True Trust In The Internet Of Things Calls For An End-To-End Rethink

Tech has been in the crosshairs a lot lately. Over the past few years, data privacy scandals swirling around Facebook and Google, as well as countless data breaches of sensitive personal information, have affected almost every American whether they realize it or not. Despite alarming headlines, people have become resigned to this risk as an unavoidable cost of participating in the global information economy. Now, a new threat has emerged that can critically impact not only our digital data, but our physical wellbeing: the devices we rely on to live our daily lives are at serious risk of being hacked. Society now faces a critical question. When the problem evolves from securing our data to securing the physical devices we rely on -- our homes, our cars, crucial medical devices -- how can we protect ourselves?

In fact, we do have the tools today to build a world that combines the services we have become accustomed to with the peace of mind of knowing our data and devices are secure and private. But to do so, we need to re-engineer the basic infrastructure that underpins the current Internet of Things. After all, we are still basically using the same information networks that emerged in the 1980s with a focus on free access, public data, and global sharing, rather than security and privacy. The current information infrastructure is therefore fundamentally unable to meet the pressing challenges of today and the greater challenges of tomorrow. Patches and ad-hoc fixes will not be enough; what we need is a complete rebuild of our data and device infrastructure with security and privacy by design.

This rebuilding starts with secure hardware. The evolution of credit cards in the past decade offers a great example of how we can redesign our devices to offer true security. Not too long ago, information could easily be stolen from a credit card’s low-security magnetic strip. But these strips have now been replaced by secure hardware in the form of an embedded NFC chip. These tiny chips are, in fact, highly secure, encrypted hardware that make it effectively impossible to steal information from the physical card itself. This secure hardware can and should be applied to all of our devices in order to guarantee true end-to-end trust. Online data breaches are a major inconvenience, but just imagine the damage that could be done if our smart homes, vehicles, city infrastructure, and other machines fell victim to similar attacks.

In addition to secure hardware, we must also protect information as it is transmitted from device to device and ultimately stored in cloud servers or other databases. Most of the major hacks of the past several years have resulted from breaches of online databases and systems, rather than physical cards or devices. Truly safe information networks and databases are therefore also needed for an Internet of Trusted Things. This is where blockchain technology comes in. Like credit card chips and other secure hardware, blockchains are highly secure and encrypted. This means that the information they store cannot be hacked the way normal databases can. The information they store, like that on the physical device, is secure and permanent.

The key, then, to re-engineering our interconnected world -- and readying it for the Internet of Trusted Things -- is to combine secure devices with secure networks. Both elements are needed to maintain the chain of trust from the physical world to the digital world. Without true end-to-end security, hackers will simply exploit the weak links in the chain. This fully secure and trusted world is not science fiction, but relies on technology that we are already deploying. If we take the challenge we face seriously, and act now to secure the devices and networks that power our lives, we can replace today's fear and sense of powerlessness with a new world rooted in security, trust, and peace of mind. One where we no longer need to ask others “don’t be evil,” because the Internet of Trusted Things ensures that they “can't be evil.”

(Jing Sun is a co-founder of IoTeX, a technology company that uses blockchain, secure hardware devices and data storage to build end-to-end encrypted device ecosystems for the Internet of Trusted Things.)