Document Sample
IOT-paper-v3 Powered By Docstoc
					        Governance and the Correlation between the Internet, an
       Internet of Things and the European Network of the Future

                                     Version 3 (la st editor Avri Doria)


At the outset, it is important to begin the conversation with the thought that this topic involves a
correlation - a term used in statistics to indicate a relationship where a change in one thing
produces a change t he others. In this paper the starting assumption is that any change in any of
the Internet, the Internet of Things (IOT) will have a concomitant affect on each other. And it is
anticipated that the E uropean research on the Int ernet of the F uture (Euro-NF) will also be
involved in t he correlated changes, When it comes to the topic of governance, It is expected t hat
the governance of the Internet will serve as a base that will shape or at least inform governance
of the IoT or Euro-NF.

In this paper, we start by looking at each these three correlated entities s eperately, then move on
to exploring t he link between them and finally move on to some of the challenges that present.
Finally, a few scenarios of that European network of the future will be explored.

The correlated entities

The Internet
The Int ernet can be explained in many ways. It is first and foremost a network of net works, it
runs IP based protocols developed in the IE TF, it is built according to a cert ain set of design
principles and it is nearly ubiquitous in the developed world and critical for business and for
society in general. In this case, however, none of these aspects is the most critical, but rather it is
the fact that the Internet works on a single global set of numbers , numbering rules, names and
naming rules.

The Internet of Things

Those envisioning an Int ernet of Things (Io T) see the possibility of interconnecting objects of
common use to each other and other net work entities. It is a network where an object and its
subcomponents can be tracked for their entire lifecycle from manufacture to distribution, through
use to end of life and disposal. It is a global network of networks, with many individual private
segments and a strong focus on security and privacy .

The word Internet in Internet of Things, does not refer to a net work infrastructure, but rat her to the
network built up by the interaction of the objects that participate in a multitude of networks. For
the most part, it is expected that the IoT will use t he existing Internet as an access substructure,
though it will not be restricted to using only the Internet substructure and in some cases may be
implemented on a new yet to be developed infrastructure. The IOT is opportunistic in that it will
use the net work infrastructures that are available with out prejudic e.

What is important is t hat the term Internet in Internet of Thing is used in a different way then it is
when speaking of the Internet qua Internet. Some consider this overloading of the nomenclature
to be unfortunate, but it is the name that is in use. One element that remains similar is that the
Internet of Things currently uses the naming system of the Int ernet with its names being a subtree
of the .com registry. As entities using the Internet for communications, they also use Internet
addresses. While there is no mandate that the names and number used by the IoT, remain
numbers from the sets controlled by IANA, and managed by ICANN and the RIRs, it is difficult to
see how this would stop being the case. Although this is the case, there is also no reason why
the naming needs to remain in a sub-tree in the .com registry. It could be rooted in various
registries or, if the architecture warranted it, control its own top level domain (TLD) .

    Among these principles are: the Postel robustness theorem, the end to end principle. packet based
nature of network traffic, layered architectures, the hourglass model, shared fate and creative anarchy.
    More precisely 2 sets, IPv4 and IPv6, but who is counting.
    For example some consortium of IoT concerned entities could apply for .iot
GOVPIMIT Project                                                                           5-Apr-10

The European Network of the Future

       Euro-NF is a European project on the Network of the Future, formed by 35
       institutions (from the academia and industry) from 16 countries. Its main target is to
       integrate the research effort of the partners t o be a source of innovation and a think
       tank on possible scientific, technological and socio-economic trajectori es towards the
       network of the future.

The goal of the E uro-NF is to aggregate the research on new technology all the while determining
whet her this new technology will be an evolutionary step in the networking or disruptive. The
vision of the Euro-NF consists of:

       In the future networked society the physical and the digital worlds will merge based
       on the massive usage of wireless sensor networks. Objects will be able to identify
       and locate themselves and to communicat e through radio interfaces. Self-organized
       edge net works will become more and more common. Virtualisation and
       programmability will allow for providing different networking environments over the
       same infrastructure. Autonomic networking will deal with the increasing complexity of
       I&C systems. End-users empowerment will increase with their capacity of providing
       services and content, as well as connectivity support.

