Hi Jeff, Excellent. I just would formulate it slightly different. Not with so much question marks. Let’s say something: A “thing” might be composed of various smaller “things”. So plan your systems accordingly regarding addresses and identifier. What do you think? From: j stollman [mailto:stollman.j@gmail.com] Sent: Freitag, 12. Juni 2015 14:50 To: Friese, Ingo Cc: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] Start a new activity within IDoT DG Ingo, I think that this is a good idea to get some key points documented as you have done in your discussion of identifiers versus addresses. Here is another contribution: At what level do we define an IoT device for purposes of identity? A simple webcam designed to feed video over the internet is clearly an IoT device. Essentially is it a sensor without intelligence and does not respond to commands. But if that webcam is part of a smartphone, does it remain a single device? As a component of a smartphone, it is accompanied by a variety of other sensors (e.g., camera, microphone, touch screen) as well as a processor (the phone's CPU), and and several actuators (e.g., speaker, video monitor, radio signal transmitter). Because each of these components can be accessed simultaneously to provide disparate services, does the phone constitute a single device? For purposes of address-ability, it likely has only a single IP address. But from the perspective of its functionality, each separate capability can be accessed and used separately. I could leave a smartphone at home and access it remotely as a webcam to watch a baby in a crib, as a microphone to listen to the sounds in my house, as a speaker to give a direction to my babysitter. I apologize in advance for missing today's call. Jeff --------------------------------- Jeff Stollman stollman.j@gmail.com<mailto:stollman.j@gmail.com> 1 202.683.8699 Truth never triumphs — its opponents just die out. Science advances one funeral at a time. Max Planck On Fri, Jun 12, 2015 at 5:00 AM, <Ingo.Friese@telekom.de<mailto:Ingo.Friese@telekom.de>> wrote: Dear IDoT DG member, I’d like to start a new activity within our group. Here is my suggestion: Inspired by the document “Security Guidance for Early Adopters of the Internet of Things (IoT)” of CSA (Cloud Security Alliance) I’d like to see a similar document for “Identity Management in IoT”, maybe not that detailed but in the same style. How to proceed: We all are from different companies with experiences from different industry sectors. All you have to do is to post your piece of recommendation or topic to the list or directly to our website. I gave an example by describing “Identifier vs. Addresses” (very often people asked me …when we give every device in the world an IPv6 address all our problems are solved, right?....so I had to explain that just to have addresses is not enough) See below this mail or under this link: http://kantarainitiative.org/confluence/display/IDoT/Concepts+of+Identity+wi... So, I’d like to encourage you to send few sentences about what you have experienced. Step by step we compile a whole document, a kind of “How to”, “best practice”….somethings that is helpful and is interesting to read. Background: We started this group by looking for white spots in terms of identity. Here we have a paper and slide set givinga first overview. Then we had a look at discovery. But since we are a group with many different members this topic was not of interest for a significant number of members. On the other hand I’m not sure if it needs the 102nd architecture for IoT to develop. This is in many cases a theoretical work. I’d like to see a nice paper that is not that big, explaining the basics of identity in the IoT. Developer or other interested parties should take advantage of the paper and it should be kind of fun to read it. Hope you join me in this activity. Possible other topics could be: - Keep data processing local (privacy, roundtrip times) - Real time conditions (if needed) (authorization, authentication have to be fast) - Devices and relationships - Identities of different protocols - Smart authentication - Keep track of former transactions (block chain) - Proof of knowledge - …….etc My example: ################################## Addresses are not Identifier There is a fundamental difference between addresses and identifier of devices. Addresses determine the communication endpoint within a certain system. For example in the Internet Protocol an IP address is needed to establish a socket, a connection between devices. Identifiers can be understood as a dedicated, publicly known attribute or name for an identity, a person or a device. Typically, identifiers are valid within a specific domain. In the classic Web we have a Domain Name Service (DNS) mapping human readable Uniform Resource Identifier (URI) to IP-addresses. A browser for example resolves a website URI www.telekom.com<http://www.telekom.com> first. The actual connection between the browser and the Web server is then established by using the returned IP-address. There are several advantages in separating addresses and identifier. An IoT system or any kind of communication software could use addresses directly in theory but software updates become necessary if network interfaces or sensors break and need to be replaced. A mapping between identifier and addresses allows also a layer of indirection. This enables configurations like many identifiers pointing to one address. The address is only resolved when a certain condition is fulfilled. #################################################### Kind regards Ingo Friese Deutsche Telekom AG T-Labs (Research & Innovation) Dipl.-Ing. Ingo Friese Winterfeldtstr. 21, 10781 Berlin +4930835358148<tel:%2B4930835358148> (Phone) +49391580216849<tel:%2B49391580216849> (Fax) E-Mail: ingo.friese@telekom.de<mailto:ingo.friese@telekom.de> www.telekom.com<http://www.telekom.com/> Life is for sharing. You can find the obligatory information on www.telekom.com/compulsory-statement<http://www.telekom.com/compulsory-statement> Big changes start small – conserve resources by not printing every e-mail. _______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org<mailto:DG-IDoT@kantarainitiative.org> http://kantarainitiative.org/mailman/listinfo/dg-idot

