The importance of security in IoT

Wikipedia’s definition of IoT is:

The Internet of Things (IoT) is the network of physical objects or “things” embedded with electronics, software, sensors and connectivity to enable it to achieve greater value and service by exchanging data with the manufacturer, operator and/or other connected devices. Each thing is uniquely identifiable through its embedded computing system but is able to interoperate within the existing Internet infrastructure.

To put it in even simpler words, IoT depicts a world where objects communicate with each other, and the same objects with humans too, seamlessly.

IoT is such an important area of focus today, that there is also a Search Engine for IoT found here which provides a geographical index of where things (IoT) are, who owns them, and how and why they are used.

The below graph (Courtesy Verizon DBIR 2015) shows the scale of growth of IoT devices in the next five years.

There was this funny definition of “Big Data” that was trending on Twitter recently, and I found it to be quite true. Big Data has become one of the most popular terms used by IT professionals, Businesses, Product Companies and individuals who have anything to do with data or information. But only few actually understand and use this concept and the relevant tools, in the right places. Product companies have been using “Big Data” as a key Marketing jargon.

Similarly, “IoT” is becoming one of the widely used terms in the Tech. and Non-Tech. industry. There are conferences held on IoT, there are marketing initiatives running in full swing in this domain, and every company is in a rush to introduce products in this category.

Following Infographic captures the already prevalent impact of IoT on our lives (Image source: http://cdn.xenlife.com.au):

But very few people, companies and institutions are actually spending time and effort in understanding the big picture, and studying and discussing the larger implications of IoT on the industry, our daily lives, and our society as a whole, and building products and solutions around them.

The International Journal of Computer Trends and Technology is one of such institutions which has been doing some research in this area. Their paper An Algorithmic Framework Security Model for Internet of Things is a definite read, and it describes one of the approaches that can be used to understand and implement IoT technologies without affecting security, privacy and integrity of information.

These lines set the context for the whole situation, and the paper:

The biggest role researchers are obliged to undertake is to find and advance the best algorithms for enhancing secure use of Internet of Things especially cutting across different application environments.

The basis of coming up with a security model for Internet of things (IoT) is on the understanding of the source of concern from the functionality modalities of Internet of Things. The functional modalities hereby refer to the different application environments where IoT are applicable, such as health, agriculture, retail, transport and communication, the environments both virtual and physical as well as many other potential areas of application depending on classifications employed at the point of discussions at hand.

Given also the possibilities that IoT have, to extend beyond present applications , especially enabled by emerging technologies in mobile and wireless computing, the scope of concerns from such a web of connectivity, should not be focused in defined areas but should have a broader scope.

The paper handles this issue in the following order:

AAM is a good place to start, however, area that will require further research is the way the interaction between the augmented IoT applications can be controlled, because the code from numerous and possibly untrusted users and applications will be placed in the same security domain, which raises security and integrity concerns.

IoT Security is a vast topic, and this is just tip of the iceberg, with lot of nuances still unknown to us. I shall be writing more about this topic. There is no doubt in the potential of IoT in our lives, and it is going to be one of humanity’s biggest creations in this century. For us to realise its true potential, we must learn from our mistakes from the last two decades of developing software without considering security as a design principle; the numerous Cyber Security Breaches in the recent times and Incident Reports are indicators of the impact of this lack of augmented approach. But the repercussions of security compromises in IoT technologies can be far reaching, as IoT touches various levels of our social, economic and political lives.

Here is a picture showing one such scenario (Image source: http://spectrum.ieee.org/)

IoT is the future of technology beyond 2020, and its one of key tools to realize United Nations Millennium Development Goals, and building security principles into IoT technologies is going to be instrumental to its use to humanity.

Title Image courtesy: http://www.cmswire.com