The links between the correlated entities

Is the Internet of Things a part of the Internet ?

This has been debated extensively. In one respect the IoT is something other then the Internet
because it is based on the associations between the elements and not on t he definitions of the
Internet. Yet at the same time, it is of the Internet, because it relies on what is fundamental about
the Internet, its addressing and naming. Of course this need not always be so, but it is difficult to
see what path might be taken to do something fundamentally different as would require the IoT to
create its own infrastructure. This seems improbable given t hat so much infrastructure already
exists and the difficulty and expense of rolling out infrastructure.

Two arguments have been made by proponents of t he IoT as somehow s eparate from the

       The IoT can use any form of wireless net work, including but not limited to 802.11, 802.5
        or 3G, While it is true that the UMTS network used in Europe is not yet fully converged
        with the Internet, in many ways it has and is cert ainly seen as a st ep in that direction and
        is the goal of much of the work being done in 3G and 4G. E ven t he work being done by
        the ITU on its next generation network is based on IE TF MPLS tec hnology, a technology
        that      relies      on     an     Internet       Prot ocol     (IP)      control       plane.

       That the IoT may not us e global addressing using private networks or private addressing
        instead. E ven if this is often the case, as it is for many S OHO and business networks, it
        does not really mean that the IoT is separate from the Internet as the Internet will often be
        used to transit from one private network to another. It is also worth noting that all private
        networking stubs on t he Internet use addresses based on RFC 1918 and RFC 4193 on
        private addressing alloc ation.

Given this duality, the IoT would be part of Internet while also being separat e from it.
Understanding the IoT as collection of interconnected but local and private networks – let‟s call
them private area networks (PA N) – suc h PAN would be in a very similar relation to Internet like
current LAN/WLA N. From this point of view, the PAN could be understood as a part of Internet,
having one or more addresses used in the Internet protocols (e.g. an IP). These addresses could
be used to address the PAN or components of it. Its members may be visible in Internet or not. If
they are visible, they would have their own Internet address (resolved by NA T/PA T). But from the
logical point of view it is the PAN that is part of Internet not the members of the PAN.
Nevertheless, inside the PAN common Internet protocols may come to use. Assuming that a PA N
is able to rout e Internet traffic, one PAN node should als o operate as a c ore node (not only as an
edge node). On the other hand a PA N can be c onsidered as a small telec ommunic ation network,
not being part of t he Internet, but connected to it at the edge. Nevertheless, a PA N may be able
to transport Internet traffic inside and abroad (via overlay or border gateways).


GOVPIMIT Project                                                                            5-Apr-10

The Challenges

A suitable architecture needs to be identified. Typically, the physical arrangement of the “things”
and the capabilities of potential radio interface will have an impact on the type of net work (multi-
hop/chain, tree, mesh, etc.). Suitable roles of nodes and resources need to be defined, which
may range from traditional client-server setups, to peer-to-peer relationships, or even
publish/subscribe arrangements.

The communication facilities of the “things” need to be self-organised and smoothly managed.
Typically, the “things” neither have advanced user interfac es or processing capabilities, nor are
their users willing to spend large efforts in setting up them. “Things” need to be able to make
themselves (i.e. their information and services) available to each other and to the outer wo rld.
This implies the need for lightweight self-organising and –managing functionalities and,
depending on the level – service discovery and ex ecution facilities.


When it comes to governance of the IoT, given its self organizing nature, we need to understand
how it fits into the existing governance regimes and whether it needs a different form of
governance altoget her. For example, since the IoT is using the Internet addressing scheme and
naming system, which is governed by ICANN, one must ask to what extent will the IoT be
governed by ICA NN principles? Some experts on the subject of IoT governance have gone so
far as to state: Governance of the IoT will not/should not replicate ICANN model or ICANN
debate Yet, when looking at the IoT, there is not yet sufficient evidence to let us know in what
ways the governance would/should differ. One industry group, EPCGlobal which has a focus on
the RFID technology that makes up an integral part of the current concept of IoT, has already
shown an int erest in having a role in the governance of IoT, but have not given a well formed plan
of a new governance model.

