Welcome!

IoT Expo Authors: Dana Gardner, Peter Silva, Elizabeth White, Pat Romanski, Roger Strukhoff

Related Topics: IoT Expo, SOA & WOA, Cloud Expo, Security, Big Data Journal, SDN Journal

IoT Expo: Article

'Internet Of Things' and Identity

As the Internet of Things continues its march to the mainstream, organizations have more opportunities to expand relationships

Over the past few years, enterprises have been moving to the cloud to streamline processes and operations. A study last year by TheInfoPro indicated that there is no sign of cloud investment slowing down - predicting an average growth rate of cloud spending of 36 percent from this year until 2016. As the Internet of Things continues its march to the mainstream, organizations have more opportunities to expand relationships with customers and partners by building and offering new services. These services have the potential to exponentially drive revenue and create business value.

The question is, what do CIOs need to do to make sure that their companies can take advantage of this potential? The first step is to look at their existing technical infrastructure to ensure that it can truly enable companies to drive change. One crucial component: security, including identity and access management.

IRM and the Cloud: The Move Toward Supporting a Dynamic Environment
Traditionally, identity and access management (IAM) was used to defend a company from security breaches and protect data by providing the right level of access to the right people, who were typically employees of the company. But in a cloud-based world, where organizations need to break down the walls to increase their interaction with customers and partners, a traditional IAM solution just doesn't work - it won't be able to cope with the varying devices and environments at Internet scale.

Looking at all the differences between what is needed now and what traditional identity management offers, I think that "identity relationship management" (IRM) is the best way to describe the new lightweight and agile solution that companies will adopt. A term coined by Kantara Initiative in October 2013, I think it is a perfect way to describe the changes that are needed - moving from managing access and identities to managing relationships.

In a cloud-based world, organizations need to ensure that their IAM system - a critical security component - is able to handle dynamic requests. What do CIOs and CSOs need to look for in an IRM solution to drive revenue through the cloud, while still ensuring a secure experience? Here are some ideas:

  1. Scalability: In a world running on the cloud and the Internet, scalability is a key factor - it's no longer about managing employees who access information from their desks. Customers, partners and employees are accessing information from devices across a variety of locations and the number of users grows exponentially over time, so identity systems need to manage millions of identities instantaneously.
  2. Intelligent and adaptable: Now that everyone has a mobile device, they expect access to information across different environments and geographies. But, that doesn't mean that IT needs to compromise on security. That's why identity and access systems need to be flexible, so that if a user tries to access a secure portal from a new device or location, it will allow access, granted they have the proper credentials.
  3. Modular structure: Modern identity demands are at an entirely new level of complexity that an old, traditional system is not able to handle. Systems need to respond quickly to a plethora of varying factors - devices, circumstances, and access privileges - to ensure that systems continue to run seamlessly. Now that companies are opening up access to partners and customers, user experience becomes that much more complex and critical, and traditional IAM struggles to respond to these varying factors.
  4. Borderless: Not long ago, information was stored on premises and that's where employees accessed it from - their desktop from the network in their office. Now that companies have adopted new technologies like cloud and SaaS, information is likely stored across all three environments, but users still expect the same fast and easy access. A good IRM solution is borderless so that stakeholders have the flexibility to securely and seamlessly access information stored in any environment from anywhere.

Making the Transition Easy
There are also some detailed technical features that organizations can keep in mind when choosing an IRM solution. These include emerging standards like OpenID Connect and OAuth 2.0, which enable cloud and mobile-ready features like device agnostic single-sign on (SSO) across environments. A system that uses REST APIs also makes it more developer friendly, and is a lightweight and flexible alternative to traditional SOAP-based Web services.

When considering implementation, it is essential to ensure the deployment is as quick and easy as possible. Oftentimes, organizations are using different IAM systems across their company, making management difficult. Deploying a central IRM solution gives users the ability to quickly create and deploy new revenue-generating services.  Additionally, the IT team is able to manage and scale the system much easier from one centralized location.

IAM has always been seen as a necessity for employees and company systems, and therefore a business cost, but with the cloud, organizations are in the unique position to adjust their focus from simple identity and access management to leveraging the value of unique relationships to drive business' top-line revenue.

