One day in 1982, a computer science student at Carnegie Mellon got tired of trudging downstairs to find out if the department’s subsidized Coke machine was empty. He hooked the machine to the local network so that anyone who knew how could check its status whenever they pleased.
Among geeks, that machine became a touchstone for conversations about what a future world of networked modules might be like. As that future has come more into focus, it has become known as the Internet of Things (IoT).
Personal privacy and the old model
For a very long time, what people expected most from the internet was connectivity with each other. And historically, the data that people have been most interested in keeping secure (or breaking into) is data passed between human beings, directly or indirectly. Most information security systems, such as the Public Key Infrastructure (PKI), were built with that in mind.
Even as our lives have become more digitized, the only “things” of which the internet consists, have been, to most people, the devices with which we identify personally: my phone, my laptop. Once we start thinking about the connectivity of objects that might not be associated with a particular person, or even with a group of people—vending machines, tables, air conditioners—the paradigm changes. What does it mean for your office’s “smart” kitchen to be digitally “secure”? What could a hacker do to it (or to you, through it)?
Privacy in the office kitchen
Should using a digital refrigerator require a password? No. Ridiculous. What if it recognizes you based on your phone, or something else in our pocket, via Radio-Frequency Identification (RFID)? Still, too intrusive, too fussy. The point should be to make using the appliance easier than it was before, not harder.
But should the security for logging on to the refrigerator from far away, and to get data on the temperature and what’s inside, be tighter than the security for opening it physically and being able to touch the food?
As we all grapple with these questions, security concerns are one of the biggest obstacles to IoT implementation within companies.
Security management and the myth of the super-analyst
Ironically, one of the biggest advances in cloud security actually obfuscates this problem. When smartphones and tablets first proliferated, the big security question was, What if someone steals your device and pretends to be you? So now we have virtual desktops, two-step authentication, and fingerprint scanners. These methodologies are effective as far as they go, but they also reinforce the soon-to-be-antiquated idea that security is really about the relationship between technology and people.
How many times have we seen this fictional scenario?
A junior analyst buried in work at a cluttered workstation timidly raises his voice:
“Uh, boss? There’s something funny about this data.”
“Eh, it’s probably nothing,” says the boss. “Check it again.”
“I’ve already checked it three times,” says the analyst. “And it looks like this problem has been going on for years.”
“Great Scott, you’re right,” says the boss. “Something is askew. Good job, Smitty. Now, we have to track down the culprit. Without your eagle eyes, we’d have been lost for sure!”
This situation makes intuitive sense, because a) we’ve all wanted to be Smitty, and b) as humans, we assume that, if a technical security breach is discovered, it’s going to be discovered by a person. But exhausted analysts, even really ambitious ones, can’t comb through a terabyte of data, hoping to find something interesting.
Data protection through verification
On the other hand, while computers aren’t always perfect at knowing who is accessing their data, one thing they are very good at is checking to see if the data is still there or whether it has been changed.
In a recent article on TechCrunch, Mike Gault of Guardtime explains that most modern data security solutions focus on confidentiality (restricting access). But the way forward is more about solutions that emphasize integrity.
One popular type of integrity-based data security is called Provable Data Possession (PDP). PDP requires the entity storing the object to prove that everything is still copacetic. This principle has been expanded to Dynamic Provable Data Possession (DPDP), in which the client demands proof that the data was updated properly, and Scalable Provable Data Possession (SPDP), in which the verification materials stay small, no matter how much data needs to be checked. Other options include Merkle trees (hashing your data, and then making hashes of the hashes) and the blockchain (the same system invented to record bitcoin transactions).
So, to take a realistic, everyday scenario, let’s suppose that you own a fleet of self-driving ice cream trucks. They store historical data on customers, inventory, temperature, routes taken, bell volume, and so on. You accumulate 7 petabytes of data, which you store (of course) in the cloud. To reassure you that your data has not been accessed and corrupted by your enemies, any or all of the security mechanisms listed above will regularly check the data to be sure that it’s the same data it was before. That way, you can keep your mind on actually running the business.
Moving from personal integrity to data integrity
The IoT does not mean the death of security. It just means we must face a new set of security challenges. And the key to meeting those challenges is shifting one's focus from the confirmation of personal integrity to the verification of data integrity.
If that Coke machine experiment from 1982 were to be re-created today (and no doubt, somewhere this is being done), the engineer would be sure to build in a necessary (and completely feasible) feature: data integrity verification. Otherwise, someone might take a Coke and make it look like the machine was still full.
To further explore our thoughts on cloud security, check out the white paper: Cloud security architecture - from process to deployment: