Hi Ranjan,
Welcome to the group. Yes you are right. There is a so broad range of possible use-cases from so different areas, with very different requirements.
So general answers are hard to give. You need to have a look to the concrete use-cases. In our group we haven’t distinguished between industry and consumer use cases so far.
Best,
Ingo
From: Ranjan Jain (ranjain) [mailto:ranjain@cisco.com]
Sent: Mittwoch, 17. Juni 2015 20:45
To: Friese, Ingo; stollman.j@gmail.com
Cc: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] Start a new activity within IDoT DG
Hi Ingo,
Great start. I’ve just joined this group from Cisco and would try to keep up with the pace.
The key challenge I’ve been seeing in the last few months around Identity and IoT is that I get asked this several times around “are we ready for IoT” and my answer to my management has been “tell me the use case and I can tell if we are ready or not”.
So, ID mgmt in IoT to me needs to be looked from two perspectives. One from consumer world and other from enterprise. Both of these use cases are going to be “mostly” different with some common paths/devices where we’ll have to come up with a hybrid situation. I know there has been a lot discussed in general around the consumer side of IoT but I’m not sure if the enterprise side has been discussed (or may be I have missed it). And if it is not, then we should have a callout.
Thanks
Ranjan
From: "Ingo.Friese@telekom.de" <Ingo.Friese@telekom.de>
Date: Wednesday, June 17, 2015 at 6:00 AM
To: "stollman.j@gmail.com" <stollman.j@gmail.com>
Cc: "dg-idot@kantarainitiative.org" <dg-idot@kantarainitiative.org>
Subject: Re: [DG-IDoT] Start a new activity within IDoT DG
Ok great…thats how we do it. I’m going to copy your part to our web site
From: j stollman [mailto:stollman.j@gmail.com]
Sent: Mittwoch, 17. Juni 2015 14:42
To: Friese, Ingo
Cc: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] Start a new activity within IDoT DG
Ingo,
I agree that the final product should be a statement, not a series of questions. But, at this early stage, I thought it better to pose the questions in order to take the pulse of the group on the answers to the questions. I have my own opinions, but I did not want to be so arrogant as to impose them on the group.
My suggestion is that we discuss each contribution and refine it as a group activity.
Jeff
---------------------------------
Jeff Stollman
stollman.j@gmail.com
1 202.683.8699
Truth never triumphs — its opponents just die out.
Science advances one funeral at a time.
Max Planck
On Wed, Jun 17, 2015 at 8:23 AM, <Ingo.Friese@telekom.de> wrote:
Hi Jeff,
Excellent. I just would formulate it slightly different. Not with so much question marks. Let’s say something:
A “thing” might be composed of various smaller “things”. So plan your systems accordingly regarding addresses and identifier.
What do you think?
From: j stollman [mailto:stollman.j@gmail.com]
Sent: Freitag, 12. Juni 2015 14:50
To: Friese, Ingo
Cc: dg-idot@kantarainitiative.org
Subject: Re: [DG-IDoT] Start a new activity within IDoT DG
Ingo,
I think that this is a good idea to get some key points documented as you have done in your discussion of identifiers versus addresses.
Here is another contribution:
At what level do we define an IoT device for purposes of identity?
A simple webcam designed to feed video over the internet is clearly an IoT device. Essentially is it a sensor without intelligence and does not respond to commands.
But if that webcam is part of a smartphone, does it remain a single device? As a component of a smartphone, it is accompanied by a variety of other sensors (e.g., camera, microphone, touch screen) as well as a processor (the phone's CPU), and and several actuators (e.g., speaker, video monitor, radio signal transmitter). Because each of these components can be accessed simultaneously to provide disparate services, does the phone constitute a single device?
For purposes of address-ability, it likely has only a single IP address. But from the perspective of its functionality, each separate capability can be accessed and used separately. I could leave a smartphone at home and access it remotely as a webcam to watch a baby in a crib, as a microphone to listen to the sounds in my house, as a speaker to give a direction to my babysitter.
I apologize in advance for missing today's call.
Jeff
---------------------------------
Jeff Stollman
stollman.j@gmail.com
1 202.683.8699
Truth never triumphs — its opponents just die out.
Science advances one funeral at a time.
Max Planck
On Fri, Jun 12, 2015 at 5:00 AM, <Ingo.Friese@telekom.de> wrote:
Dear IDoT DG member,
I’d like to start a new activity within our group. Here is my suggestion:
Inspired by the document “Security Guidance for Early Adopters of the Internet of Things (IoT)” of CSA (Cloud Security Alliance) I’d like to see a similar document for “Identity Management in IoT”, maybe not that detailed but in the same style.
How to proceed:
We all are from different companies with experiences from different industry sectors. All you have to do is to post your piece of recommendation or topic to the list or directly to our website.
I gave an example by describing “Identifier vs. Addresses” (very often people asked me …when we give every device in the world an IPv6 address all our problems are solved, right?....so I had to explain that just to have addresses is not enough)
See below this mail or under this link:
So, I’d like to encourage you to send few sentences about what you have experienced. Step by step we compile a whole document, a kind of “How to”, “best practice”….somethings that is helpful and is interesting to read.
Background:
We started this group by looking for white spots in terms of identity. Here we have a paper and slide set givinga first overview.
Then we had a look at discovery. But since we are a group with many different members this topic was not of interest for a significant number of members.On the other hand I’m not sure if it needs the 102nd architecture for IoT to develop. This is in many cases a theoretical work. I’d like to see a nice paper that is not that big, explaining the basics of identity in the IoT. Developer or other interested parties should take advantage of the paper and it should be kind of fun to read it.
Hope you join me in this activity.
Possible other topics could be:
- Keep data processing local (privacy, roundtrip times)
- Real time conditions (if needed) (authorization, authentication have to be fast)
- Devices and relationships
- Identities of different protocols
- Smart authentication
- Keep track of former transactions (block chain)
- Proof of knowledge
- …….etc
My example:
##################################
Addresses are not Identifier
There is a fundamental difference between addresses and identifier of devices. Addresses determine the communication endpoint within a certain system. For example in the Internet Protocol an IP address is needed to establish a socket, a connection between devices. Identifiers can be understood as a dedicated, publicly known attribute or name for an identity, a person or a device. Typically, identifiers are valid within a specific domain.
In the classic Web we have a Domain Name Service (DNS) mapping human readable Uniform Resource Identifier (URI) to IP-addresses. A browser for example resolves a website URI www.telekom.com first. The actual connection between the browser and the Web server is then established by using the returned IP-address.
There are several advantages in separating addresses and identifier. An IoT system or any kind of communication software could use addresses directly in theory but software updates become necessary if network interfaces or sensors break and need to be replaced.
A mapping between identifier and addresses allows also a layer of indirection. This enables configurations like many identifiers pointing to one address. The address is only resolved when a certain condition is fulfilled.
####################################################
Kind regards
Ingo Friese
Deutsche Telekom AG
T-Labs (Research & Innovation)
Dipl.-Ing. Ingo Friese
Winterfeldtstr. 21, 10781 Berlin
+4930835358148 (Phone)+49391580216849 (Fax)
E-Mail: ingo.friese@telekom.de
Life is for sharing.
You can find the obligatory information on www.telekom.com/compulsory-statement
Big changes start small – conserve resources by not printing every e-mail.
_______________________________________________
DG-IDoT mailing list
DG-IDoT@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/dg-idot