Ok great…thats how we do it. I’m going to copy your part to our web site From: j stollman [mailto:stollman.j@gmail.com] Sent: Mittwoch, 17. Juni 2015 14:42 To: Friese, Ingo Cc: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] Start a new activity within IDoT DG Ingo, I agree that the final product should be a statement, not a series of questions. But, at this early stage, I thought it better to pose the questions in order to take the pulse of the group on the answers to the questions. I have my own opinions, but I did not want to be so arrogant as to impose them on the group. My suggestion is that we discuss each contribution and refine it as a group activity. Jeff --------------------------------- Jeff Stollman stollman.j@gmail.com<mailto:stollman.j@gmail.com> 1 202.683.8699 Truth never triumphs — its opponents just die out. Science advances one funeral at a time. Max Planck On Wed, Jun 17, 2015 at 8:23 AM, <Ingo.Friese@telekom.de<mailto:Ingo.Friese@telekom.de>> wrote: Hi Jeff, Excellent. I just would formulate it slightly different. Not with so much question marks. Let’s say something: A “thing” might be composed of various smaller “things”. So plan your systems accordingly regarding addresses and identifier. What do you think? From: j stollman [mailto:stollman.j@gmail.com<mailto:stollman.j@gmail.com>] Sent: Freitag, 12. Juni 2015 14:50 To: Friese, Ingo Cc: dg-idot@kantarainitiative.org<mailto:dg-idot@kantarainitiative.org> Subject: Re: [DG-IDoT] Start a new activity within IDoT DG Ingo, I think that this is a good idea to get some key points documented as you have done in your discussion of identifiers versus addresses. Here is another contribution: At what level do we define an IoT device for purposes of identity? A simple webcam designed to feed video over the internet is clearly an IoT device. Essentially is it a sensor without intelligence and does not respond to commands. But if that webcam is part of a smartphone, does it remain a single device? As a component of a smartphone, it is accompanied by a variety of other sensors (e.g., camera, microphone, touch screen) as well as a processor (the phone's CPU), and and several actuators (e.g., speaker, video monitor, radio signal transmitter). Because each of these components can be accessed simultaneously to provide disparate services, does the phone constitute a single device? For purposes of address-ability, it likely has only a single IP address. But from the perspective of its functionality, each separate capability can be accessed and used separately. I could leave a smartphone at home and access it remotely as a webcam to watch a baby in a crib, as a microphone to listen to the sounds in my house, as a speaker to give a direction to my babysitter. I apologize in advance for missing today's call. Jeff --------------------------------- Jeff Stollman stollman.j@gmail.com<mailto:stollman.j@gmail.com> 1 202.683.8699<tel:1%20202.683.8699> Truth never triumphs — its opponents just die out. Science advances one funeral at a time. Max Planck On Fri, Jun 12, 2015 at 5:00 AM, <Ingo.Friese@telekom.de<mailto:Ingo.Friese@telekom.de>> wrote: Dear IDoT DG member, I’d like to start a new activity within our group. Here is my suggestion: Inspired by the document “Security Guidance for Early Adopters of the Internet of Things (IoT)” of CSA (Cloud Security Alliance) I’d like to see a similar document for “Identity Management in IoT”, maybe not that detailed but in the same style. How to proceed: We all are from different companies with experiences from different industry sectors. All you have to do is to post your piece of recommendation or topic to the list or directly to our