Introduction
The state of today’s connected devices represents a rapidly changing problem space. Scenarios for those who seek to understand and control the vulnerabilities are multitude. Industry stakeholders, academic researchers and end-users all face the possibility of being a step behind in this continuously growing environment.
When we talk interconnected devices these days we are most commonly referring to individual closed Networks, or Cloud dispersed networks with the same catch-all phrase, “The Internet of Things” or IOT.
For the purpose of this writing we will take the definition in which a node is defined as a single device and an edge is the connection between it and another device.
Further we will mark a clear distinction between a direct interface, the control unit, and an IOT device that is at least one stage removed from the control. The control unit is the interface device that reaches out to the IOT to perform some action or a sequence of actions. A simple example is that Bob is exercising and beginning to lose stamina. Bob opens his phone to check his progress, his phone then checks his connected smart-watch. The watch contains the pedometer and relays the information back to the phone. In this way Bob receives the information he is looking for. In this instance the phone is the control unit, but the roles could easily be reversed. Bob might have previously set goals and routing his phone. Later while exercising he checks his watch for progress. In this case the phone is the IOT device node and the watch is the control unit.
Current literature details a number of device connections schemes with many variations on terminology. There seems to be a general consensus for better security standards, and a common terminology.
One emerging concept that is garnering a growing portion of research attention in the field of IOT is that of trust. Trust is most commonly used as a metric against which some future decisions made such decisions inevitably focus on security and safety. The security and safety of information, physical infrastructure, and even human life is of fundamental concern. The current security scheme for most IOT concerns consists of a pass-fail process. This is commonly referred to as “authentication”. It is not uncommon for the bulk of information sharing between two or more devices to be contingent on a single check point. The most common example being a certificate of trust, sometimes, but not always coupled with a password.
In order to explain the strengths and weaknesses in current practices we must first cover a brief history of encryption methods and the terminology commonly used. Once we have created a shared terminology we will be able to move into an overview and explanation of how these methods are and are not used. Followed by what the determining factors of Authentication look like. From there we will present a more detailed explanation with examples of what trust in machines looks like today.
Equipped with an understanding of trust in machines and a more detailed explanation of IOT terminology we will be able to enumerate some of the challenges facing IOT today and some coming in the near future. There will be two important Concepts remaining before we can begin the process of creating a template for a better model of trust.
First we must look at the concept of trust itself, examining both dynamic and numerical methods that have been created to model trust in humans. The second concept will flow naturally from our discussion of trust in people, and will be that of role awareness. By the time role awareness has been explained we will be ready to lay out the requirements that will be necessary to create a model of our own.
The presentation of requirements will be completely dependent on our revised definition of dynamic trust in machines that interface IOT. With definition and requirement in hand we will begin to outline what our conceptual model should look like and from there to the most likely starting point from the existing computational framework.
After which we will attempt to formulate a rational adaptation of our chosen computational framework, opting to separate each of the core testable concepts with its closest adapted model.
Finally we will assemble the constituent pieces combining models were applicable and creating a state machine capable of self-reference and self-edit.
My personal Webpages