Time for some new thinking about IoT
•
2 gostaram•1,254 visualizações
A discussion about identity and the internet of things, exploring some ideas about the connection between IoT and the blockchain. An edited version of the presentation I gave at TechDaysMunich in July 2016.
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Destaque
Destaque (8)
Semelhante a Time for some new thinking about IoT
Semelhante a Time for some new thinking about IoT (20)
Mais de David Birch
Mais de David Birch (11)
Último
Último (20)
Time for some new thinking about IoT
- 1. www.chyp.comPlease Copy and Distribute1 The Internet of Everyone Else’s Things Or “Time for some new thinking on IoT” Munich July 2016
- 2. www.chyp.comPlease Copy and Distribute David G.W. Birch Director of Innovation at Consult Hyperion An internationally-recognised thought leader in digital identity and digital money; Named one of the global top 15 favourite sources of business information (Wired magazine); In the London FinTech top 3 most influential powerlist (City A.M.) One of the top ten Twitter accounts followed by innovators, along with Bill Gates and Richard Branson (PR Daily); One of the top ten most influential voices in banking (Financial Brand); Named one of the "Fintech Titans" (NextBank); Voted one of the European “Power 50” people in digital financial services (FinTech Awards); Ranked Europe’s most influential commentator on emerging payments (Total Payments magazine). 2
- 3. www.chyp.comPlease Copy and Distribute Consult Hyperion… 3 15/07/2016
- 4. www.chyp.comPlease Copy and Distribute IoT Case Study 4
- 5. www.chyp.comPlease Copy and Distribute Dave the Designer If your pants could talk, what would they say about you? 5
- 6. www.chyp.comPlease Copy and Distribute My Pants If your pants could talk, what would they say about you? 6
- 7. www.chyp.comPlease Copy and Distribute So… 7 Pants are low-power devices with no cryptography Pants have no tamper-resistant memory for keys Pants have intermittent connections They may be in the attackers domain if not in secure storage Pants go without upgrades or (digital) patches My pants are not going to negotiate laundry prices any time soon, but they might give away some of my secret!
- 8. www.chyp.comPlease Copy and Distribute Where to Focus? Identification, authentication and authorisation Of people and their things But the things can’t do cryptography So we need to manage the virtual things, not the things themselves Wait… What if there was a new way to manage these virtual things?
- 9. www.chyp.comPlease Copy and Distribute My Pants Implement the identity of things as a layer on the blockchain 9
- 10. www.chyp.comPlease Copy and Distribute The Private Life of My Pants The private life of things as a shared ledger 10
- 11. www.chyp.comPlease Copy and Distribute Am I Taking Crazy Pills? So if we can bind the mundane entity to the blockchain entity… 11
- 12. www.chyp.comPlease Copy and Distribute Putting my Pants on the Blockchain The private life of things as a shared ledger implemented on a blockchain 12
- 13. www.chyp.comPlease Copy and Distribute Where Next? Smart Pants Access to virtual things via “smart contracts” with their own memory 13 Dave’s Pants Other Pants
- 14. www.chyp.comPlease Copy and Distribute Contact 14 Browse www.chyp.com Follow @chyppings Mail info@chyp.com Comment http://www.chyp.com/media/blog/ Listen http://www.chyp.com/media/podcasts/ Consult Hyperion UK Tweed House, 12 The Mount Guildford, Surrey GU24HN, UK. +44 1483 301793 Consult Hyperion USA 535 Madison Avenue, 19th Floor New York, NY 10022, USA. +1 888 835 6124
Notas do Editor
- Technology’s Martyrs: The Slide Rule” by Kirk Johnson in the New York Times (3rd January 1987) covers the story of Keuffel & Esser. This company, founded in 1867, was America’s pre-eminent manufacturer of slide rules. In 1965, they sold one million of them. In 1967, their centenary, they were commissioned to prepare a report about the future called “Life in the year 2067″, looking a century on. They interviewed scientists to come up with a vision that predicted electric cars and 3D TV. What it didn’t predict was that they would be out of business within a few years because of the electronic calculator. The end came quickly. On this day in 1976 K&E produced its last slide rule, which it presented to the Smithsonian Institution. [From Computer History Museum | Exhibits | This Day in History: July 11] In less than a decade they were gone because of technological change. But note the “Gibson” take on this: the invention that destroyed them, the electronic calculator, already existed when they wrote their report. In fact the first all electronic calculator desktop calculator went on sale in 1961 At the end of 1961 the Bell Punch Company put the Anita Mk VII on the market in continental Europe and the Anita Mk 8 in the rest of the world as the world’s first electronic desktop calculators. These were the only commercial electronic desktop calculators for more than 2 years [From Anita: the world’s first electronic desktop calculator] What’s more, the first electronic all-transistor calculator (from Sharp) went on sale in 1964. So by the time the slide rule guys did their study, the technology that would destroy them had been on open sale for several years. They made the mistake, I guess, of thinking that because slide rules cost $10 and calculators cost $1,000 they would never compete, forgetting that the inevitable curve of technology price/performance would do for them in time. And, I suspect, the scientists that wrote the report all used slide rules and were perfectly happy with them.
