Internet of Things

[David G. Simmons Participant]

An interesting article by my friend Dom …

http://www.iotjournal.com/articles/view?12604

What do you ForgeRockers think?

[Jamie Bowen Moderator]

Speaking as a member of the community and not as a ‘ForgeRocker’ this is my personal opinion.

I think the article your friend has written raises some of the age old concerns that have been with us since the internet was created. I also firmly belive that the internet is all about sharing. Now in some instances there is very good reason to be specific regarding who you share with, i.e. to limit sharing, and that is where I think ForgeRock has a compelling and realistic vision.

The article focuses very much on Consumer IoT where sharing and data collection can be easily made to look sinister or scary in a ‘1984’ kind of a way, but ultimately it is what companies do with the collected data that makes it a force for liberation or a privacy concern. However, if we frame the argument in terms of the industrial IoT then it becomes far less emotive. One can see that understanding the underlying patterns in data generated by a city or an industrial plant can be used to drive efficiency and innovation or to set targets. We can also see that protection and control over who can gain access to control points and generated data is absolutely key.

[Victor Ake Participant]

Regarding privacy, there is already the User Managed Access (UMA) initiative. UMA can address several of the privacy and access concerns described in the article referred. There are also some things that will need to change from the legal perspective, because at this moment the manufacturer of a “connected product” takes for granted that the data collected belongs to them, when it should belong to the user of the product. The manufacturer collecting data in the cloud could be the custodian of the data but not the owner, or not the owner of all the data. The user should have the right to decide what data he/she wants to share, and with whom. That’s precisely one of the problems that UMA addresses.

The click “I agree” (and implicitly grant access to all my data) or “Go away” Terms and Conditions will need to evolve, but as I mentioned above the legal framework needs to change, and that might take time.

Take a look to the OpenUMA project in the ForgeRock community.

Cheers,

[iotcoursesindia Participant]

IoT security is one of the most concerned areas that need to be protected connected devices and networks in the Internet of things (IoT). Over the past few years, the prevalence of IoT is increasing continuously with each passing day. Most of the IoT communication and its uses come from the connected computing devices, embedded sensor systems used in home and building automation, smart energy grids, vehicle to vehicle communication, industrial machine-to-machine (M2M) communication, and wearable computing devices.

The main problem is that the security has not always been considered in product design. Most of the IoT products, which are sold in the market comes with old embedded operating systems and software. Moreover, the buyers fail to change the default passwords on IoT devices or objects, and if they do change they fail to set a strong password. To improve the security, IoT devices need to be directly accessible over the Internet and should have restricted network access.

[Author]

Posts