Ingo, I think that this is a good idea to get some key points documented as you have done in your discussion of identifiers versus addresses. Here is another contribution: *At what level do we define an IoT device for purposes of identity?* A simple webcam designed to feed video over the internet is clearly an IoT device. Essentially is it a sensor without intelligence and does not respond to commands. But if that webcam is part of a smartphone, does it remain a single device? As a component of a smartphone, it is accompanied by a variety of other sensors (e.g., camera, microphone, touch screen) as well as a processor (the phone's CPU), and and several actuators (e.g., speaker, video monitor, radio signal transmitter). Because each of these components can be accessed simultaneously to provide disparate services, does the phone constitute a single device? For purposes of address-ability, it likely has only a single IP address. But from the perspective of its functionality, each separate capability can be accessed and used separately. I could leave a smartphone at home and access it remotely as a webcam to watch a baby in a crib, as a microphone to listen to the sounds in my house, as a speaker to give a direction to my babysitter. I apologize in advance for missing today's call. Jeff --------------------------------- Jeff Stollman stollman.j@gmail.com 1 202.683.8699 Truth never triumphs — its opponents just die out. Science advances one funeral at a time. Max Planck On Fri, Jun 12, 2015 at 5:00 AM, <Ingo.Friese@telekom.de> wrote:
Dear IDoT DG member,
I’d like to start a new activity within our group. Here is my suggestion:
Inspired by the document “Security Guidance for Early Adopters of the Internet of Things (IoT)” of CSA (Cloud Security Alliance) I’d like to see a similar document for “Identity Management in IoT”, maybe not that detailed but in the same style.
How to proceed:
We all are from different companies with experiences from different industry sectors. All you have to do is to post your piece of recommendation or topic to the list or directly to our website.
I gave an example by describing “Identifier vs. Addresses” (very often people asked me …when we give every device in the world an IPv6 address all our problems are solved, right?....so I had to explain that just to have addresses is not enough)
See below this mail or under this link:
http://kantarainitiative.org/confluence/display/IDoT/Concepts+of+Identity+wi...
So, I’d like to encourage you to send few sentences about what you have experienced. Step by step we compile a whole document, a kind of “How to”, “best practice”….somethings that is helpful and is interesting to read.
Background:
We started this group by looking for white spots in terms of identity. Here we have a paper and slide set givinga first overview. Then we had a look at discovery. But since we are a group with many different members this topic was not of interest for a significant number of members.
On the other hand I’m not sure if it needs the 102nd architecture for IoT to develop. This is in many cases a theoretical work. I’d like to see a nice paper that is not that big, explaining the basics of identity in the IoT. Developer or other interested parties should take advantage of the paper and it should be kind of fun to read it.
Hope you join me in this activity.
Possible other topics could be:
- Keep data processing local (privacy, roundtrip times)
- Real time conditions (if needed) (authorization, authentication have to be fast)
- Devices and relationships
- Identities of different protocols
- Smart authentication
- Keep track of former transactions (block chain)
- Proof of knowledge
- …….etc
My example:
*##################################*Addresses are not Identifier
There is a fundamental difference between addresses and identifier of devices. Addresses determine the communication endpoint within a certain system. For example in the Internet Protocol an IP address is needed to establish a socket, a connection between devices. Identifiers can be understood as a dedicated, publicly known attribute or name for an identity, a person or a device. Typically, identifiers are valid within a specific domain.
In the classic Web we have a Domain Name Service (DNS) mapping human readable Uniform Resource Identifier (URI) to IP-addresses. A browser for example resolves a website URI www.telekom.com first. The actual connection between the browser and the Web server is then established by using the returned IP-address.
There are several advantages in separating addresses and identifier. An IoT system or any kind of communication software could use addresses directly in theory but software updates become necessary if network interfaces or sensors break and need to be replaced.
A mapping between identifier and addresses allows also a layer of indirection. This enables configurations like many identifiers pointing to one address. The address is only resolved when a certain condition is fulfilled. ####################################################
Kind regards Ingo Friese
*Deutsche Telekom AG*
T-Labs (Research & Innovation) Dipl.-Ing. Ingo Friese Winterfeldtstr. 21, 10781 Berlin +4930835358148 (Phone)
+49391580216849 (Fax)
E-Mail: ingo.friese@telekom.de
www.telekom.com
*Life is for sharing.*
You can find the obligatory information on *www.telekom.com/compulsory-statement <http://www.telekom.com/compulsory-statement>*
*Big changes start small – conserve resources by not printing every e-mail.*
_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot