWARE initiative.

Scope:

Stress test FIWARE! Identify possible vulnerabilities which will cause security problems starting from the FIWARE GE orion context broker (e.g by SQL Injections, RCE, Buffer Overflow etc…):
http://catalogue.fiware.org/enablers/publishsubscribe-context-broker-orion-context-broker
Source Code https://github.com/telefonicaid/fiware-orion
API EndPoints: FiwareLab: https://account.lab.fiware.org/sign_up/
The participants can also check other GE’s if they wish.

Evaluation:

The Challenge coordination team (Stefano de Panfilis, Ionut, Pislar, Barnabas Nagy, Simona Laza) will assess the submitted vulnerabilities and award points for each found vulnerability based on it’s complexity and impact created upon the service.

Prize:

The winner will be awarded 500€.

Winner

Ambrosie Ionut

    Related articles​

    We saved the best for last: see what happened at ..

    BY defcamp
    2022 kicked-off, nostalgia hit… We have to admit: the beginning of 2022 found us feeling very nostalgic ..

    DefCamp 2021 – an edition with a twist and a..

    BY florina
    2021 was a challenging year to say the least. The world continued most of its activities fully online which ..

    Hacking Village revealed 🏆 – at DefCamp ..

    BY defcamp
    The DefCamp Hacking Village is back – this time, online! Are you ready to compete and win all the ..