the internet of people, things and services – identity
TRANSCRIPT
EEMA Nordic Region/Norstella eID Interest Group Workshop on biometrics and mobility
Oslo, 14th April 2015
The Internet of People, Things and Services – Identity, Privacy and Security
1
Apr 2015, Josef NollIoT, Identity, Security
Outline
l The Internet of People Things and Services (IoPTS) – The Internet of Things (IoT) – The Internet of Everything (IoE)
l Identity in the IoT – Identity and trust between people – Identity in IoT
l Privacy and Security – Privacy, Context-awareness – Measurable Security – Innovation through Measurable Security
l Conclusions
3
[Source: Monique Morrow, Cisco]
Apr 2015, Josef NollIoT, Identity, Security
DNV report 2013, DNV GL report 2014
Technology Outlook 2020 / Transformative Technologies
l Technology applications in Maritime, Renewables & Electricity, Health Care, Oil & Gas and Food & Water industries l sensors will drive automated data
management l from passive data to automated
decisions l automated decision tools by 2020
l Maritime: «policy driven» l Health care: «trust» on sensor and
mobile apps4
“In any change management
process, the challenge is
communicating ris
k,” (Peter
Bjerager, DNV GL)
“Only 59% of th
e public
trust th
e energy
industry,” (
Edelman Trust
Barometer 2013)
Apr 2015, Josef NollIoT, Identity, Security
IoT paradigm• From "Internet of PCs" towards the "Internet of
Things" with 50 to 100 billion devices connected to the Internet by 2020. [CERP-IoT, 03.2010]
• Things have their own identity, communicate with other things and humans (IoPTS)
5
source: Gerhard Fettweis, TU Dresden
l The speed of development
stor
age
on s
ingl
e ch
ip
"Now (2010) we have roughly 5.2 Mio
mobile subscribers. In some year we will
have 30...50 Mio devices on the mobile
network” – Hans Christian Haugli, CEO, Telenor Objects
Apr 2015, Josef NollIoT, Identity, Security
The Semantic Dimension
6
Source: L. Atzori et al., The Internet of Things: A survey, Comput. Netw. (2010), doi:10.1016/ j.comnet.2010.05.010
Text
* security * privacy * dependability * context-aware * personalised
Apr 2015, Josef NollIoT, Identity, Security 8[Source: J. Schaper, FI PPP Constituency Event Nice, March 2010]
Apr 2015, Josef NollIoT, Identity, Security
From IoT to IoPTSl "Things" become socially intelligent
l yes, without doubts l requires new trust model l measurable security
l Growing Internet of Things (IoT) market l broad connectivity l essential openness of smart “everything” l security, privacy, dependability
l «What about me?» l The Internet of People, Things and Services (IoPTS)
9
Apr 2015, Josef NollIoT, Identity, Security
The IoPTS ecosystem• Creating business
– openness, competitive – climate for innovation
• Public authorities – trust, confidence – demand
• Consumers – (early) adapters – education
• Infrastructure – broadband, mobile – competition
10
Academiaresearch,education
PublicAuthoritiesdemand
Entrepreneursideas
Consumersadaptation Business
climate:market
Sensor providers
IoT - Business Ecosystem
infrastructure: broadband,
mobile
Creativeprogrammers
software
Apr 2015, Josef NollIoT, Identity, Security
Paradigm change for The Internet of the Real World and IoTl Trust related privacy
-> Representing the user adequately
l Connecting to sensors, devices and services-> Provide privacy and ensure trust relations
l An ever increasing complexity in the digital environment-> Hiding the complexity from the use
Context
Roles
Preferences
IdentitiesTopic
My trust network
0.90.9
0.7
0.5
0.30.9
Thanks to Vladimir Oleshchuk for ideas and discussions
4. PR OPOSE D F R A M E W O R K
This chapter elaborates the proposed cloud based Internet of Things framework. Figure 2 illustrates the
proposed framework that contains the following four layers: Node layer, Network layer, Middleware
layer and Application layer. A brief overview of each layer is as follows.
