internet-of-everything

Ad Infinitum – Internet For Everything

Internet For Everything

The hypothesis that a new Internet-for-everything society will come, as it is desired by the fundamentalists, is in fact very weak, not to say improbable” —Philippe Breton

Despite what Breton wrote in 2011, small devices across the globe are increasingly capable of fully qualified networking. This technological advancement of small, autonomous devices equipped with adequate sensors builds up the foundation for the Internet of Things. What Breton was pointing out is that this development is like a Trojan horse, incurring massive social implications. His key message was that this transformation of society is largely unquestioned. Under the populistic notion of practicality, the issue is presented as inevitable, despite the challenges it poses to the core values of his society as he expresses them: the Law, Speech and the Individual.

Clearly, with its close connection to contemporary globalization, the increasing number of tiny, autonomous devices operating throughout society will also raise concerns and research questions about security, privacy and ethical matters. Consequently, there is more and more research published on the technical security of these devices, the networking between them, and their backend systems. Take for example what Hossain, Fotouhi and Hasan contributed in their recent paper for IEEE World Congress. While technical solutions essentially and comprehensively identify and classify the parts and their interconnected links, they leave out the important questions of “who governs” and “whose security”.

Furthermore, technical maneuvers rarely bring about direct financial advantages for businesses.

Backdoor in the refrigerator

future-techThe technical vulnerabilities of interconnected devices are often explained using rather abstract, if not surreal, scenarios. Yet the fact is that networked small devices often provide new injection points for various rogue actors, and also generate new business for security appliance providers.

These fictional examples are often reinforced by referring to more severe environments like healthcare, industrial or military appliances where a backdoor in one small device could compromise the whole system. Many nations are presenting these threats as real, and investing in research both to identify them and sometimes also to gain offensive capabilities. As the basis of the Westphalian State is to be in possession of the ultimate coercive force, the local law enforcement office eagerly wants to secure their ability to invade your fridge. The armed forces, on the other hand, might want to do the same thing abroad for the sake of national security.

The threat is not that far-fetched, as recent headlines have demonstrated how innocent game consoles were used for plot against the sovereign. While competent security agencies are well aware that state security involves much more than taking away or intercepting digital toys, this kind of headline incurs huge value for the securitizing process in the public mind.

Global Business Infrastructure

The fundamental aims when securing any information system are to ensure that the data stays coherent, confidentiality is not lost and the data is available when needed. While these and any derived requirements are commonly implemented today in traditional web applications and infrastructure, by definition, the complex and evolving IoT has some particular restrictive characteristics. Yet for global businesses, and indeed, as noted, increasingly for states too, it is essential that they and their customers are able to operate safely in the world of Things.

tech evolution

Many devices in the mesh-like network of Things are expected to be rather autonomous, and yet need to be in connection with other devices. As such, a backend system is usually included in the architecture, to coordinate communication across the devices. While useful from the point of view
of the application, this kind of dependence and transfer of data will introduce an expansion of the borders of the IoT security domain. While completely autonomous devices could conceptually be developed, in practice, business and legal requirements often lead to practical hybrid solutions, where parts of the application and data are stored on the device and parts are shared across the network.

Perhaps one of the most widely spread IoT-like systems is the RFID or biometric passport. Capable of storing essential details and getting power over the air, it contains essential cryptographic features to ensure that gates at the border are not easily led astray.

biometric-passports

(Image Source: Automatic Border Control Process – Wikipedia)

Active chips are equipped with an internal power source, so that they can initiate communication as well. While they are forerunners on the market of Things, these small devices have also been known to be tragic examples of failures of security. Setting up a trivial antenna on the street could initiate connection to any passport within range, and by knowing or guessing its password, gain access to personal details. While the feature is apparently designed for the border gates, it demonstrates the practical dangers of building backdoors in the Internet of Things.

By Kristo Helasvuo

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and consultancy services.

Are you a cloud services expert in a world of digital transformation? If so, contact us for information on how to become part of our growing cloud consultancy ecosystem.

CONTRIBUTORS

Safeguarding Data Before Disaster Strikes

Safeguarding Data Before Disaster Strikes

Safeguarding Data  Online data backup is one of the best methods for businesses of all sizes to replicate their data ...
Imminent IoT Eye-Tracking Technologies To Transform The Connected World

Imminent IoT Eye-Tracking Technologies To Transform The Connected World

IoT Eye Tracking Smelling may be the first of the perceptible senses, but the eye is the fastest moving organ ...
4 Open Source Business Intelligence Tools For Big Data Reporting

4 Open Source Business Intelligence Tools For Big Data Reporting

Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up ...
Scale Matters in the Enterprise Cloud

Scale Matters in the Enterprise Cloud

The Enterprise Cloud What used to be an unknown and mysterious term, “the cloud” is now a common and mostly ...
Chris Gerva

Why Containers Can’t Solve All Your Problems In The Cloud

Containers and the cloud Docker and other container services are appealing for a good reason - they are lightweight and ...
The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, ...
The Rise Of BI Data And How To Use It Effectively

The Rise Of BI Data And How To Use It Effectively

The Rise of BI Data Every few years, a new concept or technological development is introduced that drastically improves the ...
Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in ...
AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility Earlier this week, AWS S3 had to fight its way back to ...
The Good, Bad, and Downright Ugly Takeaways from WikiLeaks’ Vault 7

The Good, Bad, and Downright Ugly Takeaways from WikiLeaks’ Vault 7

WikiLeaks’ Vault 7 If you haven’t heard of the Vault 7 WikiLeaks data dump, you’ve probably been living under a ...

NEWS

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system (Reuters) - Hackers likely working for a nation-state recently penetrated the safety system of ...
U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

DOWNERS GROVE, Ill., Dec. 8, 2017 /PRNewswire-USNewswire/ -- New hiring in computer and electronics manufacturing and technology services and custom ...
email as a service

Google Data Analysis, Artificial Intelligence and Predicting Vaccine Scares

Social media trends can predict tipping points in vaccine scares Analyzing trends on Twitter and Google can help predict vaccine ...