As the "father of the Internet," Vint Cerf is more plugged in than most, but even he doesn't have all the answers when it comes to securing the Internet of things.
The Internet of things isn't only about new wearables, appliances, and other electronics capable of connecting to the Internet. It also lets us manage the appliances we depend on and provides insight into how we use resources, Cerf, now a vice president and chief Internet evangelist at Google, told the audience at the Cyber Security NYU Engineering/Sloan Foundation Lecture in New York City this week.
Devices like Google's Nest thermostat let individuals determine how they are consuming resources and use the technical data to adjust their heating and cooling systems. Or take Cerf's wine cellar, with more than 1,000 bottles of the beverage. Sensors in the cellar keep track of temperature, humidity, and light, and they send an alert whenever the temperature and humidity levels change. Cerf can monitor the lights to see if anyone is entering the cellar without his permission, and he has RFID tags on each bottle.
"I know if someone is moving my wine without my knowledge," Cerf said.
There are many positives about the Internet of things, but Cerf said developers face critical questions related to standards, interoperability, authentication, authorization, and data integrity. The fact that there are no standards makes the space "chaotic," as everyone is developing their own proprietary protocols, and devices can't talk to each other. Gartner predicts that 4.9 billion connected things will be in use by the end of this year, increasing to 25 billion by 2020.
"We wind up with different hubs and systems for every brand," Cerf said. If different devices can't talk to each other, we won't recognize the full benefits of IoT, he warned.
Configuring the devices is another challenge, and it's going to get worse as the number of devices increase. Consider an office move: The last thing anyone wants to do is spend the afternoon typing 100 IPv6 addresses into a laptop to configure them to the new location's network. You don't want to accidentally configure someone else's devices into your networks or give someone else access to your devices, he said.
"Protecting the devices while they are being configured is as important as making sure they are safe while on the network," Cerf said.
The devices also need strong access control and authentication to keep data safe. It's one thing to grant control only to authorized parties, but it's harder to offer enough flexibility to give third parties "ephemeral access to your information," he said.
In the case of fire, for example, it would be helpful if the fire department could tap into the devices in a house to figure out how many people were home and what rooms they would likely be in. But there needs to be a way to revoke the access since law enforcement doesn't need to know who is in the house at other times.
"There is the ying-and-yang problem. Some people should have access to the data, but under certain conditions, you want to revoke access," Cerf said.
Developers also need to think about how to protect the software that powers the devices. Software is never perfect, which means there has to be a way to update the devices. "We don't know how to write software without bugs. We've been trying for 70 years," joked Cerf.
Additionally, the update mechanism must be protected so that someone can't easily introduce downloadable malware into the device. There have been cases of bad certificates issued and adversaries spoofing trusted sites to spread malware so that malware injection in IoT updates is a real possibility. Cryptographic technology will be important to make sure the right devices are authenticated.
"If you have devices you rely on to keep your body functioning and if it can be infected by malware, that is scary," Cerf said.
Data integrity is another big area to address, as there are strong concerns about third-party access to user information. But perhaps the bigger challenge is making sure the data can't be changed without permission.
"I don't care if people can see my blood type. I am more concerned that someone can change my blood type, and I get a blood transfusion that can kill me," Cerf said.
Businesses, governments, hospitals, and other entities will look for new ways to use Internet of things, and there will be lots of opportunities to share data, which makes standards essential. Otherwise, everyone is sitting on their own piles of data, he said. Sharing data requires a common language and an open architecture, and strong access controls will ensure privacy protection and data integrity.
Cerf said many of the challenges don't have answers yet, but he emphasized it was equally as important to ask the questions. "There are many questions and few answers."
The Internet's brittle nature worries Cerf, who sees society becoming more dependent on software despite the risks. There are business opportunities for third parties to manage devices, "assuming we can decide on standards," Cerf said.