Dear IDoT DG member,
I’d like to start a new activity within our group. Here is my suggestion:
Inspired by the document “Security Guidance for Early Adopters of the Internet of Things (IoT)” of CSA (Cloud Security Alliance) I’d like to see a similar document for “Identity Management in IoT”, maybe not that detailed but in the same style.
How to proceed:
We all are from different companies with experiences from different industry sectors. All you have to do is to post your piece of recommendation or topic to the list or directly to our website.
I gave an example by describing “Identifier vs. Addresses” (very often people asked me …when we give every device in the world an IPv6 address all our problems are solved, right?....so I had to explain that just to have addresses is not enough)
See below this mail or under this link:
So, I’d like to encourage you to send few sentences about what you have experienced. Step by step we compile a whole document, a kind of “How to”, “best practice”….somethings that is helpful and is interesting to read.
Background:
We started this group by looking for white spots in terms of identity. Here we have a paper and slide set givinga first overview.
Then we had a look at discovery. But since we are a group with many different members this topic was not of interest for a significant number of members.
On the other hand I’m not sure if it needs the 102nd architecture for IoT to develop. This is in many cases a theoretical work. I’d like to see a nice paper that is not that big, explaining the basics of identity in the IoT. Developer or other interested parties should take advantage of the paper and it should be kind of fun to read it.
Hope you join me in this activity.
Possible other topics could be:
- Keep data processing local (privacy, roundtrip times)
- Real time conditions (if needed) (authorization, authentication have to be fast)
- Devices and relationships
- Identities of different protocols
- Smart authentication
- Keep track of former transactions (block chain)
- Proof of knowledge
- …….etc
My example:
There is a fundamental difference between addresses and identifier of devices. Addresses determine the communication endpoint within a certain system. For example in the Internet Protocol an IP address is needed to establish a socket, a connection between devices. Identifiers can be understood as a dedicated, publicly known attribute or name for an identity, a person or a device. Typically, identifiers are valid within a specific domain.
In the classic Web we have a Domain Name Service (DNS) mapping human readable Uniform Resource Identifier (URI) to IP-addresses. A browser for example resolves a website URI www.telekom.com first. The actual connection between the browser and the Web server is then established by using the returned IP-address.
There are several advantages in separating addresses and identifier. An IoT system or any kind of communication software could use addresses directly in theory but software updates become necessary if network interfaces or sensors break and need to be replaced.
A mapping between identifier and addresses allows also a layer of indirection. This enables configurations like many identifiers pointing to one address. The address is only resolved when a certain condition is fulfilled.
Kind regards
Ingo Friese
Deutsche Telekom AG
T-Labs (Research & Innovation)
Dipl.-Ing. Ingo Friese
Winterfeldtstr. 21, 10781 Berlin
+4930835358148 (Phone)
+49391580216849 (Fax)
E-Mail: ingo.friese@telekom.de
Life is for sharing.
You can find the obligatory information on www.telekom.com/compulsory-statement
Big changes start small – conserve resources by not printing every e-mail.