A basic problem with the "internet of things" is who gets to talk to whom. How do devices get introduced to each other?
Living units need an identity. Devices introduced into the living units need to be introduced to that identity to pair with it. Phone-based programs may also need to be paired with the living unit identity. Each pair needs a set of security restrictions.
You want to set this up so that the homeowner can look at the house webcams, but nobody else, including the webcam manufacturer, can. A unified identity and permission system, perhaps built on Persona, lets you set up such connections without every phone having to be paired with every device. Also, with a unified permission system, you can revoke permissions. You might permit a guest access to the house systems but remove that access when they leave, for example.
I think that security will be very discussed thing once IoT will be more spread. I also think that Mozilla could be first to solve it and Persona could help with it. I imagine using it for authentication of connected devices in my home.
What does Persona offer that brings value from an IoT perspective?
The bootstrap primary (which is on life support, with the one hand ready to pull the plug) requires a functional javascript engine to authenticate a user, which is a steep cost of admission. In it's absence you have to implement the entire protocol, and Persona is less feature rich and far less supported than OAuth, and I say this as an ardent defender and promoter of Persona :)
Animats|10 years ago
Living units need an identity. Devices introduced into the living units need to be introduced to that identity to pair with it. Phone-based programs may also need to be paired with the living unit identity. Each pair needs a set of security restrictions.
You want to set this up so that the homeowner can look at the house webcams, but nobody else, including the webcam manufacturer, can. A unified identity and permission system, perhaps built on Persona, lets you set up such connections without every phone having to be paired with every device. Also, with a unified permission system, you can revoke permissions. You might permit a guest access to the house systems but remove that access when they leave, for example.
garretraziel|10 years ago
ygjb-dupe|10 years ago
The bootstrap primary (which is on life support, with the one hand ready to pull the plug) requires a functional javascript engine to authenticate a user, which is a steep cost of admission. In it's absence you have to implement the entire protocol, and Persona is less feature rich and far less supported than OAuth, and I say this as an ardent defender and promoter of Persona :)