On Tue, Dec 10, 2013 at 12:24 PM, Joseph Lorenzo Hall <[email protected]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > > On 12/9/13 7:43 PM, Phillip Hallam-Baker wrote: > > What we can do about this in the IETF is quite limited. What we > > could do is to have some sort of device registration protocol > > whereby the device gains access to the network by first proposing a > > 'contract' specifying all the ports and protocols it is going to > > speak. The network infrastructure could then default-deny any > > access outside that contract. > > > > This would then reduce the audit task from observing the behavior > > of the device to checking the facilities it asks for and seeing if > > they are acceptable. > > I have been thinking similarly... sort of a standards-supported > network monitor for the internet of things: > > from p. 4 of > https://www.cdt.org/files/pdfs/CDT-Internet-of-Things-Comments.pdf: > > "There may be technological solutions to these barrier-crossing issues > that consumers can configure to control the amount and nature of data > transmitted by IoT-capable sensors and devices in sensitive locations. > For example, it may be possible to design “middleware” networking > equipment that a member of the household or business could configure > to selectively allow or disallow networked objects from communicating > outside of the household network. Ideally, such a privacy appliance > could easily identify data emitted by IoT-capable products in the home > network, but that relies on manufacturers inserting the right tags into > their network communication that such an appliance could read. This > would probably require significant standards work and manufacturer > buy-in (or a legislative or regulatory mandate) to support this kind > of functionality. Another option may be to design a standard element > to the networkable components of IoT objects — say a pull-off tab or > shielding element — that consumers can activate in order to toggle or > disable networking functionality. Given that certain activities and > areas in one’s home are particularly sensitive towards arbitrary data > collection — bedrooms, bathrooms, children’s areas — there may be a > level of tracking and data usage that above which is simply not > appropriate for those products or that industry commits to making > connected and disconnected versions." > > Would love to know if there is work (standards, research, whatever) in > this area I should be aware of. > The first step is to have a protocol that allows a device, application, whatever that is connecting to the local network to announce themselves and the services they intend to provide. If you would like to do this in JSON, I have a protocol to do that: http://tools.ietf.org/html/draft-hallambaker-omnibroker-06 The explanation of how to manage the protocol is incomplete because I am currently doing the email hack thing. But I do intend to finish this work because I intend to build on it. -- Website: http://hallambaker.com/
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
