Securing the Internet of Everything: An Introduction
Towards developing a Secure Architecture for the Internet of Everything, I plan to kick off a series of blogs around this pivotal topic.
In discussing security and the Internet of Everything, the first question that comes to mind is, “Which segment of “everything” is one referring to?”. A reasonable approach has been to understand the common attributes that crosses vertical segments such as Intelligent Transportation, Smart Utilities, Industrial Automation and so on. The Internet of Things (IoT) and Machine-to-Machine (M2M) are general abstractions for the network infrastructure that links physical and virtual objects. In Cisco, we now refer to these abstractions as the Internet of Everything, IoE. The IoE describes a world where billions of objects have sensors to detect, measure and assess their status; all connected over public or private networks using standard and proprietary protocols.
Until a point in time around 2008/2009, there were more human beings in the world than devices connected to the Internet. That is no longer the case. In 2010, the global average of connected-devices-per-person was 1.84. Taking only those people that use the Internet (around 2 billion in 2010), that figure becomes 6 devices per person . Today, most of these devices are entities that the user will directly interact with—a laptop, smartphone, tablet, etc. But what is changing is that other devices used every day to orchestrate and manage the world we live in are becoming connected entities in their own right.
The Internet of Things (IoT) consists of networks of sensors and actuators attached to objects and communications devices, providing data that can be analyzed and used to initiate automated actions. The data also generates vital intelligence for planning, management, policy and decision-making.
In essence, the five properties that come together to characterize the IoT are:
• A Unique Internet Address by which each and every connected physical object and device will be uniquely identified, and therefore be able to communicate with one another.
▪ A Unique Location—can be fixed or mobile—within a network or system for example, a smart electricity grid) that makes sense of the object’s function and purpose in its specified environment, generating intelligence to enable autonomous actions in line with that purpose.
▪ An Increase in Machine-Generated and Machine-Processed Information that will surpass human- processed information, potentially linking in with other systems to create what some have called “the nervous system of the planet”.
• Complex New Capabilities in Security, Analytics and Management, achievable through more powerful software and processing devices, that enable network of connected devices and systems to cluster and interoperate seamlessly in a “network of networks.”
• Time and Location Achieve New Levels of Importance in information processing as Internet-connected objects work to generate ambient intelligence; for example, on the Heating, Ventilation and Air Conditioning (HVAC) efficiency of a building, or to study soil samples and climatic change in relation to crop growth.
The concepts and technologies that have led to the IoT, or the interconnectivity of real-world objects, have existed for some time. Many people have referred to Machine-to-Machine (M2M) communications and IoT interchangeably and think they are one and the same. In reality, M2M is only a subset; IoT is a more encompassing phenomenon as it also includes Machine-to-Human communication (M2H), Radio Frequency Identification (RFID), Location-Based Services (LBS), Lab-on-a-Chip (LOC) sensors, Augmented Reality (AR), robotics and vehicle telematics are some of the technology innovations that employ both M2M and M2H communications within the IoT as it exists today. They were spun off from earlier military and industrial supply chain applications; their common feature is to combine embedded sensory objects with communication intelligence, running data over a mix of wired and wireless networks.
What have really helped IoT gain traction outside these specific application areas are the greater commoditization of IP as a standard communication protocol, and the advent of IPv6 to allow for a unique IP address to each connected device and object. Researchers and early adopters have been further encouraged by advancements in wireless technologies, including radio and satellite; miniaturization of devices and industrialization; and increasing bandwidth, computing, and storage power. All these factors have played a part in pushing the boundaries towards generating more―intelligence from data capture, communication and analytics, through various devices, objects and machines, in order to understand our natural and man-made worlds better.
Embedded, distributed intelligence in the network is a core architectural component of the IoT for three main reasons:
• Data Collection: Centralized data collection and smart object management do not provide the scalability required by the Internet. Managing several hundreds of millions of sensors and actuators in a Smart Grid network, for example, cannot be done using a centralized approach.
▪ Network Resource Preservation: Network bandwidth may be scarce and collecting environmental data from a central point in the network unavoidably leads to using a large amount of the network capacity.
▪ Closed Loop Functioning: The IoT needs reduced reaction times for some use cases. For instance, sending an alarm via multiple hops from a sensor to a centralized system, which runs analytics before sending an order to an actuator, would entail unacceptable delays. Service Management Systems (SMS) (also known as Management Systems, Network Management Systems, or backend systems) are the brains in the IoT. SMS interacts with intelligent databases that contain intellectual capital information, contract information, manufacturing and historical data.
SMS also supports image recognition technologies to identify objects, people, buildings, places logos; and, anything else that has value to consumers and enterprises. Smartphones and tablets equipped with cameras have pushed this technology from mainly industrial applications to broad consumer and enterprise applications. Secure communication allows collected data to be sent securely from the agents/Collection system to the SMS. And while not all IoT endpoints have bi-directional communications, secure communications also allows the SMS (automatically or via a network administer) to communicate back with the device to take action when needed.
In my next blog I will propose a Cisco view of the IoE Security Framework and its attributes.