Designed & Made
in America (DMA)

BASIL Networks BN'B | Internet of Things (IoT) -Security, Privacy, Safety-Platform Development Project Part-1

BASIL Networks BN'B

The BASIL Networks Public Blog contains information on Product Designs, New Technologies. Manufacturing, Technology Law, Trade Secretes & IP, Cyber Security, LAN Security, Product Development Security

Internet of Things (IoT) -Security, Privacy, Safety-Platform Development Project Part-1

saltuzzo | 26 September, 2016 09:22

Part 1: Introduction - Setting the Atmosphere

Part 2 IPv4 & IPv6 - The Ins and Outs of IP Internet Addressing (November 11, 2016)
Part 3 IPv4 & IPv6 DHCP, SLAAC and Private Networks - The Automatic Assignment of IP Addressing (November 24, 2016)
Part 4 IPv4 & IPv6 Protocols - Network, Transport & Application (January 10, 2017
Part 5 IPv4 & IPv6 Protocols - Continued - Network, Transport & Application  (Aug 17, 2017)
Part 6 IPv4 & IPv6 Protocols - Network, Transport & Application Continued (Sept 24, 2017)

Where do we start?  

Setting an atmosphere for a topic like this requires solid facts.  It is very important the reader keeps an open mindset in order to address both positive and negative aspects of this thing called IoT (Internet of Things).

Let’s Begin. The techies are not confused; the hackers are not confused at all they see an on-going buffet of opportunities.  However, observations and discussions give the appearance that the average public is totally confused about what IoT is, how it will affect businesses, homes etc. and the questions keep coming.  This series will address the range of what IoT is from the basics to the complex and answer those questions as well as many of the hidden questions that are part of the IoT technology buzz.  Our intent of the series is to enlighten the public on what to look for when purchasing the next generation of appliances that are capable of being monitored through the Internet.  We will start with a short summary with a presentation of facts then advance through actual designs of IoT devices for the technologists out there that are entering into this arena as well as companies that are interested in product development.

The IoT is not a new technology; the acronym arose due to the advancements in chip density technology hence, the amount of features one can put in a single low power integrated circuit.  The higher the chip density the more functions like TCP/IP, Bluetooth, WiFi may be incorporated onto a single low cost chip.  The order of magnitude may be analogous to the first desktop IBM-PC back in August 1981 (64K Memory, 360K floppy disk) to the smart phone today (32Gig Storage, 4Gig software system, Internet, cell Phone network) that is an order of magnitude thousands of times faster and stores millions of times more data, photos etc., at the touch of a screen.  So in summary the IoT is miniaturizing what we already are capable of in larger form factors.

This being said, what’s the big deal? 

The IoT issues are not the number of devices, size or the chip density technology being used, those issues are only limited to ones imagination.  The issues for this discussion relating to the IoT are how many ways will these miniature “connected” devices impact our lives?

The many “active” discussions/debates about Internet Privacy, PII (Personal Identifiable Information), accountability and information access have positioned us in the current debacle for lack of a better word.  Every day we read about Internet data breaches and the millions of PII data that has been stolen by groups, countries and of course the unknown/unidentifiable hacker.  To name a big one – Yahoo system has been breached since 2014 to put the breach data combined in 2016 to over 2 billion.

The Big Deal:

The Global IoT market is an overwhelming new business market that will without doubt change the way people live in just about every country and in every social networking group on this planet (”Earth”-Third planet from the Sun J) at this time.  Many web services and social networks already have facial recognition search abilities like Google’s image search and others.  This technology is easily incorporated into and website for photographers, researchers and investigators especially law enforcement.

Information of all types about individual behavior is the businesses gold mine to manipulate and incorporate into our everyday lives to sell product and as well as other “interests”.  Product marketing is a way of life globally, that is fine and has been the mode of operation for centuries.  The “difference” is the way information is collected, stored, and analyzed; who has it, how it is being used and the list goes on.  It is of no surprise that putting facts like this on the table for discussion creates difficulties and in many cases are held in strictly controlled private business meeting.

The quest to change individual mindsets for product purchases is challenging if not impossible without behavioral data, unless your product is one of those exceptional necessities like soap and a few other sanitary products.  However, stylish or fad type products demand a large marketing effort.  Now just think if you had access to every individual’s personal behavioral habits, likes, dislikes and many other types of personal information and then be able to time your marketing adds to trigger impulse buying.   This is what the new trend in BI (Business Intelligence) and CI (Cognitive Intelligence) is all about.  The IoT devices not only encourage this trend it will make it a norm if the depth of data being monitored is not understood and incorporates some type of accountability.  To date it is not illegal for a business to collect marketing data on their customers or potential customers.  In a public business, stores etc. there are many cameras monitoring the activity of the people entering and purchasing products, how they browse through the store etc.  All Stores are laid out for maximum purchase and actually direct the public through a maze for better product exposure.   Businesses are moving at great speeds to collect and save this data before the courts decide to declare it either unconstitutional and stop the practice or make it officially legal.  Information of this magnitude if allowed on the open network without some type of protection just encourages many other types of behavior including criminal.  When looking at the cost to companies that suffer a data breach and the loss of intellectual property as well as behavioral data give a new level of control for the predator.  Business security weakest link is human behavior as it always has been, be it just neglect, recklessness, disgruntled, begrudged or just not caring about security.

