Categories
Improving Technical Security Internet of Things (IoT) Technology

Using the Collaborative Security Approach to Address Internet of Things Security Challenges

Two years ago, our “Collaborative Security Approach” proposed a way of tackling Internet security issues based on the fundamental properties of the Internet and the voluntary cooperation and collaboration that’s been prominent throughout the Internet’s history. In this post, let us look at each of the five key Collaborative Security characteristics as they apply to security of the Internet of Things (IoT).

Fostering Confidence and Protecting Opportunities. In short, we should always have these objectives in sight when developing security solutions.

The IoT is a rapidly developing industry sector. Beginning with providing internet connectivity to isolated systems (e.g. cars, early generation SCADA systems), it is evolving into complex distributed systems enabling communication between (embedded) sensors and actuators with application, data storage and middleware components.

The main drivers for this explosive development are:

  • cheap and small sensors and actuators that can be attached to almost any physical object;
  • ubiquitous wireless connectivity;
  • application clouds, allowing to separate an upgradable intellect from the “smart” objects themselves (a more appropriate name would in fact be “dumb objects”).

Unfortunately, as is often the case with fast-pace developments, security of IoT components and the system as a whole is lagging. Price and functionality features take higher priority.

We need to make security and privacy the most important features. Never before has the virtual world penetrated so deep into our physical lives, and if the gap isn’t shortened there is a high risk of long-term damage to user confidence in the IoT.

Addressing security challenges must be done while preserving the fundamental drivers. For example, too rigorous security requirements for devices may stifle innovation and development, while addressing system wide security is a more appropriate and long-term strategy.

Collective Responsibility. This notes that participation on the Internet means global interdependency. If participants act solely in their own self-interest, not only is the security of the internet affected, the social and economic potential of the internet to the global community also diminishes.

The IoT is not a thing, not even zillions of things; it is an interconnected system. Subsequently, there are many parties with a stake in security, including:

  • Vendors of sensors and actuators (devices)
  • Middleware developers
  • Application developers
  • Protocol developers
  • Middleware operators
  • Application services operators

Figure 1: Generic IoT model

All of them are interested in a sustainable IoT, but not all of them realize its dependence on security. Each player has responsibility in the overall security of the system, and each of them can be the weakest link that undermines it.

And we should not forget another important “stakeholder” – the user, be it an organization, municipality, government, or individual. All of them have a stake and responsibility. Their choices define how valuable security features are.

Fundamental Properties and Values. In short, solutions should be compatible with human rights, values, and expectations (e.g. privacy), and what we call the “Internet Invariants” (open standards, voluntary collaboration, reusable building blocks, integrity, permission-free innovation, and global reach).

As I just emphasized, the IoT is a system that should be analysed and addressed as a whole. Focusing on isolated components without holistic risk and threat analysis tends to provide temporal fixes (if any), and may significantly hinder the innovative potential of the IoT.

Because the Things in IoT are part of the bigger internet, it is important that the solutions build on and do not harm the fundamental properties of the internet – the Internet invariants.

Privacy implications of unsecured IoT systems are far reaching. Even if the system is secure, the breadth of the data collection should be carefully assessed. Recommendations outlined in the 2016 Global Internet Report provide an essential baseline.

In the IoT world, security and privacy often translate into human safety; these crucial factors should be part of the overall risk analysis and risk management.

Evolution and Consensus. In summary, security solutions must be grounded in experience, developed by consensus, and evolutionary in outlook. They need to be flexible enough to evolve over time. In a quickly evolving system, an open, consensus-based participatory approach is the most robust, flexible, and agile.

Security building blocks with a proven track record of protection and deployment in the greater Internet should be used as much as possible. Not every solution works for the Internet; some take off quickly and some never see wide deployment. This experience should be used when looking at security solutions for the IoT.

IoT is rapidly evolving. The most effective solutions are those that anticipate the development trend and address the problems of tomorrow. In developing such solutions, all players need to be brought to the table to produce most robust, flexible, and agile outcomes.

Today, there is a tendency to associate almost any device connected to the Internet with the IoT. Many such devices, like modems, routers etc., have existed since the birth of the Internet, and if we only focus on solving their problems we will miss important emerging threats. IoT systems are distinct in how the “things” are communicating, and how they are administered and controlled. Recognizing these patterns and trends is a key to effective long-term solutions.

Think Globally, Act Locally. For greater effectiveness and efficiency, solutions should be defined and implemented by the smallest, lowest, or least centralized competent community at the point in the system where they can have the most impact.

IoT security is hampered by negative economic factors, such as negative externalities and information asymmetry. This is not unique to the IoT; our recent analysis of data breaches revealed similar issues.

For instance, device vendors do not provide strong security because they do not bear the costs of security exploits. And consumers have no way to assess the security of the IoT system as a whole, thus diminishing motivation for the vendors to deliver secure solutions. There are other examples.

I mentioned several key players that take part in creating an IoT ecosystem. Understanding the relationships between them, their motivations, and incentives helps steer their behaviour and operation toward most favourable outcomes.

For example, raising consumer awareness of the risks of connected devices can help establish ranking or certification programmes, like the one started by Consumer Reports in the USA.

What is crucial here is “norm setting” based on industry-developed and agreed principles and recommendations. A great example of such an effort is the Online Trust Alliance IoT Trust Framework that includes 37 principles addressing privacy, security, and sustainability of the IoT systems.

