Prof Kary Främling from Aalto University and the Coordinator for the bIoTope addressed key IoT security challenges with a presentation "Secure Trust and Information Access for the Internet of Things" at the Architectiong the Digital Enterprise Conference in Amsterdam on 23 October 2017.
Synopsis: In the Internet of Things context, trust will need to be established in more direct ways, even by recognizing a friend or a family member and trust their information, or the information provided by their devices. Such "friend-based" authentication can be used for instance in smart homes and extensions of it. In the future, trust might be established based on several authentication mechanisms that mix the classical PKI approach with "friend network" and blockchain-based technologies. Authorization and access control will need to be supported on a much more fine-grained level than before in the Internet of Things, where different users will have different access rights in different contexts and depending on their roles. The presentation showed how these concepts can be implemented in different "smart" settings, notably smart homes and smart cities.
Key takeaways from his presentation:
- Insight into the forefront on IoT security concepts
- New ways of dealing with ad hoc trust relationships in IoT
- How to information model standards such as Open Data Format (O-DF) for specifying access control
The presentation was made in collaboration with ControlThings and The Open Group, who are also partners in the bIoTope project, and can be downloaded here.