Given the intimate association our IoT devices have with our personal identities, once device registration, chaining, and capture has taken place a complete end-to-end data-storage and access-control pattern needs to be implemented. Basic data encryption, from both a transit and storage perspective, is a given and should, in theory, be no different than any other cloud-based storage solution. A more complex puzzle to solve, however, is how to implement the “who,” “where,” and “when” questions regarding data access. A fourth question, the “why,” also needs to be considered when focusing on registration and approval of data consumers.
Data privacy raises several interesting topics. Firstly, the data itself requires an owner – someone to be accountable when it comes to making consent decisions. The data itself may also need labelling, in a way similar to the data classification system used by many governments. Will some data be public? Will some data be accessible by some parties but not others? Will some of the access-control decision making be dynamic and change at run time? How can those access-control decisions be managed and enforced, while simultaneously being understood by a non-technical approver? All of these data-management topics are well understood and observed within the enterprise world, but now they have to be applied to a more scalable, consumer-facing world.
Authentication, authorisation, and context
The data landscape shown in Figure 1 requires several security components to make it function. Authentication (confirming the truth of an identity) and authorisation (confirming what that identity has access to) are the two main components. Both, however, require a context in order for a decision-making process to be fully optimised.
A basic example of authentication for a person-based identity is the username and password. This is the “something you know” concept, as opposed to “something you have” (onetime password generator) and “something you are” (biometric proofing). Authentication plays a significant part in the data landscape. Data owners, consumers, and generators all need to be identified and verified.