The European Commission has been concerned about the shape IoT governance will take for
over year. They have started to look into the nee ds for IoT governance, specifically :

         According to the European Commission, policymakers should also participate in the
         development of IoT alongside the privat e sector. Some challenges are indeed policy -
         related, as highlighted by the World Summit on the I nformation Society, which
         encourages IoT governance designed and exercised in a coherent manner wit h all
         the public policy activities related to Internet Governance.

         Many questions concerning the implementation of t he connection of objects arise
         such as:

                 object naming;
                 the authority responsible for assigning the identifier;
                 ways to find information about the object;
                 how information security is ensured;
                 the ethical and legal framework of IoT;
                 control mechanisms.
The European Commission also released an action plan for Europe on the Int ernet of Things
indicating the need for "promoting a shared and decentralized net work governance" committing to
follow WSIS principles in the governance of the IoT. The European commission set the following
as its goal:

Security and Privacy

Things are envisioned as any where and anytime information publishers (producers) or
subscribers (consumers). Information is normally linked to persons, activities, places, time and
other everyday habits. It is essential t o define scopes of information. Scopes will provide rules
and policies for information reachability. A privat e scope defines a private PAN where information

5 m/bcute17/status/2189966433


GOVPIMIT Project                                                                                                       5-Apr-10

is circulated in the local personal domain. A confidential scope defines the access privileges on
the information t hat is rout ed bet ween t wo virtually interconnected PA Ns. A public scope
publishes information to the public.
Because hard security and privacy countermeasures might be inappropriate to be used by or
emended in the things, security and privacy should enforced in the service level, i.e., where ONS
or DNS are used and when naming and IP addressing are resolved and linked to everyday

           Line of action 1 — Governance
           The Commission will initiate and promote, in all relevant fora, disc ussions and decisions
                        – defining a set of principles underlying the governance of IoT;
                        – setting up an „archit ecture‟ with a sufficient level of dec entralised
                            management, so that public authorities t hroughout the world can
                            exercise their res ponsibilities as regards transparency, competition
                            and accountability.

Currently the governments, industry, the internet community and civil society stand at the starting
point of creating a WSIS principle based multstakeholder debate on the future of IoT governanc e.

Example Scenario


Sofia, a young PhD candidate Greek seismologist must leave early from her hous e. Her task is to
go in the Unilab, pick some modern measurement equipment, and then go t o the airport to travel
in Santorini island in order to mak e some measurements over the recently activated volcano. She
uses her RFID-enable mobile phone in order to unlock her new hybrid car . Once the engine is
on, internal car-health sensors record and report to local agents, using mobile or wireless
services, the car‟s actions, res pons es and statistics . Sofia‟s new car uses an advanced c ar-t o-
car alarm system that controls the distances between vehicles and manages the car speed to
avoid any car accidence .

Sofia reaches the lab, and uses the university id-card to be verified in the gate and to use a
particular parking slot in the garage. The same id -card is used to open the inner door of the main
building and verify Sofia in the Lab premises . Finally, Sofia loads the equipment into her car,
and enters the free-way in her way to the Athens International Airport (AIA ). The tolls system
recognizes the RFID which is embedded in Sofia‟s car and c harges her pay -pall account . On
the free-way she is very careful with the car speed, since police has announced the launch of a
new monitoring net work that uses advanced sensor -cameras in free-ways . The parking system
in AIA reads the RFID signals from Sofia‟s car, it opens the gate to allow Sofia to enter into the
garage, whilst pay-pall account is charged.

