[OpenTRV-dev] Blockchain for anti-tamper and non-repudiatiot of valuable IoT data

Wed Sep 23 21:47:33 BST 2015

Excellent.

But does the corporate view leak ?

In my view (and yours too, from what you say), the corporates are welcome
to their data (monitoring their fridges, or the fridges containing their
products in their stores). But when they have some service that depends on
our data (whose products are stocked in our kitchen fridges) then they only
own at our point of handover. We own what's put into their view of the
stream.

That's all well and good, but I think it's important that the
infrastructure recognises this, and doesn't permit them to extend their own
protected infrastructure past our firewalls, and intentionally or
unintentionally believe that they have access to uncontrolled data even
when it's in the products that they sold to us.

I have a view of how that might exist : I won't describe it here as I
realise it's off-topic. But I just wanted to flag that the ability of a
data sink to obtain authentication of data is itself a privacy issue and I
don't want corporate assumptions to leak into privacy standards.

On Wed, Sep 23, 2015 at 9:22 PM, Damon Hart-Davis <damon at opentrv.uk> wrote:

> Hi Adrian!
>
> > The same should be true of personal data. Someone who places a device in
> our homes is obtaining access to the data, but we need to be very careful
> what we say about it. I, personally, want a monitoring company to tell me
> exactly what data they are using and what they are using it for. I will
> then choose what data they get, and will trust the analysis they provide in
> return in accordance with the accuracy of the data I gave them. They
> shouldn't have the opportunity to know what filtering I wish to use to
> limit their knowledge of me.
>
> My view is that users should own their data and should be able to choose
> who gets to see it and what they can do with it.  My previous startup
> worked to make that true also, though in the end we narrowed to virtual
> credit cards as a key subset of what others could know about your
> financially...  This blockchain stuff is orthogonal.
>
> (I see people blatently lie and claim that I’ve permitted this and that
> use of my data and then it’s out in the field and difficult to do anything
> about, but the principle remains.)
>
> So OpenTRV domestic heating data is less likely to fall within this
> ‘legally important’ remit; I have corporate data, eg health and safety, in
> mind, for the Launchpad project.
>
> > There may be applications such as the one you describe where the data
> must be reliable or it is useless. But tamper-proof transport isn't
> sufficient. It needs tamper-proof sensors, tamper-proof attachment to the
> product, and tamper-proof analysis of the results. There is a danger that
> the tamper-proof data transport  will be seen as also providing
> tamper-proof data, but the transport cannot provide that. It's a necessary
> but not sufficient condition for reliable access to the data.
>
> Absolutely, all steps in the chain have to be trustworthy and intact; this
> is addressing the long-term storage element.  The AES-GCM work is
> addressing the element from sensor to concentrator for example.
>
> Rgds
>
> Damon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opentrv.org.uk/pipermail/opentrv-dev/attachments/20150923/d05b6e1e/attachment.html>