website. I gave an example by describing “Identifier vs. Addresses” (very often people asked me …when we give every device in the world an IPv6 address all our problems are solved, right?....so I had to explain that just to have addresses is not enough) See below this mail or under this link: http://kantarainitiative.org/confluence/display/IDoT/Concepts+of+Identity+wi... So, I’d like to encourage you to send few sentences about what you have experienced. Step by step we compile a whole document, a kind of “How to”, “best practice”….somethings that is helpful and is interesting to read. Background: We started this group by looking for white spots in terms of identity. Here we have a paper and slide set givinga first overview. Then we had a look at discovery. But since we are a group with many different members this topic was not of interest for a significant number of members. On the other hand I’m not sure if it needs the 102nd architecture for IoT to develop. This is in many cases a theoretical work. I’d like to see a nice paper that is not that big, explaining the basics of identity in the IoT. Developer or other interested parties should take advantage of the paper and it should be kind of fun to read it. Hope you join me in this activity. Possible other topics could be: - Keep data processing local (privacy, roundtrip times) - Real time conditions (if needed) (authorization, authentication have to be fast) - Devices and relationships - Identities of different protocols - Smart authentication - Keep track of former transactions (block chain) - Proof of knowledge - …….etc My example: ################################## Addresses are not Identifier There is a fundamental difference between addresses and identifier of devices. Addresses determine the communication endpoint within a certain system. For example in the Internet Protocol an IP address is needed to establish a socket, a connection between devices. Identifiers can be understood as a dedicated, publicly known attribute or name for an identity, a person or a device. Typically, identifiers are valid within a specific domain. In the classic Web we have a Domain Name Service (DNS) mapping human readable Uniform Resource Identifier (URI) to IP-addresses. A browser for example resolves a website URI www.telekom.com<http://www.telekom.com> first. The actual connection between the browser and the Web server is then established by using the returned IP-address. There are several advantages in separating addresses and identifier. An IoT system or any kind of communication software could use addresses directly in theory but software updates become necessary if network interfaces or sensors break and need to be replaced. A mapping between identifier and addresses allows also a layer of indirection. This enables configurations like many identifiers pointing to one address. The address is only resolved when a certain condition is fulfilled. #################################################### Kind regards Ingo Friese Deutsche Telekom AG T-Labs (Research & Innovation) Dipl.-Ing. Ingo Friese Winterfeldtstr. 21, 10781 Berlin +4930835358148<tel:%2B4930835358148> (Phone) +49391580216849<tel:%2B49391580216849> (Fax) E-Mail: ingo.friese@telekom.de<mailto:ingo.friese@telekom.de> www.telekom.com<http://www.telekom.com/> Life is for sharing. You can find the obligatory information on www.telekom.com/compulsory-statement<http://www.telekom.com/compulsory-statement> Big changes start small – conserve resources by not printing every e-mail. _______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org<mailto:DG-IDoT@kantarainitiative.org> http://kantarainitiative.org/mailman/listinfo/dg-idot