More Stories By John Barco

John Barco is currently vice president of product management at ForgeRock. He has more than 20 years of experience building innovative products for enterprise customers with focus on identity and access management for the last 12 years. Prior to joining ForgeRock, he served as senior director of product management for the Identity Management group at Sun Microsystems. John has also held leadership positions at iPlanet, Silicon Graphics, NComputing, and IronKey. He holds a degree in industrial engineering from Missouri State University.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Latest Stories from IoT Journal
The Open Group and BriefingsDirect recently assembled a distinguished panel at The Open Group Boston Conference 2014 to explore the practical implications and limits of the Internet of Things. This so-called Internet of Things means more data, more cloud connectivity and management, and an additional tier of “things” that are going to be part of the mobile edge -- and extending that mobile edge ever deeper into even our own bodies. Yet the Internet of Things is more than the “things” – it means a higher order of software platforms. For example, if we are going to operate data centers with new dexterity thanks to software-defined networking (SDN) and storage (SDS) -- indeed the entire data center being software-defined (SDDC) -- then why not a software-defined automobile, or factory floor, or hospital operating room -- or even a software-defined city block or neighborhood?
BetaBoston is reporting a shake-up at LogMeIn's Xively Internet of Things division. "Several top execs focused on launching new services to support the “Internet of Things” — sometimes called machine-to-machine communication, or M2M — have left Boston-based LogMeIn in recent months. Among those who have left the Xively division in 2014 are chief technology officer Philip DesAutels; Chad Jones, a vice president of strategy; and Les Yetton, the one-time general manager of the group."
Enthusiasm for the Internet of Things has reached an all-time high. In 2013 alone, venture capitalists spent more than $1 billion dollars investing in the IoT space. With “smart” appliances and devices, IoT covers wearable smart devices, cloud services to hardware companies. Nest, a Google company, detects temperatures inside homes and automatically adjusts it by tracking its user’s habit. These technologies are quickly developing and with it come challenges such as bridging infrastructure gaps, abiding by privacy concerns and making the concept a reality. These challenges can’t be addressed without the kinds of agile software development and infrastructure approaches pioneered by the DevOps movement.
Predicted by Gartner to add $1.9 trillion to the global economy by 2020, the Internet of Everything (IoE) is based on the idea that devices, systems and services will connect in simple, transparent ways, enabling seamless interactions among devices across brands and sectors. As this vision unfolds, it is clear that no single company can accomplish the level of interoperability required to support the horizontal aspects of the IoE. The AllSeen Alliance, announced in December 2013, was formed with the goal to advance IoE adoption and innovation in the connected home, healthcare, education, automotive and enterprise. Members of this nonprofit consortium include some of the world’s leading, consumer electronics manufacturers, home appliances manufacturers, service providers, retailers, enterprise technology companies, startups, and chipset manufacturers. Initially based on the AllJoyn™ open source project, the AllJoyn software and services framework will be expanded with contributions from member companies and the open source community.
There’s Big Data, then there’s really Big Data from the Internet of Things. IoT is evolving to include many data possibilities like new types of event, log and network data. The volumes are enormous, generating tens of billions of logs per day, which raise data challenges. Early IoT deployments are relying heavily on both the cloud and managed service providers to navigate these challenges. In her session at 6th Big Data Expo®, Hannah Smalltree, Director at Treasure Data, to discuss how IoT, Big Data and deployments are processing massive data volumes from wearables, utilities and other machines.
Larry Ellison turned 70 and has decided to turn over the CEO reins at Oracle. Safra Catz and Mark Hurd, both in their 50s, will function as a “Ms. Inside and Mr. Outside” as co-CEOs, at least for awhile. Serious reverberations will be felt within this highly competitive company and the highly competitive industry in which it makes its money. Even while guiding his yacht to an America's Cup title, Larry Ellison remained in firm control of the company he founded in 1977. He still has an ownership stake of about 20% of the company--1 billion or so shares of Oracle stock worth about $40 billion. Who can imagine that he'll be a docile, passive Chairman? Yes, he is returning as Chairman, with Jeff Henley, currently in that role, moving aside to be Vice-Chairman. Ellison reports he will also serve as Chief Technology Officer. So it's clear he's not fading from the scene. But he will not be able to micromanage the company by any measure. What Does It Mean? Think of all of the very strong executives over the years who rose quickly and highly in Oracle, only to be banished from the kingdom and/or to start their own big companies. Ray Lane, Marc Benioff, and Tom Siebel spring i...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Architect for the Internet of Things and Intelligent Systems at Red Hat, will describe how to revolutionize your architecture and create an integrated, interoperable, reliable system of thousands of devices. Using real-world examples, James will discuss the transformative process taken by companies in moving from a two-tier to a three-tier topology for IoT implementations.
Technology is enabling a new approach to collecting and using data. This approach, commonly referred to as the “Internet of Things” (IoT), enables businesses to use real-time data from all sorts of things including machines, devices and sensors to make better decisions, improve customer service, and lower the risk in the creation of new revenue opportunities. In his session at Internet of @ThingsExpo, Dave Wagstaff, Vice President and Chief Architect at BSQUARE Corporation, will discuss the real benefits to focus on, how to understand the requirements of a successful solution, the flow of data, and how to best approach deploying an IoT solution that will drive results.
I write and study often on the subject of digital transformation - the digital transformation of industries, markets, products, business models, etc. In brief, digital transformation is about the impact that collected and analyzed data can have when used to enhance business processes and workflows. If Amazon knows your preferences for particular books and films based upon captured data, then they can apply analytics to predict related books and films that you may like. This improves sales. This is a simple example, but let me tell you what I learned yesterday in sunny and warm San Francisco about more complex applications.
IoT is still a vague buzzword for many people. In his session at Internet of @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, will discuss the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. The presentation will also discuss how IoT is perceived by investors and how venture capitalist access this space. Other topics to discuss are barriers to success, what is new, what is old, and what the future may hold.
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DNS lookup loading complex sites necessitates hundreds of DNS queries. In addition, as more internet-enabled ‘Things’ get connected, people will rely on DNS to name and find their fridges, toasters and toilets. According to a recent IDG Research Services Survey this rate of traffic will only grow. What’s driving this increase? The growth in volume is largely attributed to the rollout of new services and applications along with expanding migration to the cloud and traffic spikes. The Internet of Things will also place a strain on DNS services. Are you ready for this surge of new services and applications along with potential DNS threats?
Building low cost wearable devices can enhance the quality of our lives. In his session at Internet of @ThingsExpo, Sai Yamanoor, Embedded Software Engineer at Altschool, will provide an example of putting together a small keychain within a $50 budget that educates the user about the air quality in their surroundings. He will also provide examples such as building a wearable device that provides transit or recreational information. He will review the resources available to build wearable devices at home including open source hardware, the raw materials required and the options available to power such wearable devices.
Where historically app development would require developers to manage device functionality, application environment and application logic, today new platforms are emerging that are IoT focused and arm developers with cloud based connectivity and communications, development, monitoring, management and analytics tools. In her session at Internet of @ThingsExpo, Seema Jethani, Director of Product Management at Basho Technologies, will explore how to rapidly prototype using IoT cloud platforms and choose the right platform to match application requirements, security and privacy needs, data management capabilities and development tools.
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at Internet of @ThingsExpo, Erik Lagerway, Co-founder of Hookflash, will walk through the shifting landscape of traditional telephone and voice services to the modern P2P RTC era of OTT cloud assisted services.
We were in contact recently with Shrikant Pattathil (pictured below), Executive Vice President of Harbinger Systems. Here are some of his thoughts about healthcare, the IoT, and disruption: IoT Journal: Healthcare, with all of its systems and dataflows, seems an ideal area for IoT solutions. What is Harbinger Systems doing in this area? Shrikant Pattathil: Being a service provider we work with many product development companies who are building new IoT-based applications to solve problems that plague the healthcare industry. For example, there is a need for applications to manage your medicine dosage, seek help, and notify your care provider. IoT Journal: And how do you go about addressing these problems? Shrikant: We are approaching IoT from mobile and cloud perspective. These are our key strengths. We are helping product companies in IoT space to quickly build the mobile interfaces for their product offerings. We are also helping them to place the data on the cloud in a secure way, so that they can truly exploit the benefits of IoT. IoT Journal: What are the advantages of the IoT here? Cost? Better care? What sorts of metrics can be applied, and are there intangibles as ...