DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones AWS Cloud
by AWS Developer Relations
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Partner Zones
AWS Cloud
by AWS Developer Relations
Building Scalable Real-Time Apps with AstraDB and Vaadin
Register Now

Trending

  • How Web3 Is Driving Social and Financial Empowerment
  • How To Scan and Validate Image Uploads in Java
  • Using Render Log Streams to Log to Papertrail
  • Incident Response Guide

Trending

  • How Web3 Is Driving Social and Financial Empowerment
  • How To Scan and Validate Image Uploads in Java
  • Using Render Log Streams to Log to Papertrail
  • Incident Response Guide
  1. DZone
  2. Data Engineering
  3. Big Data
  4. Protocols, Security, and The IoT

Protocols, Security, and The IoT

Security and protocols are the leading concerns for the Internet of Things. At IoT Day in Boston, industry experts debated their value to come to a consensus.

Denis Goodwin user avatar by
Denis Goodwin
·
Apr. 21, 15 · Interview
Like (1)
Save
Tweet
Share
6.81K Views

Join the DZone community and get the full member experience.

Join For Free

Written by Paul Bruce

Security was top of mind on IoT Day in Boston last week. Industry experts and over 75 guests debated the value around IoT protocols, security, and theory in the upcoming IoT economy. Moderated by Andy Thurai of IBM, panelists included Michael Campbell of MachineShop, Joe Biron of ThingWorx / PTC, Sean Lorenz of Xively / LogMeIn, and Michael Murray of GM. As Boston people like to say, it was a “wicked good” use of a Thursday evening.

Panel 2: #IoT + #API@SmartBear A3: "We can't oversimplify some of this hard stuff" "APIs are a powerful way through" http://t.co/Up29CB8eGs

— Wicked Smaht ˁ˚ᴥ˚ˀ (@paulsbruce) April 10, 2015

So how safe is this brave new world of IoT going to be for everyone?

We’ve already seen Smart Homes being hacked, drones spying on people’s private property, and postulated about implications as life-threatening as hacking someone’s intelligent pacemaker. These fears are not completely unfounded, they are a reasonable response to technology that is not governed, not curated, and not fully accepted yet by society.

Panel 2: #IoT + #API@SmartBear A4: With any transport / protocol, you have to have appropriate levels of governance http://t.co/Up29CB8eGs

— Wicked Smaht ˁ˚ᴥ˚ˀ (@paulsbruce) April 10, 2015

Technology is only as safe as we make it, with heavy emphasis on “we make it.” As panelist Q&A flowed around topics of authority, responsibility, and ownership over IoT data, the conversation naturally circled around how monetization plays a role in both adoption of new technology and governance. At one point, Thurai asked the panel:

Panel 2: #IoT + #API@SmartBear Q3: Is IoT only about cheap data collection? http://t.co/Up29CB8eGs

— Wicked Smaht ˁ˚ᴥ˚ˀ (@paulsbruce) April 10, 2015

Biron quickly answered, in summary “…IoT is expensive to get in to right now, so it isn’t really cheap, but there’s room to make business models around that…”, to which Campbell followed with the question:

Panel 2: #IoT + #API@SmartBear A1: so then does cheap data collection mean cheap algorithms in the cloud? http://t.co/Up29CB8eGs

— Wicked Smaht ˁ˚ᴥ˚ˀ (@paulsbruce) April 10, 2015

Cheap data itself does not equate to a business model, even ones revolving around data collection. As we have seen with APIs, intelligent combinations of data are key to a great user experience. “Cheap algorithms” as Campbell refers to aren’t just simple, but more like underdeveloped mashups. If anything, being cheap or careless about any choices in IoT is a sure way to lose investor and consumer confidence, much like security breaches tend to do.

How can we avoid treating security as an afterthought in IoT?

Security must be fundamental to all levels of data creation and collection in order to evoke industry and consumer confidence. You can’t rightly expect that iPhone security means keeping your phone in an iron safe. Similarly, the transmission and storage of sensitive data must ensure levels of safety just as much as where the information goes after being collected. Protocols in IoT cannot afford to be insensitive to the topic of security, but at the same time need to maintain flexibility to stay innovative and have a short time-to-delivery.

Panel 2: #IoT + #API@SmartBear A2: a multi-layered approach local, mesh, and cloud is much more versatile... http://t.co/Up29CB8eGs

— Wicked Smaht ˁ˚ᴥ˚ˀ (@paulsbruce) April 10, 2015

From the beginning of the session, APIs were clearly a favored topic, though many past and present data exchange protocols were discussed. At one point, Campbell clarified with the point about APIs, specifically due to talk about MQTT, that “protocols and formats are two different things”.

Panel 2: #IoT + #API@SmartBear A2: Let's not mix up protocols w/ formats. APIs can teach IoT things about standards http://t.co/Up29CB8eGs

— Wicked Smaht ˁ˚ᴥ˚ˀ (@paulsbruce) April 10, 2015

APIs have a lot to teach IoT

This applies equally to the IoT space as it does to APIs, in that the transmission as well as the content both need to implement security at their own levels; one layer cannot stand in for another layer’s lack of security, at least it can’t for very long.+

The final thought from Biron summarized the attitude and openness of the evening’s participation well:

Panel 2: #IoT + #API@SmartBear A2: Let's not mix up protocols w/ formats. APIs can teach IoT things about standards http://t.co/Up29CB8eGs

— Wicked Smaht ˁ˚ᴥ˚ˀ (@paulsbruce) April 10, 2015

That we will, in Boston, in Boulder, in Dubai, and around the globe. But to do so, especially in safe and innovative ways, takes conscious effort in both consumers and technology providers, like meetups such as this and a diversity of inputs to the conversation. So where do you see the role of security in IoT? What conversations are you having on it today?

IoT security Protocol (object-oriented programming)

Published at DZone with permission of Denis Goodwin, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Trending

  • How Web3 Is Driving Social and Financial Empowerment
  • How To Scan and Validate Image Uploads in Java
  • Using Render Log Streams to Log to Papertrail
  • Incident Response Guide

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com

Let's be friends: