Securing the Internet of People and Things (IOPT)
As Kobielus noted, we’re seeing a proliferation of mobile devices, appliances or other objects with embedded sensors and advanced wireless or cellular networks to connect them. Applications such as quantified self, home automation and connected cars abound.
A synonym for the IoT is the Internet of Everywhere and Kobielus highlights that its also smart everywhere – you have smart phones, smart homes, smart schools, smart wearables, smart healthcare and on and on – integrated, interconnected intelligent.
Gartner and other promulgators of statistics estimate 10s of billions of things are persistently or intermittently connected to the Internet today and fifties or hundreds of billions more will be connected soon. I highly recommend to your attention the book “Trillions” to really learn about this transformational space.
But now to security. As Kobielus noted, there is no comprehensive framework yet for securing the IoT. Yet the IoT will have many of the same needs for security services like authentication, access control, encryption and vulnerability management as does the Internet of conventional devices. The IoT will differ mainly in terms of SCALE and PROXIMITY to people.
Kobielus makes the case that Big Data is required to deal with IoT’s scale issues, to handle the 3 V’s of volume, velocity and variety. Big data systems can keep track of the things in all their V’s, detect threats through analytics and accomplish bulk provisioning of protections.
Members of the audience at the talk, however, raised the question of privacy and trust. “Will people just withdraw from the connected life?” In answering them, Jim correctly (in my opinion) predicted that relatively few people will substantially disconnect. But I thought he should also have said that many people, though connected, are also “creeped out” and that withdrawal occurs by increments.
To be successful, to be desirable, to be useful to the greatest numbers and types of people, both IoT and Big Data have to address privacy concerns because of the PROXIMITY of IoT to our lives. Just the other day, I blogged about Direct Memory Access that Kills (On CSI Las Vegas) as an example of awareness that IoT could be not just privacy-invasive, but lethal..
In thinking about leveraging big data for security generally and for the IoT in particular, don’t forget the little people. Although I used used the acronym “IoT” in deference to covering Kobielus’s talk as it was given, I prefer the acronym IOPT in the title.