Node layer Node layer contains hundreds of nodes such as devices, sensors and actuators distributed
over the whole railway infrastructure. Some of them are very small in size having limited battery capacity
and are used for collect and forward data only, e.g. the temperature sensors. Some of the devices can
aggregate and filter data. The nodes deliver collected data to the middleware layer and some of them
receive feedback or suggestions from the middleware layer and thereby can perform actions, e.g. actuate a
mechanical device.
Network layer In order to communicate, each node is equipped with one or multiple communication
interfaces. Some of the nodes work alone, while some other work in a group. Nodes working in a group
may form a network within themselves and such network can be permanent or ad-hoc one. The
middleware layer may supervise the formation of the network by defining its characteristics for example
its topology, interconnectivity etc.
Middleware layer It contains computing machines containing powerful hardware and software
components. The middleware layer communicated with application interfaces. Depending on the
F igure 2. The layered representation of the proposed framework.
4. PR OPOSE D F R A M E W O R K
This chapter elaborates the proposed cloud based Internet of Things framework. Figure 2 illustrates the
proposed framework that contains the following four layers: Node layer, Network layer, Middleware
layer and Application layer. A brief overview of each layer is as follows.
Node layer Node layer contains hundreds of nodes such as devices, sensors and actuators distributed
over the whole railway infrastructure. Some of them are very small in size having limited battery capacity
and are used for collect and forward data only, e.g. the temperature sensors. Some of the devices can
aggregate and filter data. The nodes deliver collected data to the middleware layer and some of them
receive feedback or suggestions from the middleware layer and thereby can perform actions, e.g. actuate a
mechanical device.
Network layer In order to communicate, each node is equipped with one or multiple communication
interfaces. Some of the nodes work alone, while some other work in a group. Nodes working in a group
may form a network within themselves and such network can be permanent or ad-hoc one. The
middleware layer may supervise the formation of the network by defining its characteristics for example
its topology, interconnectivity etc.
Middleware layer It contains computing machines containing powerful hardware and software
components. The middleware layer communicated with application interfaces. Depending on the
F igure 2. The layered representation of the proposed framework.
4. PR OPOSE D F R A M E W O R K
This chapter elaborates the proposed cloud based Internet of Things framework. Figure 2 illustrates the
proposed framework that contains the following four layers: Node layer, Network layer, Middleware
layer and Application layer. A brief overview of each layer is as follows.
Node layer Node layer contains hundreds of nodes such as devices, sensors and actuators distributed
over the whole railway infrastructure. Some of them are very small in size having limited battery capacity
and are used for collect and forward data only, e.g. the temperature sensors. Some of the devices can
aggregate and filter data. The nodes deliver collected data to the middleware layer and some of them
receive feedback or suggestions from the middleware layer and thereby can perform actions, e.g. actuate a
mechanical device.
Network layer In order to communicate, each node is equipped with one or multiple communication
interfaces. Some of the nodes work alone, while some other work in a group. Nodes working in a group
may form a network within themselves and such network can be permanent or ad-hoc one. The
middleware layer may supervise the formation of the network by defining its characteristics for example
its topology, interconnectivity etc.
Middleware layer It contains computing machines containing powerful hardware and software
components. The middleware layer communicated with application interfaces. Depending on the
F igure 2. The layered representation of the proposed framework.
4. PR OPOSE D F R A M E W O R K
This chapter elaborates the proposed cloud based Internet of Things framework. Figure 2 illustrates the
proposed framework that contains the following four layers: Node layer, Network layer, Middleware
layer and Application layer. A brief overview of each layer is as follows.
Node layer Node layer contains hundreds of nodes such as devices, sensors and actuators distributed
over the whole railway infrastructure. Some of them are very small in size having limited battery capacity
and are used for collect and forward data only, e.g. the temperature sensors. Some of the devices can
aggregate and filter data. The nodes deliver collected data to the middleware layer and some of them
receive feedback or suggestions from the middleware layer and thereby can perform actions, e.g. actuate a
mechanical device.