This is an excellent new work Ingo. I can imagine Kantara can plan some conferences or perhaps one key conference on this topic alone. When you are ready we can send a call for participation (for use cases Ranjan mentioned etc) We can make some good progress here and I'm looking forward to next steps! On Wednesday, June 17, 2015, Ranjan Jain (ranjain) <ranjain@cisco.com> wrote:

Hi Ingo, Great start. I’ve just joined this group from Cisco and would try to keep up with the pace.

The key challenge I’ve been seeing in the last few months around Identity and IoT is that I get asked this several times around “are we ready for IoT” and my answer to my management has been “tell me the use case and I can tell if we are ready or not”. So, ID mgmt in IoT to me needs to be looked from two perspectives. One from consumer world and other from enterprise. Both of these use cases are going to be “mostly” different with some common paths/devices where we’ll have to come up with a hybrid situation. I know there has been a lot discussed in general around the consumer side of IoT but I’m not sure if the enterprise side has been discussed (or may be I have missed it). And if it is not, then we should have a callout.

Thanks Ranjan

From: "Ingo.Friese@telekom.de <javascript:_e(%7B%7D,'cvml','Ingo.Friese@telekom.de');>" < Ingo.Friese@telekom.de <javascript:_e(%7B%7D,'cvml','Ingo.Friese@telekom.de');>> Date: Wednesday, June 17, 2015 at 6:00 AM To: "stollman.j@gmail.com <javascript:_e(%7B%7D,'cvml','stollman.j@gmail.com');>" < stollman.j@gmail.com <javascript:_e(%7B%7D,'cvml','stollman.j@gmail.com');>> Cc: "dg-idot@kantarainitiative.org <javascript:_e(%7B%7D,'cvml','dg-idot@kantarainitiative.org');>" < dg-idot@kantarainitiative.org <javascript:_e(%7B%7D,'cvml','dg-idot@kantarainitiative.org');>> Subject: Re: [DG-IDoT] Start a new activity within IDoT DG

Ok great…thats how we do it. I’m going to copy your part to our web site

*From:* j stollman [mailto:stollman.j@gmail.com <javascript:_e(%7B%7D,'cvml','stollman.j@gmail.com');>] *Sent:* Mittwoch, 17. Juni 2015 14:42 *To:* Friese, Ingo *Cc:* dg-idot@kantarainitiative.org <javascript:_e(%7B%7D,'cvml','dg-idot@kantarainitiative.org');> *Subject:* Re: [DG-IDoT] Start a new activity within IDoT DG

Ingo,

I agree that the final product should be a statement, not a series of questions. But, at this early stage, I thought it better to pose the questions in order to take the pulse of the group on the answers to the questions. I have my own opinions, but I did not want to be so arrogant as to impose them on the group.

My suggestion is that we discuss each contribution and refine it as a group activity.

Jeff

---------------------------------

Jeff Stollman stollman.j@gmail.com <javascript:_e(%7B%7D,'cvml','stollman.j@gmail.com');> 1 202.683.8699

Truth never triumphs — its opponents just die out.

Science advances one funeral at a time.

Max Planck

On Wed, Jun 17, 2015 at 8:23 AM, <Ingo.Friese@telekom.de <javascript:_e(%7B%7D,'cvml','Ingo.Friese@telekom.de');>> wrote:

Hi Jeff,

Excellent. I just would formulate it slightly different. Not with so much question marks. Let’s say something:

A “thing” might be composed of various smaller “things”. So plan your systems accordingly regarding addresses and identifier.

What do you think?

*From:* j stollman [mailto:stollman.j@gmail.com <javascript:_e(%7B%7D,'cvml','stollman.j@gmail.com');>] *Sent:* Freitag, 12. Juni 2015 14:50 *To:* Friese, Ingo *Cc:* dg-idot@kantarainitiative.org <javascript:_e(%7B%7D,'cvml','dg-idot@kantarainitiative.org');> *Subject:* Re: [DG-IDoT] Start a new activity within IDoT DG

Ingo,

I think that this is a good idea to get some key points documented as you have done in your discussion of identifiers versus addresses.

Here is another contribution:

*At what level do we define an IoT device for purposes of identity?*

A simple webcam designed to feed video over the internet is clearly an IoT device. Essentially is it a sensor without intelligence and does not respond to commands.

