10 things about Internet of Things

10 things about Internet of Things

1. All the IoT devices will have their own friggin lasers and LEDs, each blinking in an annoying POST and live patterns of their own.
   
2. Each IoT device and vendor will have their own end-user agreement starting at 10 pages or so, "enhanced" with 5 additional pages quarterly
   
3. Each IoT device will make different noises and plings (alerts, I'm alive, notices...) all day and all night long.
   
4. IoT device firmware will be updated Samsung-style - every now and then first 12 months, then never.
   
5. Just like the NSA and Facebook, there's not a single set of data that is deemed out of bounds and that a IoT vendor will refrain from logging and storing somewhere for a "improved user experience".
   
6. The goal of IoT is to collect user data and sell in situ ads
   
7. Each IoT device will use their own IP port and range of external access options will come as a surprise.
   
8. IoT security is an add-on, not built in.
   
9. 3rd party access to IoT devices and IoT logs will give you cheaper home/car/family/health insurance and become mandatory after a mandatory voluntary period.
   
10. The vendor with the best IoT back end and ecosystem for 3rd parties will win.

Backend as a Service (BaaS) for mobile services, Internet of Things and devices

Backend as a service (BaaS), is making an appearance as a new "as a Service" cloud or SW development approach to give developers (mostly) a general way or an API into common application enabling infrastructure.  It gives web, mobile app and Internet of Things (IoT) developers a way to link their client services and applications to backend cloud processing and storage, as well as providing generic functionalities like user authentication and management, service management and logging, push notifications and integration with social networking services and more for their apps.

With all this going on with a BaaS, it might be easy think it's a mix of cloud IaaS, PaaS and SaaS geared towards mobile developers and clients, and gives developers a turn-key, if there ever was anything "turn-key", software modules needed to run the general backend services of mobile applications.

Kinvey has a great mobile dev and services ecosystem map, that shows were BaaS is generally positioned and residing.

Why would anyone use a BaaS kind of backend, and not develop their own to suit service specifics?  Main reasons seems to be that BaaS makes it

1. Easier to cover multiple terminals and form factor, different mobile operating systems and for instance multiple authentication, logging and payment schemas.
2. Easier to prototype, quicker to launch and both easier and quicker to scale the backend as an app or mobile service might take off or see seasonal capacity demands
3. Possible to outsource or transfer many of the security issues and worries associated with mobile apps, payment and general hacking.
4. Easier to also cover Internet of Things kind of devices as most of the mobile BaaS players have IoT enablement on their roadmap also.

This is a developing area, and merges and some big names VC investments are certain to come through the next 6-9 months.

Some BaaS players you might want to check out:

1. Firebase
2. Parse, recently bought by Facebook
3. Kinvey
4. Appcelerator
5. StackMob
6. AppliCasa
7. StrongLoop
8. Kumulos
9. BaasBox

Erik Jensen, 25.11.2013

Internet of Things ecosystems and balkanisation risks

Like Big Data, Internet of Things (or IoT for short) has been talked about for years, and seems on the verge of making it big the next 1-36 months or so.  Just as real-life management intelligence and business value from Big Data logging and analytics.

Just as Big Data solutions and systems has to deal with tons of different/proprietary log formats and data sources within an enterprise or from public data sources on the Internet or other places, then applying application or vendor specific data collection and log normalisation, and doing application specific mapping to business KPIs, reports and analytics, so IoT faces a number of non-standardized or vendor-proprietary challenges to become a true interconnected web of things, things to humans, humans to things etc.

There are numerous non-standardised issues and management in the areas of IoT security (service access to things by other things and humans, authentication and authorisation, management and reporting of denial of service and hi-jacking of devices, device upgrades, logging), identification and naming schemas for things, common IoT metrics, real-time control and communication protocols, subscription models and reporting.

A recent IETF Internet report draft, "Security Considerations in the IP-based Internet of Things,               draft-garcia-core-security-06") seemingly puts a lot of faith in IPv6 and web services in general to facilitate IoT developments ("The introduction of IPv6 and web services as fundamental building blocks for IoT applications [RFC6568] promises to bring a number of basic advantages including: (i) a homogeneous protocol ecosystem that allows simple integration with Internet hosts; (ii) simplified development of very different appliances; (iii) an unified interface for applications, removing the need for application-level proxies."), but also adds "Although the security needs are well-recognized, it is still not fully clear how existing IP-based security protocols can be applied to this new setting".

On a general level this is of course quite all right but of one looks at the developments of for instance, and quite relevant, mobile ecosystems where some key players control their entire ecosystem (clients and device OS, programming APIs and SDKs, backend for authentication and billing, app stores, ad networks integration etc), homogeneous protocol ecosystem for IoT and unified interface for IoT devices, clients and services, looks a long way of.   And so far, in my opinion, most IoT devices and services for home automation and IoT, in-car or transport IoT, M2M payment arrangements and more are proprietary and vendor specific.

For instance for home automation, it's not easy or doable at all to get Belkin WeMo units to talk to or interact with Nest units or Telldus units.  Or reach them through a common programming interface or backend. (although I should backtrack slightly here - the great IFTTT scripting service is starting to emerge as a common way for end-users to program their devices, and is supported bu Belkin WeMo and Philips for their Hue range for instance).

With that backgrounder, are there risks of IoT being balkanized, and that IoT devices and services will become vendor or ecosystem proprietary?  Or are there standardisation efforts underway to overcome this risk and 2-3 vendors dominating this field over time as we have seen in the mobile area, Internet video or social media area for instance.

Currently the IETF doesn't seem to have a RFC track for IoT comms and networking standards, but the IEEE standards organization are now finally are gearing up (or, they had their first IoT report out in 2005), and are meeting for their initial IoT standardisation tracks.  Will probably take some years and in the meantime it's not hard to predict that this developing and promising business area will see most gadget, cloud and Internet OTT players getting involved (why not Facebook for home automation and control, Microsoft Xbox with Kinect for same and as automation hub, Android and Google Glass for an Google approach, Apple TV or iOS-devices for same etc).

And getting involved here means each vendor building and securing their IoT ecosystem on both client and backend/cloud side, extending device OS (iOS, Android) to cover IoT functionality and attract developers and påartners into their IoT ecosystem.  I would put my own money on one or two of this, even though it means IoT balkanisation.

Looking to read up on IoT developments and work? Here are some pointers and vendor samples (in no particular order):

1. Wikipedia on IoT
2. McKinsey Quarterly report, The Internet of Things
3. Dark reading, Identity management in the cloud by Ericka Chickowski
4. IFTTT. And an article on how to get started with IFTTT from ReadWrite
5. OpenIoT - Open Source Solution for the Internet of Things into the Cloud
6. CastleOS for home automation
7. You are most likely a IoT service provider - Google Maps gets real-time traffic, crowdsources Android GPS data
8. Postscapes - tracking the Internet of Things
9. IoT cloud specialist - Arrayent
10. IoT developments environment and tools, IoT cloud - Xively
11. Device relationship and ID management - Forgerock IRM

BTW, what are the Balkans and Balkanisation?


Erik Jensen, 14.11.2013