the internet of things - 36th international conference of privacy and data commissioners
DESCRIPTION
The Internet of Things - 36th International Conference of Privacy and Data CommissionersTRANSCRIPT
![Page 1: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/1.jpg)
The Digital Revolu/on Con/nues: The Internet of Everything
Kate Carruthers Mauri/us, October 2014
![Page 2: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/2.jpg)
Internet – web 1.0
Oct 2014 © Kate Carruthers | katecarruthers.com 2
Source: Web Focus: Ways of Exploi/ng New Technologies, 19 July 1998 hSp://www.ariadne.ac.uk/issue16/web-‐focus
![Page 3: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/3.jpg)
Internet – web 2.0
Oct 2014 © Kate Carruthers | katecarruthers.com 3
Source: Launching the Web 2.0 Framework, Ross Dawson, May 30, 2007 hSp://rossdawsonblog.com/weblog/archives/2007/05/launching_the_w.html
![Page 4: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/4.jpg)
“Internet of Things” IoT “Machine to Machine” M2M “Internet of Everything” IoE
Oct 2014 © Kate Carruthers | katecarruthers.com 4
![Page 5: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/5.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 5
Objects are becoming embedded with sensors and gaining the ability to operate & communicate independent of human interven/on.
![Page 6: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/6.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 6
The resul/ng informa/on networks promise to create new business models and disrupt exis/ng business models.
![Page 7: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/7.jpg)
Characteris/cs
• Distributed • Peer to peer • API based • Network neutral Oct 2014 © Kate Carruthers | katecarruthers.com 7
![Page 8: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/8.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 8
Connected devices are transformed from a single purchase product into a service that generates recurring income.
IoT value is not in the devices, but in new services related to
the devices.
![Page 9: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/9.jpg)
New business models
• Open models • Collabora/on & loose confedera/ons • Agile, change ready organisa/ons • Restructured supply chain • Mergers & acquisi/ons
Oct 2014 © Kate Carruthers | katecarruthers.com 9
![Page 10: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/10.jpg)
Ubiquitous connec/vity
Oct 2014 © Kate Carruthers | katecarruthers.com 10
![Page 11: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/11.jpg)
Cisco says US$14 trillion IoE value
1) asset u/liza/on (reduced costs) of $2.5 trillion 2) employee produc/vity (greater labor
efficiencies) of $2.5 trillion 3) supply chain and logis/cs (elimina/ng waste) of
$2.7 trillion 4) customer experience (addi/on of more
customers) of $3.7 trillion 5) innova/on (reducing /me to market) of $3.0
trillion
Oct 2014 © Kate Carruthers | katecarruthers.com 11
CISCO White paper: Embracing the Internet of Everything for your Share of $14 trillion
![Page 12: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/12.jpg)
Market signals -‐ 2014
• Google bought Nest for US$3.2B Jan 2014 • Google & Nest bought Dropcam for US$555M • Samsung bought SmartThings for US$200M • Vodafone bought Cobra Automo/ve for £115M
• Zebra Technologies bought a unit of Motorola for US$3.45B
Oct 2014 © Kate Carruthers | katecarruthers.com 12
![Page 13: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/13.jpg)
Market signals -‐ 2014
• global survey of 1400 sooware developers • 17.1% working on IoT apps • 23% expect to begin work in next 6 months
Oct 2014 © Kate Carruthers | katecarruthers.com 13
Evans Data Corpora/on Survey July 2014
![Page 14: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/14.jpg)
Driven by convergence
• Ubiquitous comms networks
• Mobile connec/vity • 3D prin/ng • Sensor networks • Big data > drawing useful inferences
• Peer to peer networks
• Cloud compu/ng • Ar/ficial intelligence • Commodity sensors • Sooware defined networks
Oct 2014 © Kate Carruthers | katecarruthers.com 14
![Page 15: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/15.jpg)
Fuelled by app ecosystem
“Between 2008 and 2017, Google Play and Apple’s App Store will be responsible for a mind-‐blowing number of mobile app downloads: 350 billion.” Oct 2014 © Kate Carruthers | katecarruthers.com 15
Source: hSp://www.mobilemarke/ngwatch.com/the-‐decade-‐of-‐350-‐billion-‐app-‐downloads-‐26932/
![Page 16: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/16.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 16
Allflex DNA tags
![Page 17: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/17.jpg)
![Page 18: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/18.jpg)
Emerging Standards landscape
• Industrial Internet Consor/um • AllJoyn • WebRTC • Z-‐Wave Alliance • Zigbee Alliance • Open Interconnect Consor/um • Thread • Internet of Things Consor/um
Oct 2014 © Kate Carruthers | katecarruthers.com 18
![Page 19: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/19.jpg)
Industries
Financial services Automo/ve Technology Entertainment Retail
Healthcare Hospitality Industrial Power & u/li/es Energy & mining
Oct 2014 © Kate Carruthers | katecarruthers.com 19
![Page 20: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/20.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 20
Driverless trucks the next big thing in WA's Pilbara, ABC 25 Apr 2014, 3:13pm
![Page 21: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/21.jpg)
Source: hSp://readwrite.com/2014/04/30/connected-‐home-‐hackers-‐stop-‐yelling-‐at-‐babies-‐foscam#feed=/tag/internet-‐of-‐things&awesm=~oEe6yipkTkz40o
Oct 2014 © Kate Carruthers | katecarruthers.com 21
Last August, a hacker infiltrated a wireless camera owned by the Gilbert family, living in Houston, Texas. The stranger took control of the unit and used it to scream obsceni/es at a two-‐year-‐old toddler. Fortunately, the hearing-‐impaired child didn’t have her cochlear implant turned on at the /me, otherwise she would have heard the stranger yelling, “Wake up Allyson, you liSle slut!”
