OREANDA-NEWS. April 12, 2016. Guy bought a new refrigerator; a smart one.  In addition to keeping the milk from going bad, it tracks inventory, the habits of the household, and reports this data back to its home base.  Of course, this is not the only Internet connected device Guy’s household owns; thermostats, security cameras, motion detectors, light controls, locks, and on and on.  When Guy sells his house, he will go around decommissioning all these devices; disabling, reconfiguring, dismembering them.  But then, how is the new owner going to get into the house and turn on the lights?  It is a new world. 

From the Consumers’ Perspective

It is easy to fall in love with the convenience.  But what happens to all these devices and providers of the services in the long run?  Some are trusted giants.  Others?  You might never even have heard of them before buying their widget off the Internet.  Have you considered, what they are doing, apart from their magic?  What do they sense, collect, transmit, when and to whom?  Who else is listening?  And seriously, what happens when the house is sold with all this stuff attached to the walls, appliances, doors, and fixtures?

It would be easy to brush off these concerns.  Does it matter?  Who would care?  Most of us haven’t had real secrets since high school. 

Well, let’s reconsider, let’s just look at two aspects.  If my neighbor’s kid started impersonating my thermostat in the middle of New England winter while I was away, telling me that the house was warm, when in fact my pipes were freezing, I would care.  It would be more than digital equivalent of toilette paper hanging from my trees, it could cause serious damage.  If someone snooped in on my blood content monitor or treadmill data, and sold it to the highest bidder, think of insurance companies or employers, that wouldn’t only be a privacy issue, but a potentially devastating financial or professional one.

From the IoT Application Service Provider’s Perspective

Let’s look at data snooping again, but this time from the macroeconomic perspective. For example, big data analytics corporation X might listen in on millions of household transmissions and create a lucrative advertising campaign, preempting the application provider who may feel cheated out of the value of the data it owns.

Another perspective is life-cycle management.  A device has to be securely manufactured with identity and security.  When connected and provisioned to a network, it needs to be authenticated to its application server and provisioned to its service profile.  During its operational life, it has to be checked for operational integrity, account for its activity, its identity may have to be changed or revoked.  And at the end of its life, it must be wiped clean and decommissioned.  Life-cycle management sounds mundane compared to designing and running applications, but without life-cycle management there is no application.

End-to-End vs. End-to-Middle:  The Trust Question

IoT is about data.  Regardless how trivial it sounds, it is important.  It is important who sends it and to whom.  It is important that the data can be attributed and cannot be tampered with, replayed, or eavesdropped on.  Very important. 

To whom do we trust this data?  The simple answer might be the device owner and the provider of the application, and no one else.  This is the well rehearsed end-to-end argument.  But not a very nuanced one in this case.  “Everything should be made as simple as possible, but not simpler.”  And it might be too simple to leave a rather complex security and secure life-cycle problem to the application developers.

The alternate answer is a trusted middle broker, to whom the endpoints entrust the creation and management of the security infrastructure.  We entrust our mobile service providers with managing our cellphones, securing our connections, providing dependable voice and data services.  They have done it for decades for a billion devices.  This basic trust model can be extended to IoT, and then augmented with the mobile service provider’s identity, policy, and accounting framework.  As a result, operators may provide secure life-cycle management of the IoT infrastructure; shielding enterprises and IoT application developers from management complexity and perils of the IoT world.

IoT will become ubiquitous through the convenience and magic it offers.  But it will only reach its real potential if the trust question is solved.  A service provider offered security broker model could be the ticket.

[In the next installment, I will dive into details of the trust model, identity, and key management.]