How does this apply to the IoT devices?

The majority (98%) of the current generation of appliances have some sort of microcontroller or microcomputer.  The next generation of appliances will have an enhanced microcomputer that will have embedded Bluetooth, WiFi  or some type of Internet connection that will connect to your local home network or a local public network controlled by the municipalities (SmartGrid).  The home entertainment market is already connected, your smart phone is already connected, game stations are connected all connecting your home network to many other network providers and the list goes on.  Now just think about this for a short time and ask yourself – do you want some person in another country or state able to view when you are washing your clothes, cooking in the kitchen, being able to see your environment inside your house, what temperature you set your thermostat to even listening and storing your conversations while you watch a movie, or while you are driving your vehicle to wherever with your family or friends.  This is just a small introduction of the implications of IoT advanced technology that the legal system has to be prepared to mitigate and hopefully set some sort of guidelines and laws to protect privacy.  This is a double edge sword, on one hand there has to be privacy laws with accountability as well as individual controls to disconnect the IoT devices from the public domain, or disconnect them completely to revert back to manual mode.   The latter is up to the manufacturer and is usually forced on them by the public requirements.   Think if there is no way to disconnect the appliance from the Internet or to completely turn off the wireless connection I wonder how many people would purchase the product.  There have been many attempts to install back doors on private computers in the home and many are still prone – they are called botnets and they infect a smart phone, personal computer, any device with an operating system and are used maliciously for criminal gain.  IoT devices are now part of this arena.  There is no doubt that the automated home is already here and privacy is surfacing more and more and is now a high visibility issue as it should be. 

What Infrastructure Is In Place Now?

The Smart Grid is the main infrastructure network in place nationwide currently the main use is for monitoring and billing utilities, electricity, water and gas.  The Smart Grids main entry point initially is through the Electric meter and incorporates a high power duty cycled transmitter as well as a receiver for other devices to be connected.  The utility companies also use this usage data for load balancing in order to provide a steady service to its customers.  That does not mean that this data is not used for other purposes as well.  The public is not privileged to other type of analysis. 

There have been many complaints about the Smart Grid causing health issues because of the transmission energy levels on continuously timed intervals.  These issues are still being researched and factual data is being gathered and presented to the public and is not well accepted by the utility companies and other businesses that have visions of connecting to the Smart Grid.  You can Google “Smart Grid” and Smart Meter Health Complaints” for more information, be prepared to get a lot of information both good and bad.  The details will enlighten you as to the depth of detailed data being collected. 

What has to be addressed first and at what cost?

The IoT implementation would not happen without the Internet infrastructure upgrade from IPv4 to IPv6, (we will get to that later in the series) which increases the Internet address capability to assign a unique address to every new IoT device that could be imagined for many years.   This infrastructure requires an Internet equipment upgrade that is very costly.

What our research has uncovered is that everyone including governments globally considers IoT to be open game to monitoring everything these products are connected to.  To date there are several of the high end systems in larger companies that perform monitoring of the environmental systems through a network.  In time expect to see many households equipped with custom monitoring systems based on service contracts for these smaller house base systems where the data is collected to private service companies for the “convenience of customers”.

Data Security today is a Risk Management issue and when applied to a product cost it becomes a difficult task to prove the cost effectiveness without an actual breach to reference to.  Therefore in many cases it is held at a lower risk over the product life.  The IoT is in that category and as stated it is open game to all who want to monitor and use that data.  The way this may be controlled is through the end user who either decides during the actual purchases of the product.  If those appliances that have no user control then only the user can decided to buy or not buy and that is if they are aware the connection exists.

Part 2 IPv4 & IPv6 - The Ins and Outs of IP Internet Addressing (November 11, 2016)

Publishing this series on a website or reprinting is authorized by displaying the following, including the hyperlink to BASIL Networks, PLLC either at the beginning or end of each part.
BASIL Networks, PLLC - Internet of Things (IoT) - Security, Privacy, Safety - The Information Plaground Part-1: Setting the Atmosphere for the Series (September 26, 2016)

For Website Link: cut and past this code:

<p><a href=";articleId=3&amp;blogId=1" target="_blank"> BASIL Networks, PLLC - Internet of Things (IoT) - Security, Privacy, Safety - Platform Development Project Part-1 - <i>Setting the Atmosphere for the Series</i></a> (September 26, 2016)</p>


Sal (JT) Tuzzo - Founder CEO/CTO BASIL Networks, PLLC.
Sal may be contacted directly through this sites Contact Form or
through LinkedIn

All comments are monitored prior to posting and will be posted whether pro or con and professional.  Any type of solicitation will not be posted


Add comment

Rest assured, your post or comment has been received, and is simply waiting to be approved. Comments and posts are moderated to prevent spam - this results in a slight delay until you see it posted. Please check back soon. Thank you!

Complete Captcha to add comment 7337915 -Please enter the code shown and click Send.

Registration is required to post

Powered by LifeType - Design by BalearWeb
Copyright© 1990-2017 BASIL Networks, PLLC. All rights reserved