Once a farfetched concept thrown around by technology enthusiasts, the Internet of Things (IoT) is now becoming a reality. Consumer adoption of network connected technology is on the rise, with 69 percent of consumers planning to buy an in-home device in the next five years, according to the 2014 State of the Internet of Things Study. By the end of this year, 13 percent of consumers will already own an in-home IoT device such as a thermostat or in-home security camera.
Samsung’s CEO, Boo-Keun Yoon called not only for greater collaboration between tech companies to facilitate the IoT ‘explosion’ in our lives, but he also raised an interesting point about protecting ‘people’ rather than ‘things’. As with any new technology, there is the potential for significant challenges too. In the case of IoT, data breaches and privacy have the greatest potential for causing harm. As devices and ‘things’ increasingly carry out our tasks for us, becoming our ‘eyes and ears’, there is more sensitive consumer information at stake. Just one breach could have detrimental consequences for those affected.
A foundational element at the heart of any IoT device has to be an ‘identity layer’ that will allow the secure deployment of a large number of connected devices and allow access and service to the right individuals. Identity – in other words, ‘the collective aspect of the set of characteristics by which a thing is definitively recognisable or known’ – can be proved through sophisticated and complex set of authentication techniques, most prominently led by the password. While interconnectivity between different networks has been traditionally limited, continuous upgrades to the underlying, invisible infrastructure grew to allow an ever-greater stream of information to flow.
The latest technological developments tackle this problem by reducing the number of passwords required to authenticate different applications and trust domains. They allow users to authenticate once with an existing credential to a trusted domain and be issued with a token that allows it to authenticate to other actors and other domains.
Federated Single Sign On (SSO) technology, for example, allows passwords to be replaced with standardised security tokens for everyday tools and services such as social media apps or emails. These tokens are issued by a website the user has logged into directly but simultaneously gives access to a range of other applications – mitigating a password explosion and simplifying the process for the user.
SSO technology also allows the authentication of a specific device to be tied to a particular user by issuing tokens specific to a ‘relationship’. The growing prevalence of IoT will result in many devices operating on a behalf of a particular person, or set of people, this kind of distinction will be crucial.
It’s not clear to what extent IoT will be embedded into our daily lives, but it looks certain that – whether we want to or not – we will likely hand over a substantial part of our decision-making to our connected devices. As such it is vital that we have solid and secure infrastructures in place that are capable of evolving alongside and in symbiosis with technological advances – authentication tools have to be simple, reliable and universal.
Hans Zandbelt is senior architect, office of the CTO, at Ping Identity.
What do you know about the Internet of Things? Take our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…