When 50 billion devices start sending data over networks, privacy and security challenges become exponentially harder. M2M solutions require the ability to handle existing security governance investments yet support a variety of security protocols, encryption and privacy requirements that cross mobility, sensor networks, diverse devices, M2M telecommunications and data centers and their relevant policy domains. The nature and scale of the M2M infrastructure create unique challenges such as trust (untrusted devices, networks, associated applications), cost (cannot be expensive considering the large number of devices), shared data (who owns it, controls it and how to securely share and manage it), access (static access controls cannot adjust to the dynamic nature of M2M), performance (low power devices can´t spare many cycles for security), heterogeneity, integration into existing security paradigms, and cross-jurisdictional privacy mandates that have to be addressed.
The panel will discuss the above challenges unique to the application of M2M and IoT devices within various industry sectors, such as Smart Grid systems in the energy industry. The panel will also discuss how some of these issues are being tackled by the important OASIS committees: Message Queuing Telemetry Transport Protocol (MQTT), Privacy by Design Documentation for Software Engineers (PbD-SE), Privacy Management Reference Model and Methodology (PMRM) as well as the Smart Grid Cybersecurity Committee under the Smart Grid Interoperability Panel.
The panel will include case studies on how governments and large organizations and critical infrastructure providers such as electric utilities are tackling the security and privacy implications of IoT/M2M to build a resilient environment to drive business value.