But if that webcam is part of a smartphone, does it remain a single device? As a component of a smartphone, it is accompanied by a variety of other sensors (e.g., camera, microphone, touch screen) as well as a processor (the phone's CPU), and and several actuators (e.g., speaker, video monitor, radio signal transmitter). Because each of these components can be accessed simultaneously to provide disparate services, does the phone constitute a single device?

For purposes of address-ability, it likely has only a single IP address. But from the perspective of its functionality, each separate capability can be accessed and used separately. I could leave a smartphone at home and access it remotely as a webcam to watch a baby in a crib, as a microphone to listen to the sounds in my house, as a speaker to give a direction to my babysitter.

I apologize in advance for missing today's call.

Jeff

---------------------------------

Jeff Stollman stollman.j@gmail.com <javascript:_e(%7B%7D,'cvml','stollman.j@gmail.com');> 1 202.683.8699

Truth never triumphs — its opponents just die out.

Science advances one funeral at a time.

Max Planck

On Fri, Jun 12, 2015 at 5:00 AM, <Ingo.Friese@telekom.de <javascript:_e(%7B%7D,'cvml','Ingo.Friese@telekom.de');>> wrote:

Dear IDoT DG member,

I’d like to start a new activity within our group. Here is my suggestion:

Inspired by the document “Security Guidance for Early Adopters of the Internet of Things (IoT)” of CSA (Cloud Security Alliance) I’d like to see a similar document for “Identity Management in IoT”, maybe not that detailed but in the same style.

How to proceed:

We all are from different companies with experiences from different industry sectors. All you have to do is to post your piece of recommendation or topic to the list or directly to our website.

I gave an example by describing “Identifier vs. Addresses” (very often people asked me …when we give every device in the world an IPv6 address all our problems are solved, right?....so I had to explain that just to have addresses is not enough)

See below this mail or under this link:

http://kantarainitiative.org/confluence/display/IDoT/Concepts+of+Identity+wi...

So, I’d like to encourage you to send few sentences about what you have experienced. Step by step we compile a whole document, a kind of “How to”, “best practice”….somethings that is helpful and is interesting to read.

Background:

We started this group by looking for white spots in terms of identity. Here we have a paper and slide set givinga first overview. Then we had a look at discovery. But since we are a group with many different members this topic was not of interest for a significant number of members.

On the other hand I’m not sure if it needs the 102nd architecture for IoT to develop. This is in many cases a theoretical work. I’d like to see a nice paper that is not that big, explaining the basics of identity in the IoT. Developer or other interested parties should take advantage of the paper and it should be kind of fun to read it.

Hope you join me in this activity.

Possible other topics could be:

- Keep data processing local (privacy, roundtrip times)

- Real time conditions (if needed) (authorization, authentication have to be fast)

- Devices and relationships

- Identities of different protocols

- Smart authentication

- Keep track of former transactions (block chain)

- Proof of knowledge

- …….etc

My example:

*##################################*Addresses are not Identifier

There is a fundamental difference between addresses and identifier of devices. Addresses determine the communication endpoint within a certain system. For example in the Internet Protocol an IP address is needed to establish a socket, a connection between devices. Identifiers can be understood as a dedicated, publicly known attribute or name for an identity, a person or a device. Typically, identifiers are valid within a specific domain.

In the classic Web we have a Domain Name Service (DNS) mapping human readable Uniform Resource Identifier (URI) to IP-addresses. A browser for example resolves a website URI www.telekom.com first. The actual connection between the browser and the Web server is then established by using the returned IP-address.

There are several advantages in separating addresses and identifier. An IoT system or any kind of communication software could use addresses directly in theory but software updates become necessary if network interfaces or sensors break and need to be replaced.

