Or securing the beauty as some would say, after proper login has been added to the beauty of the private constructors dashboard. Hiding the four time world champion of user experience behind a login-wall, created with the power of passport on node.js.
There is a beauty in logging in to an application every day, knowing that you can control your remote-controlled-IoT-excavator, also known as Digger3000 or AutoDigger without anyone hijacking the controls.
It is not enough to have a secure frontend, it must be secured in the back as well.
We put up our own mqtt server, it is a ubuntu VM in azure. We have put up an IP restriction on it, so that only devices from pre approved IP adresses can send and receive data from it.
Also every sensor must have a unique ID that is preset in the mqtt broker, and also a password.
We would really like to use the extra layer of security that the different IoT clouds can provide, but the ESP8266 chip that we have used does not support this without some modification that made it impractical for us to do it on this short hackaton.
But we are confident that with the measures we have taken, your average hacker will not be able to take down or interfere with our system.
When it comes to the sensors and API’s that we used from Disruptive Technologies, they are super secure and proprietary. And they guarantee absolute security in form of encryption in all stages of transmittion and delivery of data.
We apply for the badge [Force Field]