In creating the internet of things, a challenge arises in understanding how we cope with the billions of “things” to be accurately identified, authorised and securely connected. MEF’s IoT advisor, Andrew Parkin-White, explores a range of issues for consideration when thinking about an IdoT solution and shares the five main areas to address.
Digital personal identity has sparked much debate in recent times but is becoming more widely understood as a result of ecosystem focus and policy initiatives. Identity and access management (IAM) traditionally addressed the relationship between humans and devices but with the dawn of IoT, it now has to cover relationships between devices – the Identity of Things (IDoT). This raises the question of exactly how we allow billions of things to be identified, authorised and securely connected. Here then are five key considerations when thinking about the Identity of Things.
Corporate networks need to evolve to encompass the identity of things
The importance of IAM of things is evident and this need is growing as more things outside enterprise boundaries connect. These businesses will have to recognise the need connecting things as we see identities applied to a diverse range of entities including automotive, telematics, drinks cans, clothing and medication supplies. The vast amount to things with an identity requiring secure connectivity will pose challenges to CIOs and they will need to increase their understanding of the identity of things and become more adept at allowing a vast volume of things onto their enterprise networks.
Traditional identity and access management platforms will not be fit for purpose
IAM is a key consideration that IoT enterprise security teams need to address and is a building block in unlocking the IoT solutions market. It is a complex and challenging area that is ever changing and will deploy at large scale. It is very apparent that these platforms verifying the identity and access permissions of users and things are becoming outdated and inadequate IAM software will stifle the growth of IoT. Many platforms are over ten years old and no longer fit for purpose with a rapid growth in IoT devices and applications and, with this proliferation, these platforms can no longer manage the volume of connections needed. In short, they could become obsolete in a short space of time forcing enterprises to rethink their approach.
When thinking about best practice for an IDoT platform solution, an enterprise will need to assess a broad range of considerations. Each thing will require its own unique and secure digital identity and platforms will need to have appropriate permission management in place.“
Platforms for IDoT will need to be more flexible, agile and scalable
Enterprises need to update their systems to capitalize on the business benefits of IoT solutions and move from a defensive mode to embracing devices outside the boundaries of the enterprise. There needs to be a definite progress from permitting and denying access to systems to actively managing the high volume of things connecting to a corporate network with IAM becoming a key consideration that IoT enterprise security teams need to address.
These IDoT platforms of the future will have distinct requirements. Firstly, they need to be modular as the best method of ensuring the complexity of many users, devices, access points and characteristics. Secondly, scalability is key to manage exponential growth and be flexible in responding to constant fluctuations in the volume of users. Thirdly, they must have borderless operation, as an IoT platform is an anytime, anywhere connection and secure access must be under these conditions. Finally, they should have context sensitivity to enable real time access from non-standard devices or sites.
Enterprises should consider the main functionality required from an IDoT platform
When thinking about best practice for an IDoT platform solution, an enterprise will need to assess a broad range of considerations. Each thing will require its own unique and secure digital identity and platforms will need to have appropriate permission management in place.
The platform should manage active digital identities from trusted sources and be able to integrate third party identities onto it. Device identity credentials need to be secure and the enterprise must be able to authorise and remove identities from its network. It should be capable of real time and adaptive analytics whilst dynamically tracking product flows. The integration of a broad range identities from multiple supply chains is important if enterprises are to generate the value from IoT investments.
Zero touch onboarding and provisioning will greatly support ongoing deployments
Removing the majority of the manual intervention required in adding things to a corporate network, zero touch onboarding enables any device to be connected securely to any cloud through the ability to configure and provision a device automatically. Devices powered in the field can discover their target cloud platform dynamically seconds after provisioning. Intel and Arm have joined forces to allow devices from both manufacturers to offer secure and flexible onboarding for devices to any device or cloud. The connection of billions of devices needs greater simplicity in onboarding and a marked reduction in the time taken to connect each device manually.
Devices can be configured with identity and customer credentials in the factory thereby shortening time to market. By reducing the cost of deployment, the business will realize benefits more rapidly whilst increasing securing and easing in-life device management and flexibility.
In order to achieve market projections, the identity of things has a clear role to play in supporting the development of the IoT ecosystem and IAM platforms need to evolve rapidly to underpin this growth.
Register for the Identity of Things MEF Webinar
Join Andrew Parkin-White and Martin Garner, COO and SVP of CC Insight as they discuss the issues surrounding the identity of things and answer some key questions including, how does the identity of things differ from personal identity, how will identity and access management evolve to cover relationships between devices and how can businesses deploy flexible, agile and scalable systems to embrace secure device identity outside the boundaries of the enterprise?