Internet Of Things – Developing a Classification Framework
Session Topic: Internet of Things
Tuesday 1E
Convener: Jeff Stollman
Notes-taker(s): Dave Sanford
I came late to session, the group was in the process of creating a framework for devices in the Internet of Things (IoT). On the whiteboard was:
Discussion at that point was about multiple user cases including bathroom scales, cars where user identity comes into play. Some discussion of constraints against ‘self-incrimination’, information created in these devices that no amount of ‘discovery’ can collect – related to search and seizure.
Also discussion of the varying degrees of discoverability required for IoT devices, ranging from passive sensors that are configured and provide data but don’t need to be discoverable, through some limited/authenticated domain of discoverability (my house/my cert), to freely discoverable on the Internet – with lots of variations between those points.
Discussion about the distinction between user and administrator. For some devices user might be always able to be both, in other cases the ‘household CTO’ and others will require some involvement in operations and maintenance by an outside party.
A useful proposed norm for migrating to ‘smart devices’ was “When you replace a device with a smart device, it should by default act like the dumb device it replaces until it is reconfigured”. It was agreed that this will not apply to all types of devices or for that matter business models of device makers.
As part of clarification of the Consent/Direction axis there was discussion of explicit authentication vs. unwitting use which is authorized vs. outside administrator. Some people viewed this axis as about authorization and permission, whereas Jeff indicated that he had proposed it as who consented/directed the device.
More discussion of authentication – included some fairly weak forms of authentication/discovery/ joining of personal networks – including stronger (user, device cert) but also allowing weaker (location, network access. We agreed that dumb devices combined with weak authentication could lead to undesirable results (e.g. my fitbit sending data to someone else’s account when I’m in their house).
Some devices are input only, some are output only, both and they may vary widely in their amount of processing and discoverability.