![Page 22: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/22.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 22
![Page 23: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/23.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 23
Bloomberg, Data Breaches in the US, at 4 Sep 2014
![Page 24: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/24.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 24
• 3rd party HVAC firm aSack vector • Security sooware disabled • PCI DSS didn’t save them
![Page 25: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/25.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 25
Bloomberg, Oct 2014
![Page 26: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/26.jpg)
JP Morgan
• Sarbanes-‐Oxley Act (SOX) • Payment Card Industry Data Security Standard (PCI DSS)
• Gramm-‐Leach-‐Bliley Act (GLB) Act • Electronic Fund Transfer Act, Regula/on E (EFTA) • Free and Secure Trade Program (FAST) • Fair and Accurate Credit Transac/on Act (FACTA), including Red Flags Rule
• Federal Rules of Civil Procedure (FRCP)
Oct 2014 © Kate Carruthers | katecarruthers.com 26
![Page 27: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/27.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 27
Tradi/onal approach to perimeter security
![Page 28: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/28.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 28
Bot-‐herders can launch DDoS aAacks from dryers, refrigerators, other Internet of Things devices
Network World Sep 2014
![Page 29: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/29.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 29 Proofpoint Uncovers Internet of Things (IoT) CyberaSack, January 16, 2014
“The global aSack campaign involved more than 750,000 malicious email communica/ons coming from more than 100,000 everyday consumer gadgets …”
![Page 30: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/30.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 30 Proofpoint Uncovers Internet of Things (IoT) CyberaSack, January 16, 2014
“… such as home-‐networking routers, connected mul/-‐media centers, televisions and at least one refrigerator”
![Page 31: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/31.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 31
It’s “ooen impossible to patch the sooware or upgrade the components to the latest version.”
Bruce Schneier, The Internet of Things Is Wildly Insecure -‐ And Ooen Unpatchable, Wired, Jan 2014
![Page 32: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/32.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 32
“Ooen, the complete source code isn’t available. Yes, they’ll have the source code to Linux and any other open-‐source components.”
Bruce Schneier, The Internet of Things Is Wildly Insecure -‐ And Ooen Unpatchable, Wired, Jan 2014
![Page 33: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/33.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 33
“But many of the device drivers and other components are just ‘binary blobs’ -‐ no source code at all.”
Bruce Schneier, The Internet of Things Is Wildly Insecure -‐ And Ooen Unpatchable, Wired, Jan 2014
![Page 34: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/34.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 34
“That’s the most pernicious part of the problem: No one can possibly patch code that’s just binary.”
Bruce Schneier, The Internet of Things Is Wildly Insecure -‐ And Ooen Unpatchable, Wired, Jan 2014
![Page 35: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/35.jpg)
Consumer privacy
• Pervasive compu/ng • Personalisa/on • Customisa/on • Convenience • Lack of understanding • Meaningful consent Oct 2014 © Kate Carruthers | katecarruthers.com 35
![Page 36: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/36.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 36
Time, Sep 2014
![Page 37: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/37.jpg)
Oct 2014 © Kate Carruthers | katecarruthers.com 37
“We tend to overesGmate the effect of a technology in the short run and underesGmate the effect in the long run.”-‐ Amara's law
![Page 38: The Internet of Things - 36th International Conference of Privacy and Data Commissioners](https://reader033.vdocuments.us/reader033/viewer/2022051323/547ec400b47959ac508b4c1f/html5/thumbnails/38.jpg)
Kate Carruthers UNSW Australia Sydney [email protected] TwiSer @kcarruthers
Oct 2014 © Kate Carruthers | katecarruthers.com 38