December 2, 2020

1758 words 9 mins read

An Innovative Framework That Will Help the IoT Industry Scale Into the Billions

An Innovative Framework That Will Help the IoT Industry Scale Into the Billions

The Internet of Things (IoT) is on an explosive growth trajectory. According to Transforma Insights, the number of IoT-connected devices is projected to increase to 24.1 billion worldwide by 2030. That’s almost a three-fold increase from 2019.

Much of this growth will be fueled by the coming 5G revolution, which will enable businesses and consumers to take advantage of a wide range of increasing

ly sophisticated connected devices, including wearables, security cameras, smart speakers, industrial sensors, connected vehicles and more.

But for all the value that these new IoT devices and applications are expected to bring to consumers and businesses, some fundamental challenges within the IoT ecosystem still need to be addressed. Securely scaling is one of the biggest challenges, given the growth projections for IoT adoption.

Today’s IoT is based on a hard-coded reference model, which makes it very similar to the way the Internet was 50 years ago. In those early days, the Internet was entirely hard-coded, too. Tens of thousands of hosts and their corresponding IP addresses were stored in a single hosts file. It remained this way for another 20 years until we developed the modern domain name system (DNS), a key innovation that enabled the Internet to grow on a massive scale.

To extend the comparison, domain names are a lot like IoT devices. A domain name has a registrant, and the registrant can point that domain to any website on the Internet. For example, if I buy the “” domain, we can point it to a website that’s all about me, or I can point it to another site that’s about something else altogether. It’s completely up to me.

A generic IoT device also has an owner, and the owner can theoretically make it work with any application. If I have a security sensor on my front door, for example, I can point it to any security service I like, whether it’s ADT, AlarmForce or some other provider. Again, it’s up to me.

The difference is that pointing a domain name to a different website is very simple. In contrast, the IoT’s hard-coded model makes associating an IoT device to a new application very challenging, if not impossible.

Here’s an example that illustrates the scope of this challenge. Imagine that the City of Ottawa buys thousands of smart, internet-connected parking meters that it deploys around the city. And imagine that these meters are all connected to a fictional application provider called ParkoServ. Each meter has an eSIM card installed in it that is hard-coded to work with ParkoServ only.

If at some point in the future the city’s IT department wants to take advantage of a more cost-effective and technologically superior solution offered by another provider (let’s call it CarParkServ), there’s no easy, secure way for them to do it.

Instead, if they want to make the switch, IT staff will have to locate and manually configure thousands of hard-coded parking meters individually to associate them with CarParkServe. It’s not hard to see that this approach is incredibly labour-intensive, time-consuming, error-prone and expensive.

What if, on the other hand, the city’s IT department could automate the process in a “zero-touch” manner of switching to the new application provider while ensuring that it was done securely?

This is where the Secure IoT Registry we’re developing at CIRA Labs comes in (see our Git repository here). The Secure IoT Registry is an innovative GSMA IoT Safe framework implementation that will allow the world’s mobile eSIM enabled IoT devices to seamlessly and securely connect between any manufacturer, owner, service provider and network operator.

Going back to our parking meter example, the Registry would sit between the parking meters, the application providers, and the wireless mobile networks. To start the process of reconfiguring the parking meters to talk to the CarParkServe system, the Secure IoT Registry would gather all the relevant information about each parking meter, the wireless provider and the new application provider, and the eSIM unique identification number.

Using this information, it would then generate a unique security certificate for each parking meter (on the eSIM). By adding end-to-end encryption to the unique private and public keys, the Secure IoT Registry protects the zero-touch provisioning process against malicious “man in the middle” attacks and any mobile network operator meddling.

To complete the process, it would send these encrypted credentials electronically to the parking meter via a wireless mobile network operator, and the switchover would be complete. All the parking meters would now be connected to the new CarParkService application. You can get more detail about the technology under the hood here.

The zero-touch approach enabled by the Secure IoT Registry is seamless, secure, requires minimal effort on the part of the IT department, and is highly cost-effective. What’s more, if the city ever needs to switch to a different application provider in the future, the process will be the same.

Looking at the big picture, this is the ideal IoT security system that we at CIRA want to see in place in the IoT ecosystem by 2025. In Canada, we are currently working with Blackberry, TELUS, and Solace to road test the application of our platform for medical IoT devices through L-SPARK Global’s MedTech Accelerator.

With the Secure IoT registry, any GSMA IoT SAFE eSIM-equipped, generic IoT device will work with any application. Not only would this help prevent platform/vendor lock-in, but it would also allow the IoT ecosystem to scale exponentially and securely.

