Why the IoT industry should move beyond DNS and create its own IP address registry of devices
In today’s market, segments of the broader IoT ecosystem have been under-served, especially small-to-medium businesses (SMBs) and mid-sized cities. However, this oversight will change over the next several years as these entities seek to embrace the efficiencies and cost reductions that enterprises and government agencies are achieving through IoT implementations.
In addition to their high-priority issues of affordability and seamless IT integration, a key requirement we’ve seen for IoT adoption by SMBs and municipalities is assurances of fail-safe security measures. While current solutions can ensure effective security today, there is a looming long-term threat to security as the IoT ecosystem proliferates – the Domain Naming System (DNS) registry.
The current DNS registry is used to ensure websites can be accessed by simply typing in their name, such as www.IoT-Now.com, rather than the series of numbers of the site’s IP address – 18.104.22.168. In a world where just about any device you can name will have an IP address, however, it’s time for a new registry dedicated to IoT devices, says Bob Bilbruck, founder & CEO of B2 Group/Directed IoT/Captjur.
A stark example of the ineffective security of current DNS protocols in the IoT age was seen recently in the Mirai botnet attack that brought down much of the internet, including Twitter, Netflix, Reddit, CNN and many other sites.
The main targets of the distributed denial of service (DDoS) attack were the servers of Dyn, a company that controls much of the DNS for internet infrastructure. However, unlike other DDoS botnets which take advantage of computers, Mirai was able to gather strength from IoT devices such as DVR players and IP cameras with little security protection and then throw junk traffic at Dyn’s servers until they could no longer support valid users.
The current DNS registry was never intended for the IoT era, especially as the IoT ecosystem becomes inseparable from ‘Fog’ computing Fog computing is a new paradigm for analysing and acting on the most time-sensitive data at the network edge, close to where it is generated instead of sending vast amounts of IoT data to the cloud. It helps machines, on their own, act on IoT data in milliseconds based on human-set policies.
In smart cities, this can mean landscape sensors noting the deluge of a recent rainstorm and shutting off irrigation systems. Or it could mean a connected trash receptacle sending a message to an autonomous trash truck that it should be included in the day’s pick-up schedule. This immediate, machine-to-machine communication can also be a major target for disruption by hackers, especially in mission-critical industries such as energy and transportation.
At a time when cyber attacks can be launched via the most innocuous connection, the industry should focus on building a registry for every single IoT device, ensuring the legitimacy of the device and that the device can be easily monitored to stop and capture perpetrators of an attack.
As every cyber-security professional knows, any system’s security is only as effective as its weakest link. With disparate organisations implementing IoT systems throughout the world, we face a huge but urgent task to create a new registry of IP addresses for IoT devices.
There are precedents and organisations capable of achieving this type of undertaking. For example, oneM2M, a global initiative to create standards for IoT security and interoperability, might be one answer. Formed in 2012, the body is composed of eight of the world’s top telecommunications and IT standards body and has over 200 member organisations, including Cisco Systems, General Electric, Intel, MediaTek and Samsung.
With the assistance of telecommunications services firm iconectiv, oneM2M has already started an App-ID registry for IoT software installations. With its role in enabling mobile phone number portability and maintaining mobile device registries to protect against fraud and theft, it’s not a huge leap to see iconectiv or similar organisation, with the support of standards bodies like oneM2M, creating a dedicated IP address registry for IoT devices as well.
The author of this blog is Bob Bilbruck, founder & CEO of B2 Group/Directed IoT/Captjur
About the Author:
Bilbruck is founder and CEO of B2 Group (Directed IoT & Captjur Divisions within B2), an international strategy and consulting firm. He is responsible for developing and managing all aspects of strategy and operations within B2 Group’s organisation. Bilbruck’s nearly 20-year career is rooted in strategy services, along with program development, sales and technology development, emerging technologies & business models.
B2 Group works with many Fortune 500/1000 firms and also many well-funded start-ups. B2’s analyst division works frequently with VCs and Debt Equity firms as emerging market and technology experts on investments these firms make in these areas.
Previously, Bilbruck held positions at Brunswick Corporation, Samsung, Konica Minolta, Leviton, Advanced Digital Information Corporation, NewEgg.com, US Modular & Mobiletain.
Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow