decentralized-id.github.io/_posts/identosphere-dump/real-world/iot.md
⧉ infominer 81db55a16f mdc
2022-11-27 02:14:22 -05:00

22 KiB
Raw Blame History

published
false

IOT

^^^ Interesting feature: Phil is leveraging the Hypothesis sidebar for comments\annotation -

The current model for connected things puts manufacturers in between people and their things. That model negatively affects personal freedom, privacy, and society. Alternate models can provide the same benefits of connected devices without the societal and personal costs.

ETO uses a network of distributed digital identities (DIDs) and verifiable credentials (VCs). A side benefit from the perspective of human Internet users: they regain data sovereignty over their personal data. [github]

As the world becomes even more connected and more machines are hooked up to the internet, the ability for machines to move, trade and interact securely and efficiently becomes increasingly important to life and business. Todays centralized networks do not enable this. Machines today exist on closed, permission-based environments which massively limit which other machines can be interacted with, what machines can do and where they can go.

The rise in the use of advanced analytics, machine learning (ML) and Artificial Intelligence (AI) and the Internet of Things (IoT) today have driven the technology of simulation into the concept of the digital twin. Digital twins are generally defined as a virtual digital model of a physical system that is used to make better decisions about the real world physical system. Digital twins are usually intertwined with sensors and include a two-way interaction between the physical and digital twin.

  • @debimr75 shares

    Now Animals too can have their own #decentralizedidentity to help them send their status updates to the rightful owner from their #IoT devices. #Decentralized #digitalidentity for #IoT devices would lead to #SmartFarming

  • Trust but Verify Liminal Podcasts

Peter Padd, Co-Founder & CEO at Fortifyedge shares how he's built Zero Trust authentication software that provides IoT device OEM's with password-free authentication utilizing Tiny Machine Learning at the edge.

The evident solution is to imbue connected entities with unique, tamper-evident, self-sovereign, Decentralized Identifiers (DIDs), developed by the W3C, anchored in a decentralized trust network. For MOBIs community, this is the Integrated Trust Network, or ITN.

we discussed the white paper he authored on Self Sovereign Identity and IoT. To explain the opportunities SSI can provide to IoT, Michael introduces us to three profiles: Jamie (machine to person), Bob (machine to machine) and Bessie the cow (digital twin).

This paper proposes a blockchain-based identity and access management system for IoT specifically smart vehicles- as an example of use-case, showing two interoperable blockchains, Ethereum and Hyperledger Indy, and a self-sovereign identity model.

From memory: I recall that Joe suggested simplification. I may not need to use ceramic and I may not need to use LoRa. I may not even need a blockchain or ledger. I may want to exchange public keys with friends to start out and use did:web. Kim commented about her experience with BTCR. It was a great discussion. Unfortunately, it was not recorded. When Brent mentioned a hackerspace and IoT use case using verifiable credentials to access machines that one had been trained on, Kim liked the idea. Brent admitted that this was an exploratory project and there currently were no customers. Kim and (Joe) thought that working on a project was a good way to meet people. Brent found it to be a productive way to learn about the technology. He admitted that he had not implemented verifiable credentials or completed a did method over ceramic. He admitted that he had only recently learned about the size issues of verifiable credentials on embedded devices from Mrinal from Ockam. He also mentioned that there was an earlier IIW session that talked about the size limitations of Lora: 200 bytes for LoRa and 150 bytes for LoraWAN. The title was similar to “ IoT swarms, communication in bandwidth constrained environments”. Joe questioned why LoRa was used. Brent said it was legacy and the project originally started out through a suggestion from a friend to investigate LoRa and drone tracking (to satisfy a potential FAA regulation). He claimed to be unsure about it. He knew that the hobbyists had complained. Joe suggested that other protocols could be fine, and there was a way that he recalled that ESP32 devices could form mesh networks (out of the box). Then came discussion of OpenWRT. Brent thought Joe meant (wireless access points? softtAP?) with ESP32. Discussion of did:web came up. Did:key was thought of as a good way forward (IIRC).  There were 3 things that joe mentioned to do, starting with authentication.

