Identity in the ‘Internet of Things’
25 March, 2014
category: Digital ID
“The Internet of Things” is not a new term and has generically been used to talk about connecting things other than computers, laptops, smart phones and tablets to the World Wide Web.
Increasingly other types of devices – thermostats, refrigerators, wearable technologies – have the ability to be connected to the Internet. Making sure only authorized individuals have the ability to interact with these “things” is going to become important.
“Almost Human,” a Fox buddy-cop show set in the not-so-distant future, sees a police detective and his android partner investigating various crimes with technology running amok. One episode focused on a home security system that was hacked and ended up killing the owner’s of the residence.
While this might be far fetched, Internet enabling different devices in the home is becoming more popular. I’ve had an increasing number of conversations the last couple of months with companies explaining what they’re doing to secure other types of devices online that one wouldn’t typically think of being Internet-enabled. The Nest thermostat might be one of the most prominent examples.
The Nest thermostat hooks up to a home’s Wi-Fi network and can be controlled from a smart phone or tablet. Now you don’t want just anyone to be able to control your thermostat, so there has to be security in place that makes sure only authorized individuals have access to make the changes.
The Nest is one example and while the conversations are increasing now the conversation began last summer at the Gartner Catalyst Conference. Patrick Harding, CTO at Ping Identity, talked about how all these different devices will be working together and speaking to one another in the future to make life easier.
As an anecdote, he used talk about going for a run and wearing an activity tracker that would communicate with the home and make sure the air conditioning was on when he arrived.
That story in particular resonated with me as I enjoy running. While this particular function would be nice, the gripe I have is that every time I plug my running watch into my computer I still have to enter my user name and complex password to upload my run information. I don’t understand why my watch can’t act as one factor of security for my login.
But we’re moving to an age where that might be happening. The Jawbone Up, Nike Fuelband and other wearable technologies might start serving as one factor of authentication for different tasks and will compliment the suite of smart watches starting to come to market. These devices will link with smart phones and then communicate with the cloud for different tasks.
There’s also the emergence of low-power Bluetooth as a potential identification technology. Apple has been placing this technology into its laptops and iOS devices since 2012 and its iBeacon technology uses the communication protocol. Some insiders say that Apple has given up on NFC and it will use low-power Bluetooth for a variety of tasks.
Low-power Bluetooth is also widespread, having been placed in most smart devices for the past couple of years. I’m exploring how this technology is a serious threat to NFC for a story in the summer issue of Re:ID.