Gamifying IOTICS: Secure Interactions

In this series of posts we are discussing the three core principles underpinning IOTICS vision: Virtualisation, Symmetry, secure interactions. For those that missed part one and part two, unbelievably, let’s do a quick recap

IOTICS enables the creation of secure and scalable ecosystems of parties who want to cooperate by sharing and exchanging data and events.

Parties are joined into a decentralised network where they can share and exchange data with each other still retaining full control of their respective access control and governance policies.

The conceptual architecture of the solution is underpinned by three main ideas:

1. Virtualisation: Every real asset is virtualised in IOTICS as Digital Twins.
2. Symmetry: Interactions between real assets occur ONLY between digital twins
3. Secure interactions: an interaction – or exchange of data – from a twin to another twin must be allowed by the receiving twin. IOTICS provides the brokering framework.

Throughout this series we’ll be using an imperfect, but appropriate analogy. IOTICS as a multiplayer video game environment. Multiplayer games are an ecosystem of parties cooperating for a common purpose: no matter what game they play, everybody shares the common goal of being entertained. Everybody cooperates, playing according to the ecosystem rules enabling every player to benefit.

Last time we discussed symmetry. By enforcing symmetry IOTICS is secure from the ground up, and applications can be implemented more easily and with greater reliability.

In this post we discuss secure interactions and how IOTICS enables the communication between twins to happen.

Let’s play together! Interactions between twins

At its essence, an IOTICS application is a group of Digital Twins securely interacting with each other autonomously.

There’s a lot to unpack in this sentence, specifically in the two words “autonomously” and “securely”.

We discussed in the first article of this series how autonomous interactions are enabled, in IOTICS, by semantics. But interactions can only happen autonomously if they can happen securely. Specifically when it’s possible for a twin to determine whether to share data with another twin and when.

The building blocks are:

• Identity: a twin must be able to uniquely identify another twin and be able to establish provenance of data from the identified twin
• Access control: a twin must be able to control its access control policies and apply them to grant or revoke access.

Twins 123 and 456 interacting by sharing data and twins 123 and 789 interacting by dispatching commands

Why it matters

A twin interacts with another twin by subscribing to a feed data or sending a control. The dispatch of the request and handling of the response happens programmatically within the guts of the agents of the respective twins. Unless there’s a mechanism for a twin to detect, parse and possibly block the incoming request, the interaction can’t be secured and autonomy can’t be achieved. Security is key.

Secure and autonomous interactions in practice

An autonomous interaction happens when the agent of a twin is programmed to:

• find one or more twins based on some semantically described metadata
• describe the metadata of the found twin and unambiguously interpret it
• choose to subscribe to one or more feeds of the found twin and automatically process the received data
• chose to dispatch one or more commands to the control interface of the found twin

Securing (brokering) interactions means to allow twins, in a secure manner, to

• initiate an interaction by executing one of the 4 functions above
• be at the receiver side and complete the interaction if deemed suitable.
• independently terminate the interaction, once established, at any point.

In game analogy

Following up on our multiplayer game analogy, secure interactions translate in the features like: players banning other players from seeing them, players enabling other players to enter their game, etc. A player inviting another player to play or chat and the other player having to accept/deny.

It’s worth noting that the interactions are independently controlled at both ends and only established when both the requestor and the receiver determine that it should.

With the game analogy, the “brokering” between players is controlled by some central service trusted by all players

In IOTICS there aren’t central servers and the decision to initiate or terminate an interaction is exclusively implemented by the twin or the agent. In other words, a twin is in control of its own destiny.

Conclusion

IOTICS offers a novel approach to data sharing based on virtualisation, symmetry and secure interactions.

In this section we’ve analysed the “secure interactions” feature which builds on the other two: virtualization and symmetry.

Having the ability to secure interactions between twins is a core enabler of autonomy and ultimately of the creation of cross boundaries data ecosystems.