Distrust of devices is rising. https://wider.team/2021/04/21/resistiot/ IoT is being felt as the introduction of surveillance. “Devices are feared and distrusted as proxies for our distrust of the people and organizations behind them.” From the post:

  • Clinical technology as workplace surveillance. Hospital providers talk about their frustration with connected technologies because it feels like their every motion is being monitored and tracked, used by bosses to evaluate their speed and cost efficiency.
  • Civic technologies as government surveillance. From Oaklands corner traffic cameras leading to mass rallies to Boston Police tests and NYPD robot dogs, IoT is deep in the creepy depths of the uncanny valley.
  • Consumer technology as commercial surveillance. Alexa, Google, and Apple know too much about you and use it to sell adjacent services.

Why these feelings?

  • Devices project power into physical spaces where people live and work.
  • Devices are opaque: they hide what happens downstream with device data and upstream with device control.

Summary: This session was a discussion about three topics: IoT Swarms, the challenges of SSI in constrained networks, and preliminary results on how to overcome them. The results showed that, while a DIDComm message with a DID Document as payload used almost 1 kilobyte, a binary approach can be used to cut it to just about 200 bytes.

IoT Swarms enable resource sharing among autonomous IoT devices. The presenter mentioned some papers published in this regard [1][2], including one that analyses using SSI in IoT and Swarm systems [3].

One of the challenges identified by this last paper is the overhead of using SSI, which poses a challenge for adoption on constrained IoT networks. For example, while the Long Range (LoRa) communication, often used in IoT systems, only allows payloads of up to 240 bytes, a single DID Document typically occupies 500 bytes or more. Similarly, messages using DIDComm tend to use at least 1 kilobyte, which prevents its use on constrained networks.

Figure 1. Binary versions of DIDComm and DID Documents are needed to allow transmission in LoRa networks. The payload, in blue, is a DID Document. The overhead, in orange, is the protocol overhead due to the message signature.

IoT, digital twins, device shadows, Conflict-free replicated data type (CRDT), CSP over DIDcomm

Pico is short for “Persistent Compute Objects.”

Why Picos

  • Persistent, personal, computational nodes → More individual autonomy
  • Computational node for anything: person, place, organization, smart thing, dumb thing, concept, even a pothole
  • Better, more scalable model for IoT → trillion node networks
  • Picos support social things and trustworthy spaces
  • Better sharing, more natural relationship-based interactions (borrow my truck, Fuse with two owners)
  • Scales
  • Substitutable hosting model → freedom of choice
  • pico mesh
  • [...]

What are Picos?

  • “Pico” is a neologism for persistent compute objects.
  • Persistence is a core feature of how picos work.
  • Picos exhibit persistence in three ways:
  • Persistent identity—Picos exist, with a single identity, continuously from the moment of their creation until they are destroyed.
  • Persistent state—Picos have state that programs running in the pico can see and alter.
  • Persistent availability—Picos are always on and ready to process queries and events.

Pico Engine 1.0 released in January

Problem: So, what happens when you cant call home to conduct an identity conversation? Youre on Mars and the latency is long. Youre in Haiti and the bandwidth is very limited during a storm. Youre in a war zone and your signal is noisy due to interference.

Rugged Identity is hoped-for resilience from very long latency, noisy signal, low bandwidth, interrupted connections, very low power computing and radio, power outages, and attacks on physical integrity like device tampering.

Solving these problems should bring curb-cut effects to all digital identity protocols. So medical devices still work in hospitals that block signals or homes where the router is overloaded.

  • Self-Sovereign Identity and IoT insights from the Sovrin Foundation

    Michael Shea is the Managing Director of the Dingle Group and the Chair of Sovrin FoundationsSSI in IoT Working Group. In this podcast we discussed the white paper he authored on Self Sovereign Identity and IoT. To explain the opportunities SSI can provide to IoT, Michael introduces us to three profiles: Jamie (machine to person), Bob (machine to machine) and Bessie the cow (digital twin). ) Using SSI, they can not only provide their machines with a decentralized and secure identity but also cover authentication and authorization through verifiable credentials issued on top of these identities. With this solution we built with Venafi, we can communicate or authenticate, authorize these devices, and prevent them from vulnerability to attack or counterfeit.

