Security for the Internet of Things—Let’s Begin the Conversation.
BY TOM WILLIAMS, EDITOR-IN-CHIEF
Computer security has been a never-ending struggle over many years. The importance and urgency of security increases with the spread of technology and our dependence on it, with its ever-growing realm of applications and the more accessible it becomes to the general public. And with that, really implementing security becomes increasingly complex, multifaceted and just plain difficult. Long-time readers of RTC may recall that I have occasionally expressed skepticism regarding claims of security as well as the ability to totally achieve it. Despite any misgivings, however, security is necessary and imperative if the Internet and now the Internet of Things are to become viable technologies and a viable market. As they increasingly become a part of all our daily lives, our dependency on them becomes a matter of personal, economic and social well-being. As a result, we are witnessing an intense increase in research, innovation and implementation of security measures at all levels—from sensor and device to the Cloud.
The rise of the IoT has multiplied the issues and levels and strategies devoted to security perhaps due to a bit of an internal paradox. While on the one hand, we want everything to be connected in the abstract sense, i.e., potentially for any user or node to be able to connect to any other, we don’t really want that. We want selective and protected access. We want private or restricted domains within this world-spanning übernetwork. We want a straightforward way to grant or deny access to specific users, to select levels of access to those admitted, yet we also want to be able so search for those resources that are available for our purposes. And we want adequate security to protect the functionality of small, hardware-restricted sensors and actuators as well as gateways and edge devices. We want the data in transit to be secure and yet have it selectively accessible to other authorized users. It’s a very tall order but one that is vitally necessary. And that is why we want to start a conversation.
You will find in this special section on IoT Security a selection of short position papers and points of view from a number of leading companies. They exhibit both a diversity of approaches as well as many areas of agreement on the scope and the needs for a continuum of security. We present this section to give our readers a feel for the number of companies that are active in this area—and there are many more. We also hope that this collection of relatively brief statements will lead to an ongoing technical conversation in the form of contributed articles and opinion pieces that we will carry in the pages of RTC throughout the coming year. We are changing our previous section that was titled, Technology Connected to the name Technology and the Internet of Things. There are certainly many more aspects concerning the IoT than security alone and we will definitely be carrying articles on those many topics as well. But we hope to include at least one piece dealing with security issues in each month’s section.
So consider this to be both an introduction as well as an invitation to take part in an energetic and compelling conversation both as colleagues as well as competitors. It is our hope that through such an exchange we can all gain and confidently continue to build what is shaping up to be a major technological development for the entire world.