The Internet of Things (IoT) is surrounded by a lot of hype. There is great promise to be able to do and know all sorts of things when all our stuff can communicate. That could be almost anything, including thermostats, cars, garage door openers, baby monitors, appliances, fitness trackers, and the list goes on. Cheap sensors and easy connectivity means that it is becoming trivial to measure everything and connect almost anything.
But with great promise comes great risk. Our things will generate information about us – both direct and inferred. There are security issues if these devices can be controlled by third parties or used as back doors to gain entry to other systems. It may not be a big deal if someone finds out the temperature of your house – but it is a big deal if they can go through your thermostat and get into your home network.
These privacy and security issues must be dealt with up front and built into the devices and ecosystem.
The Online Trust Alliance (members include ADT, AVG Technologies, Microsoft, Symantec, TRUSTe, Verisign) just released a draft IoT Trust Framework to address this issue. The draft is open for comments until September 14.