A mapping between identifier and addresses allows also a layer of indirection. This enables configurations like many identifiers pointing to one address. The address is only resolved when a certain condition is fulfilled. ####################################################

Kind regards Ingo Friese

*Deutsche Telekom AG*

T-Labs (Research & Innovation) Dipl.-Ing. Ingo Friese Winterfeldtstr. 21, 10781 Berlin +4930835358148 (Phone)

+49391580216849 (Fax)

E-Mail: ingo.friese@telekom.de <javascript:_e(%7B%7D,'cvml','ingo.friese@telekom.de');>

www.telekom.com

*Life is for sharing.*

You can find the obligatory information on *www.telekom.com/compulsory-statement <http://www.telekom.com/compulsory-statement>*

*Big changes start small – conserve resources by not printing every e-mail.*

_______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org <javascript:_e(%7B%7D,'cvml','DG-IDoT@kantarainitiative.org');> http://kantarainitiative.org/mailman/listinfo/dg-idot

-- Best Regards, Joni Brennan Kantara Initiative | Executive Director email: joni @ kantarainitiative.org Connecting Identity for a more trustworthy Internet - Overview <http://www.slideshare.net/kantarainitiative/kantara-overview2014-37969351>

Jeff, Ingo, In reading this thread I noticed how compares to the conversations taking place in the IRM group, in our case we are looking at things up a level, i.e. at the relationship level and that identity management solutions need to not only consider the identity of things but their relationships to other things with identities in context. I think the identity of the thing (and its attributes) is of interest and how they differ in the thing vs. person case, but maybe more of interest are the identities (plural) and their relationships (and the relationship attributes, which can carry/maintain thing attributes) and how to treat the “complex” identity presents the challenge as indicated by the third dash when you have IoT in use. Our IRM work is geared toward developing principles that can be applied by designers and developers. We are working through these now in the group. I think this is very collaborative and hopefully informative to the effort in this DG. Sincerely, Sal PS, the link to the principles that we are “putting through the ringer” is here http://kantarainitiative.org/confluence/download/attachments/47579353/Kantar... <http://kantarainitiative.org/confluence/download/attachments/47579353/Kantara%20IRM%20Design%20Principles%20of%20Relationship%20Final%20Report%20v1.pdf?version=2&modificationDate=1430236178000&api=v2> &modificationDate=1430236178000&api=v2 From: dg-idot-bounces@kantarainitiative.org [mailto:dg-idot-bounces@kantarainitiative.org] On Behalf Of j stollman Sent: Wednesday, June 17, 2015 8:42 AM To: Ingo.Friese@telekom.de Cc: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] Start a new activity within IDoT DG Ingo, I agree that the final product should be a statement, not a series of questions. But, at this early stage, I thought it better to pose the questions in order to take the pulse of the group on the answers to the questions. I have my own opinions, but I did not want to be so arrogant as to impose them on the group. My suggestion is that we discuss each contribution and refine it as a group activity. Jeff --------------------------------- Jeff Stollman stollman.j@gmail.com 1 202.683.8699 Truth never triumphs — its opponents just die out. Science advances one funeral at a time. Max Planck On Wed, Jun 17, 2015 at 8:23 AM, <Ingo.Friese@telekom.de> wrote: Hi Jeff, Excellent. I just would formulate it slightly different. Not with so much question marks. Let’s say something: A “thing” might be composed of various smaller “things”. So plan your systems accordingly regarding addresses and identifier. What do you think? From: j stollman [mailto:stollman.j@gmail.com] Sent: Freitag, 12. Juni 2015 14:50 To: Friese, Ingo Cc: dg-idot@kantarainitiative.org Subject: Re: [DG-IDoT] Start a new activity within IDoT DG Ingo, I think that this is a good idea to get some key points documented as you have done in your discussion of identifiers versus addresses. Here is another contribution: At what level do we define an IoT device for purposes of identity? A simple webcam designed to feed video over the internet is clearly an IoT device. Essentially is it a sensor without intelligence and does not respond to commands. But if that webcam is part of a smartphone, does it remain a single device? As a component of a smartphone, it is accompanied by a variety of other sensors (e.g., camera, microphone, touch screen) as well as a processor (the phone's CPU), and and several actuators (e.g., speaker, video monitor, radio signal transmitter). Because each of these components can be accessed simultaneously to provide disparate services, does the phone constitute a single device? For