- I think a phone that can check up on other people's stuff might be fun. After all, 900MHz is much longer range than NFC (several metres for industrial readers). So if you're at a boring party and you're wondering whether the hostesses dress is a real Chanel or a knock-off, you can find out from across the room. Or if you want to snoop around a neighbour's house but can't actually be bothered to go into other rooms, it's ideal. But, as I pointed out some time ago, Suppose RFID is used to implement Electronic Product Codes (EPCs) for luxury goods. If I see a Gucci handbag on sale in a shop, I will be able to point my Bluetooth EPC-reading pen (these already exist) at it and read the EPC, which is just a number. My mobile phone can decode the number and then tell me that the handbag is Gucci product 999, serial number 888. This information is, by itself, of little use to me. There has to be a database to establish provenance, and it is that database that is at the core of the Korea Telecom business model discussed earlier. Thus, the counterfeiters will inevitably shift their attention to attacking the database. If I were a counterfeiter, I'd put chips in my whiskey that linked to a URL that displayed something that looks like the official Korea Telecom page but says "Sorry, the service is currently down, please try again later" or perhaps even "Sorry, the service is down, please call this number for more information" followed by the number for a reverse-charge premium-rate call to Surinam at $199 per minute. Just as with smart posters and so on, unless the chip carries a digital signature, you don't know whether the URL is real or not, so nothing it directs you to can be trusted. There's no need for a URL here: just have the chip store a digitally-signed identifier and let the "provenance infrastructure" do the rest. Better still, have the chip store a digitally-signed and encrypted identifier so that only the database owner can decrypt it, ensuring that all provenance request have to go through them. Without an infrastructure that includes end-to-end digital signatures there's no way round this. The phone needs to know the chip is authentic. The database needs to know who is asking, and the consumer needs to know who is answering.all applications.
- I think a phone that can check up on other people's stuff might be fun. After all, 900MHz is much longer range than NFC (several metres for industrial readers). So if you're at a boring party and you're wondering whether the hostesses dress is a real Chanel or a knock-off, you can find out from across the room. Or if you want to snoop around a neighbour's house but can't actually be bothered to go into other rooms, it's ideal. But, as I pointed out some time ago, Suppose RFID is used to implement Electronic Product Codes (EPCs) for luxury goods. If I see a Gucci handbag on sale in a shop, I will be able to point my Bluetooth EPC-reading pen (these already exist) at it and read the EPC, which is just a number. My mobile phone can decode the number and then tell me that the handbag is Gucci product 999, serial number 888. This information is, by itself, of little use to me. There has to be a database to establish provenance, and it is that database that is at the core of the Korea Telecom business model discussed earlier. Thus, the counterfeiters will inevitably shift their attention to attacking the database. If I were a counterfeiter, I'd put chips in my whiskey that linked to a URL that displayed something that looks like the official Korea Telecom page but says "Sorry, the service is currently down, please try again later" or perhaps even "Sorry, the service is down, please call this number for more information" followed by the number for a reverse-charge premium-rate call to Surinam at $199 per minute. Just as with smart posters and so on, unless the chip carries a digital signature, you don't know whether the URL is real or not, so nothing it directs you to can be trusted. There's no need for a URL here: just have the chip store a digitally-signed identifier and let the "provenance infrastructure" do the rest. Better still, have the chip store a digitally-signed and encrypted identifier so that only the database owner can decrypt it, ensuring that all provenance request have to go through them. Without an infrastructure that includes end-to-end digital signatures there's no way round this. The phone needs to know the chip is authentic. The database needs to know who is asking, and the consumer needs to know who is answering.all applications.