Looking at the trends again, it seems that consumers will be less interested in do-it-yourself IoT installations, but rather go for a “platform,” like HomeKit, Alljoyn or Weave. The platform vendors and operators can differentiate themselves based on security and privacy protection of their systems, as well as provide necessary pressure on the component suppliers (for example, through programs like MFi by Apple. Providing independent assessment of the security level of the platforms and associated certification or ranking can have a significant impact on the whole IoT ecosystem. Again, security frameworks like the OTA IoT Trust framework provide a good foundation for such activity.

Conclusion

It is unrealistic to expect we can achieve absolute security for the IoT. Nor it is necessarily desirable, as getting closer to this goal may have unbearable costs. It is about how to keep pace and strike right balances when trade-offs are encountered. We hope that the collaborative security approach can help us think about both.

To learn more, you can read about our Collaborative Security Approach and our work on the Internet of Things.

Categories
Improving Technical Security Mutually Agreed Norms for Routing Security (MANRS)

A new approach to Internet security comes to Cape Town

The Internet Society will present its approach to online security – Collaborative Security –  at the Mobile 360 conference and people who are there to contribute their share in ensuring trust on the Internet.

Mobile 360 is a conference that gathers telecom and Internet operators, governments, civil society and others. The meeting takes place in Cape Town, South Africa, from October 7 to 9. This year, one of the hot topics of the conference is Internet Security, which has become the leading preoccupation of network operators, governments and users alike.

The Internet Society will present its Collaborative Security approach to Internet Security. This strategy is based around the thought that, since it’s people who hold the Internet together, a truly secure Internet can only come from people cooperating and working together.

In the last three decades, the Internet has changed the lives of most of us around the world. It has been a cornerstone in remarkable social and economic innovation in ways that we could never have imagined.

This has been possible thanks to the intrinsic properties of the Internet that never change.  

However, these same features have made attacks to the Internet and its users by criminals easy. Its “openness and global reach” have made cross-border attacks and cyber crime easy to operate. Its “permission-free innovation” has facilitated the development and deployment of malware. Even its “spirit of cooperation” is misused by people with malicious intent.

Until recently, the most dominant approach to Internet security has been targeted towards fighting external and internal threats. This paradigm has proved to be inefficient and sometimes a risk for the growth of the Internet. There is, however, a growing recognition of a new paradigm that Internet security should be about protecting opportunities for economic and social prosperity, as opposed to a model based on preventing perceived harm. 

The collaborative security approach is built on this and has five key elements:

  1. Fostering confidence and protecting opportunities: The objective of security is to foster confidence in the Internet.
  2. Collective Responsibility: Internet participants share a responsibility towards the system as a whole.
  3. Fundamental Properties and Values: Security solutions should be compatible with fundamental human rights and preserve the fundamental properties of the Internet, thus the Internet Invariants.
  4. Evolution and Consensus: Effective security relies on agile evolutionary steps based on the expertise of a broad set of stakeholders.
  5. Think Globally, act Locally: It is through voluntary bottom-up self-organization that the most impactful solutions are likely to be reached.

Network operators are major stakeholders that can contribute to the collaborative security.

One very practical way for operators to implement their share in bringing trust for users is by implementing best practices in operating their networks. Mutually Agreed Norms for Routing Security (MANRS) defines four concrete actions that network operators should implement including

  1. Prevention of propagation of incorrect routing information.
  2. Prevent traffic with spoofed source IP addresses.
  3. Facilitate global operational communication and coordination between network operators.
  4. Facilitate validation of routing information on a global scale. 

The Internet Society urges African network operators to subscribe to MANRS and contribute to making Internet routing more secure for the benefit of all.

Learn more about ‘The Power to Browse: Internet Governance for Digital Africa’ Panel Discussion from Mobile 360 Conference Agenda

Categories
Open Internet Standards Technology

Taking the Internet for Granted

The availability of the Internet, the ubiquity of IP, is something the current generation of ICT professionals takes for granted. Having global reach when their applications and services are connected to the Internet is something that is as logical as the sun coming up in the morning and setting at night. It’s a sign of success, but also has consequences for the future.

Last week I visited Nairobi, Kenya to attend the African DNS forum, the Nairobi Intercommunity 2015 Hub, and to have conversations with students and innovators. What follows are some impressions from my visit to the United States International University in Nairobi where Prof. Meoli Kashorda from the Kenya Education Network (KENET) invited about 300 university students from 24 universities around the country for a public lecture about the Internet.

In a room bursting with ambition, I spoke about Internet architecture and talked about the Internet Invariants. I think that a majority of the students – only one of which had not used the Internet in the hour proceeding the meeting – had not really appreciated the foundational nature of the innovative freedom of the Internet. That, when they develop an application and want to deploy it on the Internet, they do not have to ask anybody for permission; that their application has instant global reach; and that, in order to maintain those properties, real work is being done in the policy and technical spheres.

I talked about Open Standards as technical building blocks and the fact that in some cases collaboration through standardization may bring competitive advantage. Or put differently, that the Internet is about competition where possible and collaboration where needed. I took some time to explain the workings of the IETF and talked about the Code Match initiative that is currently being developed. Code Match is a dating service between specifications and developers that has a great potential to draw in young talents.

While the Internet’s plumbing may not directly be on the radar of these students, it is definitely on the radar of our KENET host, Prof. Kashorda. At the end of the session he offered a travel grant for a talented student to attend a future IETF. I strongly believe that these sorts of initiatives are helping to create a mindset that the Internet’s invariants will not be invariants when they are not being maintained. This is the sort of initiative that strengthens the global and local Internet community.

Deep bow.