Building trust for a connected world

IoT World Today organized a conference titled: Building trust for a connected world. The speakers were Ms. Eleftheria Kouri, Senior Analyst, IoT Technologies and Verticals, AI & IoT, Omdia, and Hebberly Ahatlan, Director of Product Marketing, Intertrust Platform, Intertrust.

Talking about the worldwide IoT device shipment outlook, Ms. Eleftheria Kouri said Omdia forecasts that the global IoT device shipments will grow from 8.19 billion in 2022 to 12.21 billion shipments in 2026. Consumer IoT devices lead in terms of shipments, despite chip shortage issues.

Commercial and industrial electronic IoT device shipments experience stable growth as IoT devices remain the main option for industrial sector to collect real time data for machinery performance. Medical IoT devices will experience healthy growth in the coming years due to the rise of telehealth services, such as remote patient monitoring.

Regarding the emergence of 5G adoption in IoT, Omdia forecasts that 5G adoption will occur at a measured pace through 2024 reaching approximately 127 million connections globally in 2026. 5G connectivity not only provides higher quality service to existing IoT solutions, but it also unlocks opportunities for new IoT use cases and applications, such as factory and home automation, video analytics, and smart grid deployment.

Omdia expects that automotive, consumer, and remote monitoring applications will drive 5G adoption in the coming years. 5G is considered a secure connectivity option by design, although it brings its own security concerns.

Data trust landscape
Looking at the data trust landscape, the rapid growth of connected devices has greatly increased the risk of compromise for IoT networks at the edge. Data and commands traveling both from and to devices at the edge traverse a series of untrusted networks, creating numerous potential entry points for attacks putting enterprises in risk.

A dynamic landscape of employees and partners require access to corporate data. Data architectures are rarely uniform, and typically contain solutions that are for specific business needs. Evolving regulation on the management and use of data creates increased risk and liability.

There are three key questions:
• How to protect the large networks of IoT devices and ensure their identity throughout their lifecycle?
• How to ensure device authenticity, data integrity, and privacy of these communications?
• How to aggregate and manage data from disparate systems of devices and data storage solutions?

We need to consider new technologies that elevate digital trust.

Better data lifecycle management
Hebberly Ahatlan, Intertrust, stated that we require better data lifecycle management. This involves resolving data flows, from creation to consumption. How can we protect the large networks of IoT devices and ensure their identity throughout their lifecycle? We can do this by implementing digital trust schemes that are agnostic to networks and protocols.

We can also ensure device authenticity, data integrity, and privacy of these communications. This can be done by implementing protection schemes that travel with data. Therefore, protecting data at rest or in transit. Further, how can we aggregate and manage data from disparate systems of devices and data storage solutions? We can do this by implementing data management technologies that empower the users to have full delegation and visibility control of the data they are consuming.

Devices and data are protected from the edge to the cloud. All devices -- even insecure legacy devices, are protected and attested. Data is persistently protected, regardless of the security state of relaying networks and devices.

We need to look at persistent protection. It’s protection that travels with the data across the disjointed networks. We need a solution that runs at the application layer, and does not have to be maintained when network configurations or topologies change, unlike IPSec (VPN). We need a solution that provides device to cloud protection, rather than just a protection pipe over part of the network that terminates at the TLS server – protection persists.

We need a solution that protects data at rest after it exits a VPN or TLS tunnel. Unlike TLS and VPN that are integrated into protocols stacks, there are solutions that are easier to deploy and can run on any IP-based protocol stack.

Persistent protection is a solution that enables protected data to bridge networks, including from industrial environments to home, with a common trust and governance model. To gain full visibility and transparency, while protecting data persistently, from sensor edge to cloud and back again. There was an example of persistent protection using weather data.

This was followed by an XPN demo. The PKI authenticates devices at the edge before communicating securely with them. XPN signs and authenticates the data before is sent from the edge to the cloud.