It would also allow device manufacturers to focus on developing innovative devices and application developers and cloud service providers to focus on providing IoT services and solutions that provide superior value to their customers. Written by Natasha D’Souza, Product Manager for IoT Security at CIRAFollow CircleID on TwitterMore under: Cybersecurity, DNS, Domain Names, Internet of Things, Networks, Registry Services

Author: Natasha D’Souza

Date: 2020-12-04


OneWeb Is Out of Bankruptcy, but Not Out of the Woods (2020-11-25) OneWeb which declared bankruptcy in May has reorganized and emerged from bankruptcy Bharti Global an Indian telecommunication conglomerate and the British government each own 422% of the new company and most of the rest is owned by previous investors SoftBank and Hughes Network Systems Hughes will continue work on ground infrastructure and marketing and the original joint venture with Airbus which.. OneWeb Is Out of Bankruptcy, but Not Out of the Woods
Disinformation and Our Technology Industries (2020-11-13) It was interesting to see that albeit belatedly the American media started to stop giving Trump opportunities to spew out his lies across the country and beyond It obviously had now reached a point where the media realized that if they continued to provide Trump with their avenues this would make them accomplices in inciting violence Is this going to be a turning point? Disinformation has become a..
Criss-Crossing AI With the Future of Work (2020-11-02) Every few years; some self-proclaimed academic imparts an article on the future of work with conflicting information from various experts leaving many uncertain about its impact on jobs skills and wages In less than a year these same scholars will be writing about the future of labor and given the speed of innovation by the time these articles are published they will be made obsolete Based on the ..
AI Initiatives at the US Post Office: Final Rethink Before We Dissolve It! (2020-10-18) MIT released a comical study in May of 2020 on the historical innovation accomplishments and the potential logistical endeavors brought to light by the beleaguered United States Postal Service The apparent scholarly article cited several technological implementations and employee empowered frameworks that could define the USPSs plight over the next five years These frameworks through FY2025 mentio..
Internet Governance and the Universal Declaration of Human Rights, Part 6: Articles 18-19 (2020-12-01) Articles 18-19: Freedoms of Thought and Opinion Co-authored by Klaus Stoll and Prof Sam Lanfranco1 Internet Governance like all governance needs guiding principles from which policy making and acceptable behavior are derived Identifying the fundamental principles to guide Internet ecosystem policy making around digital citizenship and around the integrity of digital practices and behavior can and ..
Is 5G a Race We Want to Win? (2020-10-29) There is an interesting article recently published in the English version of a South Korean newspaper the ChosunILBO that talks about 5G in China According to the article the Chinese 5G rollout is an expensive bust There are a number of interesting facts disclosed about the Chinese 5G rollout First its clear that the rollout is using millimeter wave spectrum The article says that the 5G towers in .. Is 5G a Race We Want to Win?
DDoS Attacks Are Surging Both in Frequency and Sophistication (2020-11-23) Network-Layer DDoS Attacks Distribution by Month / Cloudflare Cloudflares new report warns about the significant increase of DDoS attacks and their level of sophistication The numbers doubled from Q1 to Q2 and doubled again in Q3 resulting in a four-fold increase compared to the pre-COVID level in the first quarter Other trends observed in Q3: Most attacks are under 500 Mbps and 1 Mpps but still c..
ICANN Doubles Down on Technical Internet Governance Label: What Are the Implications? (2020-11-10) Back in September of 2020 ICANN CEO Gran Marby wrote a blog post discussing the implementation of a common strategy for Internet governance IG and technical Internet governance TIG raising the question of whether the ICANN org intended to pursue this distinction moving forward as debated in a previous article This was proven to be the case during the 2020 IGFs Open Forum #44: ICANN Open Forum Tech..
Goodbye Marilyn Cade (2020-11-09) In memory of Marilyn Cade 1947-2020 Marilyn Cade was an exceptionally hardworking always gracious leader in ICANN and IGF She was a strong supporter of US interests at ITU and a member of the US delegation at the WCIT Dozens have spoken of her at a memorial site including Vint Cerf: Marilyn was an elemental force in the ICANN IGF and policy worlds She was an advocate who could be counted upon to s..
US Election-Related Web Properties Prone to Fraud and Misinformation Due to Lack of Domain Security (2020-10-15) Co-authored by CSCs Sue Watts and Quinn Taggart The risks of fraud and disinformation in the US election process have been hiding in plain sight CSCs new research finds that a large majority of web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are prone to domain spoofing tactics This makes them a potential target for hacker..