At the airport, Sofia uses the mobile boarding pass issued by the airline to enter to the gates, and
she is verified by security guards through her social id, which was recently upgraded and
equipped with a RFID . Sofia passes all the access control phases and enjoyed the short journey
over the A egean S ea. Upon arrival in Santorini she rents a SUV using her credit card . She
manages to enter to the measurement field, whereas several sensors have been installed and
self-configured to monitor the volcano activity. She opens her new, accurate and expressive

  This is an example of machine-to-ma chine use of the IoT para digm. The a ctual internet, as a commodity, is not
invol ved. Mainl y this happens when Dedi ca ted Short Range Communi ca tion occur.
  This is an example of machine-to-intra net use of the IoT pa radi gm, whereas mobili ty should be supported. The
measurement “thi ng”, i .e., the ca r is on the move. Internet is used as a bea rer servi ce to convey informa tion from/to
the ca r.
  This fa cilita tes an example of ma chi ne-to- ma chine use of the IoT pa radigm. The actual internet, as a commodi ty, is
never invol ved.
     In this exa mple, the usage of IoT is wi thin a local , pri va te, domain, i.e., a ccess control s ys tem in the campus.
  This is an example of a usage of IoT using an inter-domain approa ch. The tolls s ys tem domain and the credi t ca rd
domain a re bridged via the internet.
14 An example of surveillance network of things tha t mi ght use the internet to build pri va te networks of remotel y
ma naged things . In this case, fast and reliable connecti ons a re requi red.
     This is an example of an IoT deployment that invol ves secured, pri va te and not an intranet-based servi ce.
   This is another e xample of an IoT deployment that invol ves secured, pri va te, probabl y not intra net-based servi ce
(s uch as Swift)

GOVPIMIT Project                                                                                                        5-Apr-10

environmental sensor, collects some environmental data for less than an hour and then bridges
her equipment to the local sensor-sink to capture t he collected and aggregated data of the last
week .

Sofia is now exhausted; see needs a warm bath and a good dinner over the volcano view and
under the moon. She uses a new mobile service on her smart phone that locates nearby friends
and relatives, using either GPS data or triangulations, and discovers that Lina, her PhD student,
was in the island . They have decided t o visit “1820” a marvelous restaurant that travels visitors
to modern Greek gastronomy. A fter t his excellent dinner, S ofia decided to record an annotated
tag to rank this restaurant. It uses augmented realit y software that enables her to place an
opinion on locations, restaurant, sightseeing places and other notable objects and places .
The aforementioned every-day life snapshots illustrate t hat when deployed, “things” might be
part, extension, or run separated from the Future Internet. If we consider the Internet as a
commodity (meaning that the net working stack up to trans port layer is considered as a social
asset), then every one of the aforementioned scenarios places different requirements for
connecting, associating, integrating, interoperating, or embedding things on the globe:

                     Security and privacy, in several layers, such as information, social, and
                      transaction privacy and security

                     Reliability, when critical servic es, such as social -card verification, are based on
                      robust IoTs

                     Quality of Service, e.g., when high-capacity connections, or error-free links are

                     Inter-domain connections (i.e., when the things of one domain trigger multi -
                      domain trans actions)

                     Accountability of human actions and trigg ers that are things

                     Mobility and Roaming of devices (i.e., when mobile things are associated with
                      different internet domains/ASs)

                     Management of private scopes (i.e., private net works of things over the internet )

                     Addressing, i.e., when RFID-based addresses should be routable or traversable
                      to IP v6 addresses

                     Resource constants, since dense deployment of things will produce signific ant
                      issues on the common usage of spectrum and wireless resources.

  In this exa mple, “things” (i.e., sensors ) a re deployed in a sepa ra te field, and a re self organized to produce,
aggrega te and process local da ta . A sink might be present whereas in some cases is connected via the internet wi th
the lab fa cilities (via satellite, radio, wi reless or mobile links )
  In this exa mple GPS recei vers on sma rt phones (or the a ctual sma rt phone) a ct as loca tion identi fi cation “things”.
They a re linked to the internet to report current position on a web -servi ce, using some kind of subs cription and
authenti cation of friends .
  This exa mple is used to identify the “vi rtual thing”, i .e., identifi ca tion of pla ce, or object i n the vi rtual world i.e.,
using a specifi c servi ce (and not a tiny ha rdwa re). This offers a nnota tion capabili ties of eventuall y every i tem in the
planet, wi thout the real use of a RFID. But is s tills need the internet to be recorded, s tored and manipula ted .


Shared By: