This is a presentation from the Kantara Initiative Identities of the Things (IDoT) Discussion Group. The presentations summarizes the findings to date of the DG for next steps and industry discussion and innovation.
Presentation on how to chat with PDF using ChatGPT code interpreter
IDoT: Challenges from the IDentities of Things Landscape
1. Challenges from the
Identities of Things
Kantara
Utrecht Sep 04/05th 2014
Ingo Friese,
Deutsche Telekom AG,
Berlin, Germany
2. A closer look at the Identities of Things.
Agenda.
Exemplary IoT Scenario
Object Identifier and Namespace
Authentication and Authorization
Ownership and Identity Relationships
Governance of Data and Privacy
7. Object Identifier and Namespace
It needs new mechanisms to find identifier and
addresses of communication partners in the IoT.
Example XRI
xri://construction-community.org/(urn:yelllowMachine.serialno:#123abc)
xri://construction-community.org/(urn:abcConst.license:#B-BC1234)
„Yellow Machine Inc.“
serial no. as identifier
e.g. #123abc
construction-community.org
„ABC
Construction Inc.“
license plate
as identifier
e.g. B-BC1234
How to address?
10. Strong Authentication 1/2
How to strengthen authentication means in the
IoT?
User Identities
Something you
know + have + are
Identities of
Things
Something you
know + have + are
?
11. Strong Authentication 2/2
Context-based authentication.
Additional information could be taken e.g. from the network layer, from geographical
information or from other use case specific factors.
12. Authorization 1/2
OAuth – Authorization for the “classic” Internet.
Application Authorization
Server
Token Request
User Login & Consent
Resource
Server /
API
Endpoint
Code
Exchange Code for Token
Token Response
Call API / Get Resource w/ token
User
User has to
be online !
13. Authorization 2/2
User Managed Access - Authorization for the
IoT(?)
Application Authorization
Token Request
Server
Resource
Server /
API
Endpoint
Code
Exchange Code for Token
Token Response
Authentication & Consent
Call API / Get Resource w/ token
Policies
and
Identity
Claims
15. Ownership and Identity Relationships
Things or objects in the IoT often have a
relationship to real persons.
user
owner
Thing group of users
administrator
Identity relationships in the IoT have an impact on other identity related processes
like e.g. authentication, authorization or governance of data.
16. Identity of Things Lifecycle
Identity lifecycles in the IoT can be much
longer or shorter than in classic user-related IdM.
ID update
ID creation
provisioning
ID update
ID revocation
de-provisionig
In the Internet of Things objects have very different lifetimes ranging from years or
decades down to days or minutes.
18. Governance of Data and Privacy
The problem.
Data produced
in a IoT device
……
Position
Velocity
Usage of Gas
Oil temperatur
Oil pressure
Engine status
…
GPS
Persons having
different claims
to data
owner
user
Sensors
Claims
to data
„I want to use the
position data for
statistics!“
„I don‘t want the
position data to be
used. They could be
used to track my
personal behavior“
19. Governance of Data and Privacy
Users have their claims-to data.
owner
Sensor Data sink 1
user
Data sink 2
Appropriate methods
to be applied to the data
publish
anonymize
discard
encrypt end-2-end
Persons having
different claims
to data
20. Governance of Data and Privacy
The configurable “claims-to” approach.
……
Position
Velocity
Usage of Gas
Oil temperatur
…
encrypt end-2-end
anonymize
discard
publish
Different configurations in different domains, regions and countries.