  • SSI In IoT, The SOFIE Project The Dingle Group

    For the 22nd Vienna Digital Identity Meetup* we hosted three of the lead researchers from the EU H2020 funded The SOFIE Project.  The SOFIE Project wrapped up at the end of last year a key part of this research focused on the the use of SSI concepts in three IoT sectors (energy, supply chain, and mixed reality gaming) targeting integrating SSI in without requiring changes to the existing IoT systems.

  • Relationships in the Self-Sovereign Internet of Things Phil WIndley

    This post looks at Alice and her digital relationship with her F-150 truck. She and the truck have relationships and interactions with the people and institutions she engages as she co-owns, lends and sells it.

  • Capitalizing on Self-Sovereign Identity for Machines [Part One]

    By providing a means to globally define an indisputable link between a machine and its machine identity across different sites, networks and businesses, we can secure IoT like never before.

The filancore integration for Verifiable Credentials is available now. You can learn more from the Venafi Marketplace.

  • Relationships in the Self-Sovereign Internet of Things

    DIDComm-capable agents provide a flexible infrastructure for numerous internet of things use cases. This post looks at Alice and her digital relationship with her F-150 truck. She and the truck have relationships and interactions with the people and institutions she engages as she co-owns, lends and sells it. These and other complicated workflows are all supported by a standards-based, open-source, protocol-supporting system for secure, privacy-preserving messaging.

  • Self-Sovereign Identity and IoT

    Michael Shea is the Managing Director of the Dingle Group and the Chair of Sovrin FoundationsSSI in IoT Working Group. In this podcast we discussed the white paper he authored on Self Sovereign Identity and IoT. To explain the opportunities SSI can provide to IoT, Michael introduces us to three profiles: Jamie (machine to person), Bob (machine to machine) and Bessie the cow (digital twin).

  • Self-Sovereign Identity for IoT Devices Nataliia Kulabukhova, Andrei Ivashchenko, Iurii Tipikin, and Igor Minin

in our point of view, a lot of development groups are working in parallel on the similar topics, yet it is not clear what is going on inside. In this paper we will try to define the differences and discuss both pros and cons of using such commonly known technologies as Sovrin based upon the Hyperledger Indy technology, Civic, Jolocom, uPort and some others. Besides, well tackle the idea of using the SSI for inanimate object and how it can be constructed in this way.

Managing IoT devices and user identities as well as the relationships among various devices and their digital twins face significant challenges. First, a lack of Identity Credential and Access Management (ICAM) standards for IoT creates proprietary standards and a lack of interoperability. Second, the operational lifecycle of IoT devices complicates integration of traditional ICAM. Lastly, ICAM technology must adapt to the proliferation of connected devices. This evolution requires a digital trust framework and the decentralized architecture of Self-Sovereign Identity (SSI).

Smart property is much more than the anemic connected things we have now. Smart property imagines a world where every thing participates in digital communities and ecosystems, working through programmable agents under the owners control.

Devices are equipped by the manufacturer with an identity stored in a trusted execution environment (TEE) and secured by a blockchain. This identity can be used to trace back the origin of the device. During the bootstrapping process on the customer side, the identity registration of the device is updated in the blockchain. This process is performed by a so-called registrar. Smart contracts prevent unsolicited transfer of ownership and track the history of the device. Besides proof of origin and device security our concept can be used for device inventory and firmware upgrade.

You can play with this first hand at NoFilter.org, which brands itself as a "the world's first unstoppable, uncensorable, undeplatformable, decentralized freedom of speech app." There's no server storing files, just a set of Javascript files that run in your browser. Identity is provided via Metamask which uses an Ethereum address as your identifier. I created some posts on NoFilter to explore how it works.

Unlike a Wifi network, you don't put the network credentials in the device, you put the devices credentials (keys) in the network. Once I'd done that, the sensor started connecting to hotspots near my house and transmitting data. Today I've been driving around with it in my truck and it's roaming onto other hotspots as needed, still reporting temperatures.

To create a pairing between the digital world and the real world, a digital twin leverages real time data, such as smart sensor technology, coupled with analytics, and often artificial intelligence (AI) in order to detect and prevent system failures, improve system performance, and explore innovative uses or functional models.

Digital Twin Consortium drives the awareness, adoption, interoperability, and development of digital twin technology. Through a collaborative partnership with industry, academia, and government expertise, the Consortium is dedicated to the overall development of digital twins. We accelerate the market by propelling innovation and guiding outcomes for technology end-users.