FIWARE Security Challenge at DefCamp 2015

iHub.eu presented the Challenge “FIWARE Security Challenge” – a challenge for developers willing to learn about FIWARE technologies and contribute to their security by testing, stressing and discovering its vulnerabilities.
fiware
The FIWARE standard was developed as part of a European program FI-PPP, which involved the cooperation of the EU with the major European ICT industries, with a total investment (public-private) about 450 MEuro. FIWARE provides core technologies for developing smart applications usable on any instrument connectivity between integrating their technologies for the Internet of Things, Big Data, Security and Privacy, networks, and of course infrastructure cloud. All FIWARE technologies are developed as Open Source Software.
The challenge is organized by iHub.eu (http://ihub.eu/) a network of Internet innovation hubs, part of FIWARE initiative.

Scope:

Stress test FIWARE! Identify possible vulnerabilities which will cause security problems starting from the FIWARE GE orion context broker (e.g by SQL Injections, RCE, Buffer Overflow etc…):
http://catalogue.fiware.org/enablers/publishsubscribe-context-broker-orion-context-broker
Source Code https://github.com/telefonicaid/fiware-orion
API EndPoints: FiwareLab: https://account.lab.fiware.org/sign_up/
The participants can also check other GE’s if they wish.

Evaluation:

The Challenge coordination team (Stefano de Panfilis, Ionut, Pislar, Barnabas Nagy, Simona Laza) will assess the submitted vulnerabilities and award points for each found vulnerability based on it’s complexity and impact created upon the service.

Prize:

The winner will be awarded 500€.

Winner

Ambrosie Ionut

    Related articles​

    Cybersecurity may come in different shapes and ..

    BY Adina Harabagiu
    Since you’re working in cybersecurity, you’re most probably doing everything in your power to keep your ..

    How community involvement shapes cybersecurity ..

    BY andra.zaharia
    In cybersecurity, many of us are self-starters and self-learners. In a field that’s so vast, so competitive,..

    Driving innovation while securing intricate ..

    BY Adina Harabagiu
    When scanning an extensive environment for vulnerabilities, there are lots of potential attack vectors hackers..