Seattle, Oct. 20, 2015: The AllSeen Alliance, a cross-industry collaboration to advance the Internet of Everything through the AllJoyn open source software project, today announced major authentication and device authorisation updates to the AllJoyn open source framework for Internet of Things (IoT).
A press statement said the new functionality built on AllJoyn’s existing end-to-end data encryption and message-based security, adding rich semantics that extended familiar security models from the Cloud and app domain to the devices that made up the IoT. With this addition, AllJoyn-enabled devices will work safely and securely, regardless of platform, manufacturer, transports, OS or chipset.
Existing security protocols today vary from manufacturer to manufacturer, and even device to device, resulting in fragmentation, poor network security policies and weak links that create undue risk. Recognising this, the AllSeen Alliance said there was a need for a security framework that offered protection across a breadth of scenarios.
The latest updates followed a model of security commonly found in computing and applications with users, groups, roles, relationships and things extended to IoT. The security manager service architecture inhereted in AllJoyn minimised development time and complexity, providing key management, permission rules, and certificates when managing IoT applications and devices.
“For IoT to see mainstream adoption, and more importantly truly make people’s lives better, any fears or concerns about security and device privacy must be addressed. We’re enhancing AllJoyn’s security with collaboration across the IoT ecosystem, allowing us to standardize security for IoT, regardless of manufacturer or use-case,” said Philip DesAutels, Senior Director of IoT, AllSeen Alliance. “We’ve extended a familiar security model to the world of IoT, making it as easy as possible for developers, product managers and engineers to adopt an industry standard security protocol for all IoT devices, regardless of transport or operating system.”
Using a peer-to-peer communications framework, AllJoyn claimed it was the first IoT platform to provide end-to-end, application-level security and data encryption. AllJoyn security occured at the application level; there was no trust at the device level. By running on the local, proximal network without LAN/Wi-Fi security requirements, AllJoyn-enabled applications and devices can talk directly to each other quickly with reduced vulnerability to outside attacks.
The AllSeen Alliance is a non-profit collaborative project at The Linux Foundation.
Image Credit: AllSeen Alliance