Network layer In order to communicate, each node is equipped with one or multiple communication
interfaces. Some of the nodes work alone, while some other work in a group. Nodes working in a group
may form a network within themselves and such network can be permanent or ad-hoc one. The
middleware layer may supervise the formation of the network by defining its characteristics for example
its topology, interconnectivity etc.
Middleware layer It contains computing machines containing powerful hardware and software
components. The middleware layer communicated with application interfaces. Depending on the
F igure 2. The layered representation of the proposed framework.
11
Apr 2015, Josef NollIoT, Identity, Security
Application Example: Socialtainment (eMobility)l From Entertainment
to Socialtainment l Social mobility
through inclusion ofsocial networks
12
peopletraffic
SocialMobility
vehicles
Pool
charging
warningparking
micro-coordination
social
IoT
tour
smart gridwww
info
musicmaps
energycontrol
CO2
l answering the need for CO2 reduction in transport l SAP 45% (2009)
Corporate travelCorporate carsCommutingFlightsEnergy & Logistics
Apr 2015, Josef NollIoT, Identity, Security
Security challengesl heterogeneous infrastructures
l sensors, devices l networks, cloud l services, app stores
l BYOD - bring your own device ➡ you can’t control ➡ concentrate on the core values l Internet of People, Things and Service (IoPTS)
l content aware l context aware l user centric: “Life Management Platform”
➡Measure your values13
Apr 2015, Josef NollIoT, Identity, Security
Create a successful ecosysteml Demand
lmobile/wireless lautonomy l“me”, context-/content-aware
l Adaptation l infrastructure lbusiness environment ltrust
l Security, privacy
14
Academiaresearch,education
PublicAuthoritiesdemand
Entrepreneursideas
Businessclimate:market
Sensor providers
IoT - Business
Ecosystem
infrastructure: broadband,
mobile
Creativeprogrammers
software
core values
attack
security layer
Consumersadaptation
Apr 2015, Josef NollIoT, Identity, Security
Trust-based privacyl “With whom to
collaborate?” l Share data? l Trust-based
privacy l Information
and your social life
15
Context RolesIdentities
Topic
Company trust network
0.90.90.5
0.30.9
Thanks to Vladimir Oleshchuk for ideas and discussions
4. PR OPOSE D F R A M E W O R K
This chapter elaborates the proposed cloud based Internet of Things framework. Figure 2 illustrates the
proposed framework that contains the following four layers: Node layer, Network layer, Middleware
layer and Application layer. A brief overview of each layer is as follows.
Node layer Node layer contains hundreds of nodes such as devices, sensors and actuators distributed
over the whole railway infrastructure. Some of them are very small in size having limited battery capacity
and are used for collect and forward data only, e.g. the temperature sensors. Some of the devices can
aggregate and filter data. The nodes deliver collected data to the middleware layer and some of them
receive feedback or suggestions from the middleware layer and thereby can perform actions, e.g. actuate a
mechanical device.
Network layer In order to communicate, each node is equipped with one or multiple communication
interfaces. Some of the nodes work alone, while some other work in a group. Nodes working in a group
may form a network within themselves and such network can be permanent or ad-hoc one. The
middleware layer may supervise the formation of the network by defining its characteristics for example
its topology, interconnectivity etc.
Middleware layer It contains computing machines containing powerful hardware and software
components. The middleware layer communicated with application interfaces. Depending on the
F igure 2. The layered representation of the proposed framework.
4. PR OPOSE D F R A M E W O R K
This chapter elaborates the proposed cloud based Internet of Things framework. Figure 2 illustrates the
proposed framework that contains the following four layers: Node layer, Network layer, Middleware
layer and Application layer. A brief overview of each layer is as follows.
Node layer Node layer contains hundreds of nodes such as devices, sensors and actuators distributed
over the whole railway infrastructure. Some of them are very small in size having limited battery capacity
and are used for collect and forward data only, e.g. the temperature sensors. Some of the devices can
aggregate and filter data. The nodes deliver collected data to the middleware layer and some of them
receive feedback or suggestions from the middleware layer and thereby can perform actions, e.g. actuate a
mechanical device.
