Presentation at IEEE IoT Workshop given by Rob Gingell, EVP Product Development, Resilient Network System

1. In the IoT, no T is an Island
Rob Gingell
Resilient Network Systems

2. Today: Island Phase of networking Things
2
 Sensors (actuators) attached to network
 More “network reachable” than full network citizens
 Technology limits / function partitioning
 Customer capture: business model and experience management
 Usually homogenous / insulated / isolated
 Registered to manufacturer services
 Generally capable / trusted process between user / manufacturer
 Each registration instance weakens privacy: more targets / points of compromise
 Data often pre-digested: images vs. data sources
 More suitable for viewing than for use by other automata
 “Policies” implied / embedded in services presenting data
 An “Internet” of Things is inhibited by boundaries that isolate

3. Internet of Things: Composition / Orchestration
3
 Heterogeneous: device, manufacturer, operating organization
 Dynamic (e.g., on proximities: geographic, topical, functional)
 Trust relationship formed quickly and ad hoc: requires low overhead
 “Provisioning” too cumbersome
 Composition: what interconnection is for
 Involves computation / manipulation of data, not presentation
 Will drive layers into data / Thing presentation to network
 Combination of implied / embedded policies chaotic / weak
 A useful IoT needs tools architected of and for the network

4. What’s Required?
4
 Preserve privacy: minimize instances of PII
 Use the network to make better use of existing stores through trust relationships
 “Store” might be degenerate: a datum or single certificate
 Partition & Distribute: PEP, PDP, PAP, policy stores
 Store → “authority”, trust relationships govern acceptability
 → structure for having, building, maintaining trust relationships
 Connect: explicit policies structure connections between authorities
 Make policies explicit, separate from things they govern
 Enable policy writers to operate directly rather than indirectly
 → platform exists for cross-domain policy execution
 Anticipate / embrace heterogeneity
 In organization, representation of data / policies / identity
 Enable innovation: technology evolving rapidly: biometrics, behavior recognition
 “Future-proof” things to gain from refinements in policy / authority technology
 Resist search for “one to rule them all”

5. Resilient’s Trust Network (TN)
5
RULES
ENGINES
POLICY
AUTHORITIES
ID ATTRIBUTES
(DIRECTORIES)
AUTHN /
BIOMETRICS
AN UNKNOWN
USER/Thing
A KNOWN
USER/Thing
A PARTIALLY
KNOWN USER/Thing
A
A
A
A
A
A
PEP
(RP/Auth)
PDP Policy Stores/PAP/PIP/PRP
PAP
PAP
PAP
AUTHZ /
CREDENTIALS

6. Other Relevant Characteristics
6
 Simplified provisioning – mostly “don’t”
 Today: deployed as IAM tool for cross-organizational sharing
 Can be useful tool even in today’s “island phase” relationship building
 Workflow engine: programmed by policies
 “Policies” in TN compile to workflows– machine language for DS policy languages
 Other “composing” operations besides trust/identity can be expressed
 “Common-carrier” like – “meaning” comes from usage / directories
 Not an authority – each subscribed entity is (RP can be authority for selves)
 Provides meta-authorities instanced / operated by subscribers / groups
 Subscriber-set policies govern access – no super-user, no data retained
 Real: functions in real-world environments, threats
 Viruses, compromises, administrative lapses will continue to happen
 Compromising a component need not compromise policy – expect failures
 Usable: (policy protected access to be) auditable, debuggable, meterable (commerce)
 Scale: simple components, narrow protocols, predictable interactions / aggregation
 Services supporting “policy-protected datum” – privacy applications
 Evolving: certificates, use of block chain technology

7. Conclusion: systematic trust maximizes IoT utility
7
 “Islands of Things” should not be the limit of our aspirations
 IoT interactions can’t tolerate traditional provisioning
 Invitation to lax security, privacy, identity and thus trust
 Counter with system designed to operate ad hoc and internet scale
 Gain leverage from existing mechanisms through workflow integration
 Utilize network characteristics for protection – can’t compromise whole
 Make policy a first-order mechanism for policy writers
 Requires a platform to execute them across boundaries
 Avoid “lost in translation” problems in implementation / composition

8. The End
8