purposes of address-ability, it likely has only a single IP address. But from the perspective of its functionality, each separate capability can be accessed and used separately. I could leave a smartphone at home and access it remotely as a webcam to watch a baby in a crib, as a microphone to listen to the sounds in my house, as a speaker to give a direction to my babysitter. I apologize in advance for missing today's call. Jeff --------------------------------- Jeff Stollman stollman.j@gmail.com 1 202.683.8699 <tel:1%20202.683.8699> Truth never triumphs — its opponents just die out. Science advances one funeral at a time. Max Planck On Fri, Jun 12, 2015 at 5:00 AM, <Ingo.Friese@telekom.de> wrote: Dear IDoT DG member, I’d like to start a new activity within our group. Here is my suggestion: Inspired by the document “Security Guidance for Early Adopters of the Internet of Things (IoT)” of CSA (Cloud Security Alliance) I’d like to see a similar document for “Identity Management in IoT”, maybe not that detailed but in the same style. How to proceed: We all are from different companies with experiences from different industry sectors. All you have to do is to post your piece of recommendation or topic to the list or directly to our website. I gave an example by describing “Identifier vs. Addresses” (very often people asked me …when we give every device in the world an IPv6 address all our problems are solved, right?....so I had to explain that just to have addresses is not enough) See below this mail or under this link: http://kantarainitiative.org/confluence/display/IDoT/Concepts+of+Identity+wi... So, I’d like to encourage you to send few sentences about what you have experienced. Step by step we compile a whole document, a kind of “How to”, “best practice”….somethings that is helpful and is interesting to read. Background: We started this group by looking for white spots in terms of identity. Here we have a paper and slide set givinga first overview. Then we had a look at discovery. But since we are a group with many different members this topic was not of interest for a significant number of members. On the other hand I’m not sure if it needs the 102nd architecture for IoT to develop. This is in many cases a theoretical work. I’d like to see a nice paper that is not that big, explaining the basics of identity in the IoT. Developer or other interested parties should take advantage of the paper and it should be kind of fun to read it. Hope you join me in this activity. Possible other topics could be: - Keep data processing local (privacy, roundtrip times) - Real time conditions (if needed) (authorization, authentication have to be fast) - Devices and relationships - Identities of different protocols - Smart authentication - Keep track of former transactions (block chain) - Proof of knowledge - …….etc My example: ################################## Addresses are not Identifier There is a fundamental difference between addresses and identifier of devices. Addresses determine the communication endpoint within a certain system. For example in the Internet Protocol an IP address is needed to establish a socket, a connection between devices. Identifiers can be understood as a dedicated, publicly known attribute or name for an identity, a person or a device. Typically, identifiers are valid within a specific domain. In the classic Web we have a Domain Name Service (DNS) mapping human readable Uniform Resource Identifier (URI) to IP-addresses. A browser for example resolves a website URI www.telekom.com first. The actual connection between the browser and the Web server is then established by using the returned IP-address. There are several advantages in separating addresses and identifier. An IoT system or any kind of communication software could use addresses directly in theory but software updates become necessary if network interfaces or sensors break and need to be replaced. A mapping between identifier and addresses allows also a layer of indirection. This enables configurations like many identifiers pointing to one address. The address is only resolved when a certain condition is fulfilled. #################################################### Kind regards Ingo Friese Deutsche Telekom AG T-Labs (Research & Innovation) Dipl.-Ing. Ingo Friese Winterfeldtstr. 21, 10781 Berlin +4930835358148 <tel:%2B4930835358148> (Phone) +49391580216849 <tel:%2B49391580216849> (Fax) E-Mail: ingo.friese@telekom.de <http://www.telekom.com/> www.telekom.com Life is for sharing. You can find the obligatory information on <http://www.telekom.com/compulsory-statement> www.telekom.com/compulsory-statement Big changes start small – conserve resources by not printing every e-mail. _______________________________________________ DG-IDoT mailing list DG-IDoT@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/dg-idot