Network layer In order to communicate, each node is equipped with one or multiple communication
interfaces. Some of the nodes work alone, while some other work in a group. Nodes working in a group
may form a network within themselves and such network can be permanent or ad-hoc one. The
middleware layer may supervise the formation of the network by defining its characteristics for example
its topology, interconnectivity etc.
Middleware layer It contains computing machines containing powerful hardware and software
components. The middleware layer communicated with application interfaces. Depending on the
F igure 2. The layered representation of the proposed framework.
A
B C
D
E
FG
• Measurable trust? Transient Trust? • Value chains: from sensors to systems
Apr 2015, Josef NollIoT, Identity, Security
The Smart Grid in the close futurel Smart grid
with prosumers
l various control mechanisms
l attack scenarios
l critical infrastructure
16
Wind farm
Solar farm
Energystorage Distribution
substation
Industrialcustomer
Residential customers
Microgrid
Smart data
control &
management
Energyagent
battery
Intrusionprotection
Apr 2015, Josef NollIoT, Identity, Security
How come these guys didn’t think of privacy?
1711 ©2007 Deloitte & Touche GmbH WirtschaftsprüfungsgesellschaftWeb 2.0 Expo Berlin 2007
How come these guys didn’t think of that?
Source: http://www.michaelkaul.de/History/history.html
1973 Kjeller
Jon Postel
Steve Crocker
Vinton Cerf1972
Apr 2015, Josef NollIoT, Identity, Security
newSHIELD.eu approach
l Security, here l security (S) l privacy (P) l dependability (D)
l across the value chain l from sensors to
services l measurable security
18
IntelligenceOverlay
Sensors, Embedded Systems
Network
Cloud services
Is made byCould be
can be composed
SystemComponents
and functionalities
SPD Components,
SPD functionalities
Multi-‐Metrics— Josef Noll, Feb2015http://newSHIELD.eu
Multi-‐Metricsv2 -‐ system composition» System consists of sub-‐systems consists of
components – security – privacy – dependability
19
sub-system 2(s,p,d)
Comp. 1 Comp. 2 Comp. 3
Multi-MetricsMM
M
sub-system 1(s,p,d)
system(s,p,d)
Multi-Metrics (weighted subsystems)
ideal
good accep.
critical
failure
criticality
Apr 2015, Josef NollIoT, Identity, Security
Conclusionsl The Internet of People Things and
Services (IoPTS) – The Internet of Things (IoT) – The Internet of Everything (IoE)
l Identity and Identity in the IoT – Identity and trust between people – Identity in IoT
l Privacy and Security – Privacy,
Context-awareness – Measurable Security
20
It’s all about marketing
ideal
good accep.
critical
failure
criticality
Apr 2015, Josef NollIoT, Identity, Security
About
21
I want to talk about measurable security for the Internet of Things. Thanks for giving me the
opportunity
Apr 2015, Josef NollIoT, Identity, Security
My special thanks to lJU Artemis and the Research
Councils of the participating countries (IT, HE, PT, SL, NO, ES)
lAndrea Fiaschetti for the semantic middleware and ideas
l Inaki Eguia Elejabarrieta,Andrea Morgagni, Francesco Flammini, Renato Baldelli, Vincenzo Suraci for the Metrices
lPrzemyslaw Osocha and Cecilia Coveri for running the SHIELD projects
lCecilia Coveri (SelexElsag) for running the nSHIELD project
lSarfraz Alam (UNIK) and Geir Harald Ingvaldsen (JBV) for the train demo
lZahid Iqbal and Mushfiq Chowdhury for the semantics
lHans Christian Haugli and Juan Carlos Lopez Calvet for the Shepherd ® interfaces
lHabtamu Abbie for the good discussions on measurable security
l Iñaki Garitano and Seraj Fayyad for the papers on measurable security
land all those I have forgotten to mention
22