App-ID Registry: Securing the Internet of Things (IoT)

The number of connected Internet of Things (IoT) devices continues to grow rapidly, driven by an increasing range of use cases and business models combined with declining device costs.  Cisco[1] predicts upwards of 14 billion connected IoT[2] devices by 2021, while according to the most recent Ericsson Mobility Report[3], the number will reach 18 billion by 2022.  This growth rate is staggering and the need for connectivity, security and interoperability between applications and devices has never been more critical. In fact, ATIS sees it as essential to unlocking the IoT’s limitless potential.

The M2M/IoT market has been evolving from vertical, single-purpose M2M solutions, such as traditional car telematics (e.g., OnStar), fleet management and utility metering, toward multi-purpose and collaborative applications that leverage sensors, devices and information systems across numerous industry verticals and organizations, thus creating an IoT ecosystem.

The current M2M/IoT environment is fragmented and characterized by silos containing custom-built applications, devices and middleware. There have been some encouraging IoT successes in user experience, cost efficiency and business optimization, however, the future of IoT will require interoperability and standardized components to facilitate a seamless integration of devices, networks and applications across a wide range of market segments to foster new opportunities and services.

oneM2M

To achieve this objective, a consortium of eight international standards bodies and more than 200 companies have developed the oneM2M framework to offer a common service layer that allows applications, devices, and services to interconnect. With oneM2M, applications can operate globally across multiple verticals and service networks.

A key element of the oneM2M framework is the application ID registry (App-ID Registry), which provides globally unique identifiers to support data sharing, interworking, and security across IoT platforms and systems, enabling them to securely communicate with each other in a standardized manner.  This capability will increase IoT solutions’ value by reducing costs, providing faster time-to-market, as well as improved security. It also creates an IoT environment of innovation that is trusted and secure.

IoT Security

In today’s rapidly growing IoT environment, authenticity and data security problems are rampant and pose great challenges.  These include unsecured supply chains for IoT devices, no mechanism to manage unknown IoT devices, as well as BYOD consumer IoT services that enable connections of devices outside of direct control. We need to acknowledge and address the simple fact that IoT devices support a wide range of security mechanisms, including X.509 Certs, pre-shared keys, raw public keys, however, in many cases, no security at all. From toasters to baby monitors, IoT devices have shown vulnerability to cyberattacks.

Furthermore, in the current environment, IoT security is highly fragmented and characterized by proprietary technical implementations and weak security that creates silos and restricts interoperability. As such, a reliable mechanism to validate identity integrity for a connecting IoT application is critical to securing IoT services and the resulting trust that interoperability depends upon.

For many IoT applications that support industries such as healthcare, the smart city and critical infrastructure, device compromise can be a significant concern, with potentially catastrophic consequences. From connected healthcare devices critical to individual therapies to ‘things’ that help control our water quality or balance in the power grid, there are billions of connected things that will affect nearly every facet of our lives and society in general. It is imperative that the industry address the internet of insecure things.

App-ID Registry

The App-ID Registry enables applications to identify themselves in a consistent, standards-based way to the service layer.  It provides a guaranteed means for uniquely identifying each oneM2M application and device.  This enables any IoT application from any developer to communicate and share data with any IoT device.  In addition, it offers trusted identity and authentication of IoT application data.

It is particularly valuable for organizations that do not operate within the same networks or platforms and which could not easily communicate with one another. The App-ID Registry helps to bridge these silos enabling a much broader addressable market opportunity for application developers, device makers, and service providers.

For example, a smart city will likely use multiple suppliers for its IoT devices and applications as well as support multiple users of this data.  It could also support “visiting devices” from tourists and business travelers, making it very difficult for these devices to securely communicate. Data interoperability is critical for successful implementation of many smart city solutions – such as transportation, public safety, event management and government services, as a few examples.

Another example where interoperability is critical to success is the smart home.  Many companies engaging in this space only develop products and applications for one or two device categories – such as smart locks or lighting controls. For service providers to offer a complete smart-home solution, it will be necessary for multiple solutions to work together seamlessly.  Partnering becomes much easier once developers open up their interfaces and use the App-ID Registry to gain visibility in the smart-home ecosystem.

The App-ID Registry offers numerous benefits across the entire IoT ecosystem.

  • For device and application vendors, the Registry provides the ability for IoT devices to be uniquely identified and authenticated so as to be broadly adopted by any IoT service provider, increasing the addressable market opportunity. The registry provides metadata regarding the characterization of the IoT device and the format of the data it produces, thus interoperable for integration with any appropriate application. All this enables applications to be compatible with a greater range of devices, thereby improving cost effectiveness, while enhancing the rate of innovation. Finally, certification increases buyer confidence and brand value.
  • For IoT platform and system integrators, the App-ID Registry helps to streamline the onboarding process and allows integration with broader range of IoT devices, while reducing the cost of ongoing management
  • For IoT network operators and service providers, the App-ID Registry encourages open yet trusted access which results in broader adoption for a larger range of IoT devices and their data to enable more innovation and the resulting revenue possibilities.
  • For consumers and other end users, the App-ID Registry makes it easier to participate in services in a IoT BYOD environment, and ensures privacy controls over data use.

ATIS & iconectiv

oneM2M has designated ATIS, a oneM2M founding partner, as the Management Authority for the Application Identifier (App-ID) registry, while iconectiv is the Registration Authority and provider of the App-ID Registry.

As the number of devices, applications and developers in the IoT market continues to grow, the App-ID Registry ensures that IoT devices and their applications are both unique and discoverable with levels of trust that enable all this to be managed at scale.

For the IoT industry, the App-ID Registry lowers the cost of implementation, integration and ongoing management of IoT applications and devices; and enables a broader inclusion for IoT device manufacturers and consumers. Perhaps most importantly, the Registry ensures that IoT applications and the data they produce can be trusted, limiting IoT security vulnerabilities and maximizing service innovation through increased interoperability that is also secure.

Access the oneM2M App-ID Registry Portal here.

[1] Cisco VNI Global IP Traffic Forecast, 2016–2021. (http://www.cisco.com/c/en/us/solutions/service-provider/visual-networking-index-vni/index.html)

[2] Connected IoT devices include connected cars, machines, meters, sensors, point-of-sales terminals, consumer electronics and wearables.

[3] Ericsson Mobility Report, 2017. (https://www.ericsson.com/en/mobility-report)

Chris Drake, ATIS TOPS Council Chair and CTO, iconectiv
Chris Drake, Chief Technology Officer at iconectiv, is responsible for internal and external technology initiatives at iconectiv including emerging opportunities in mobile content, CyberSecurity, mobile identity, virtualization and M2M/IoT. iconectiv’s market-leading solutions enable the interconnection of networks, devices, and applications for more than two billion people every day.

Comments