IoT and the future of cyber security

Adept at Adaptation

As the go-to-market race to support the Internet of Things (IoT) begins to heat up, malware producers and hackers are already targeting these pervasive devices. Strong warnings are emerging from governments and threat intelligence sources about vulnerabilities in this target-rich environment. It will be imperative for the IoT ecosystem of manufacturers, vendors, integrators, enterprises, and consumers to consider adaptive defenses to thwart these adversaries in their attempts to undermine and harm this emerging market.

There are different approaches lining up that are intended to securely transport and store the data, securely interface these devices, and securely manage systems of IoT devices. One of these approaches that I think deserves attention was recently announced by IBM researchers and is called Adept. Adept combines three components of open source software to produce a self-protecting, self-organizing, distributed infrastructure that may be ideal for the IoT. These adaptive components consist of:

  • Bitcoin’s block chain technology – a method to define and secure relationships between entities in a peer-to-peer (P2P) system such as between a device and a user or between different devices,
  • BitTorrent – a file sharing protocol that supports low bandwidth, distributed P2P environments,
  • Telehash – a new secure P2P messaging protocol.

Each of these components relies on cryptographic hashes to execute their designed purpose.

The block chain is the distributed transaction processing engine that keeps track of Bitcoin and other crypto-currencies, however it can be adapted for more than just to support virtual currencies. Basically it’s a technology that allows data to be stored in a variety of different places while tracking the relationship between different parties to that data. In practice it uses cryptographic hashes to protect the block chain and to track relationships between devices, between a user and a device and between two devices with the authorization of a user. BitTorrent is used to help track and distribute the content to be shared between the communicating devices. BitTorrent leverages distributed hash tables (DHTs) to name and locate objects for sharing in the distributed IoT infrastructure. Telehash is a messaging protocol built using JSON, UDP and DHTs to send messages between endpoints. It provides an end-to-end encryption library that any application can build on – the end being a device, browser, or mobile app. It works by having every endpoint generate its own unique public key-based address to send and receive small encrypted packets of JSON (with optional binary payloads) to other trusted endpoints. It also provides an automatic routing system based on hash tables to assist in creating a full P2P mesh between all endpoints.

IBM is currently working with Samsung to develop a prototype of this capability. This means someday your smartphone could securely communicate with your door lock or that you could approve someone else to communicate with the door lock without having to rely on a cloud provider to manage these capabilities. Those relationships would be stored on the locks and your phones. The devices would interface through BitTorrent to share files and through Telehash which could send a secure message to unlock or lock the door. By building a platform that keeps the intelligence at the device level, the IoT can operate without a manufacturer’s constant attention.

The Internet of Things

From an architecture perspective, Adept is highly adaptive and secure through its application of cryptographic hashes and distributed hash tables. Distributed hash tables (DHTs) characteristically emphasize the following properties:

  • DHT designs are autonomous, enabling nodes to collectively form the system without any central coordination,
  • DHT designs seek to be secure against malicious participants,
  • DHT designs are reliable (in some sense) even with nodes continuously joining, leaving, and failing,
  • DHT designs are scalable and should function efficiently even with thousands or millions of nodes.

These characteristics seem to be a perfect fit for the Internet where millions if not billions of IoT devices are envisioned as low-cost, low-maintenance devices that should run for years. Having an adaptable but relatively low cost security approach should help to fend off the majority of cyber attacks against the IoT infrastructure. But with this architecture and the use of block chain, one could actually create new business models around sharing more than just data. Devices could share computer power, or bandwidth or even electricity via the block chain’s instructions. And while Bitcoins are built to be difficult to mine via computation, there’s no need for the Adept platform to rely on scarcity, meaning that the hash tables could track any number of variables.

One catch to Adept is the computational processing power needed to construct block chains. IBM researchers believe that the next generation of IoT devices will be based on more powerful ARM chips rather than 8 bit embedded processors. Or just offload the processing to the Bitcoin network. An alternative approach could utilize cyber foraging which allows mobile devices to discover and exploit cloudlets that are around them. Some examples of cyber foraging include:

  • Computational offload, which would divert computing from a mobile device to a faster nearby machine.
  • Data staging, to improve data transfers between mobile devices and the cloud by temporarily staging data in transit.

Cloud networks may improve network services through cloudlets – hubs that can serve as intermediaries between mobile devices and larger cloud services. The hubs could be objects — cars, traffic lights, wireless routers — that are already interacting with the Internet but could give and take data as the need presents itself. A big advantage of cloudlets would be their ability to operate despite being disconnected from the Internet. Cloudlets could be offered and managed by a local utility provider or a CSP.

So tell me what you think of this adaptive security approach. Thanks for reading and keep adapting.