(This article was originally published in May 2014).
Many of us have at least heard mention of the "Internet of Things" or (IoT) of which there is apparently no agreed upon definition. According to an interesting article at ComputerWorld.com this week titled Explained: The ABCs of the Internet of Things:
...there is a test for determining whether something is part of the IoT: Does one vendor's product work with another's? Does a door lock by one vendor communicate with a light switch by another vendor, and do you want the thermostat to be part of the conversation?
I did read through the article and a few things were evident to me. One is that when it comes to the consumer applications for the IoT-that the "cool factor" is more important than anything. Sure it might be fun to have your garage door opener talking with your garbage disposal on some level. However, many of the consumer appliations will end up being more of a luxury than a necessity. Though there is no doubt that there will be countless and valuable contributions in many other areas such as military, IT and home security, business, industrial etc.
Second is that this whole process of the evolution of the IoT is going to be a long, slow slog. With many fits and starts. Many glitches. Many winners and losers on the provider side. How the whole process will sort out remains to be seen.
So what does this all have to do with domain names?
I have written extensively about alternative uses for Internet domain names. This topic is especially relevant with the ICANN (the governing body of domain names) introducing potentially over 1000 new domain name extensions to the global marketplace. Many of them such as .guru, .directory and .club and many more are already active.
Some of my prior articles regarding alternative uses for Internet domain names are here:
Alternative Uses for Internet Domain Names
The Chinese and URL Trademarks.
One Thousand Splinternets
Is the Age of Just One Internet Over?
Domain Names As Phone Numbers
So what does the Internet of Things (IOT) have to do with Internet domain names?
According this this article at Computerworld:
Part of this is due to the arrival of IPv6 addresses, the next generation Internet protocol. It replaces IPv4, which assigned 32-bit addresses, with a total limit of 4.3 billion; IPv6 is 128-bit, and allows for 340 trillion trillion trillion addresses or 340,000,000,000,000,000,000,000,000,000,000,000,000. This makes it possible to assign a unique identifier to anything that's part of the IoT
That 34 trillion trillion available IP addresses is a pretty large number.
The Internet Protocol address (IP address) is of course a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing. Its role has been characterized as follows: "A name indicates what we seek. An address indicates where it is. A route indicates how to get there."
So most of us already understand that Internet domain names generally correspond with IP addresses. From Wikipedia:
A domain name is a label that people use to find points on the Internet without having to remember a string of numbers. Computers only understand IP addresses, whereas people generally find it easier to rember words or terms. The domain name system translates these easily remembered names into their unique IP addresses for the computer to find.
IP addresses and domain names go together.
Will there be value in naming objects/devices (assigning domain names to) in the IoT? Just as we do with websites etc.? If those applications are developed then use of domain name usage could be massively expanded in the blink of an eye. This is something that I think should be watched very closely.
Here's another potential area for domain name use/expansion that I would keep an eye on:
According to that same ComputerWorld article regarding some of the potential pitfalls and dangers that could arise out of this new and developing Internet of Things. The main concern is of course security. Security in terms of personal information being potentially exposed to hackers. Security in terms of any given IoT application or network being compromised and exploited.
Could the DNS (domain name system) provide a level of security for IoT users? A firewall of sorts?
Potentially, and I think in a few different ways.
Domain names of course don't have to we a word, name or even make sense. For example these is a domain names:
What would be the security applications?
One potential application wold be multi-factor authentication.
From Wikipedia, the free encyclopedia:Multi-factor authentication (also MFA, two-factor authentication, TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of two or more of the three authentication factors: a knowledge factor ("something only the user knows"), a possession factor ("something only the user has"), and an inherence factor ("something only the user is"). After presentation, each factor must be validated by the other party for authentication to occur.
Knowledge factor-domain name
Possession factor- IP address
Inherence factor- Something the user is.
In case you missed my suggestion-the security applications could be revolutionary. First you have the device IP address (where the device lives on the Internet) and then you have the domain name IP address (where the domain name lives on the Internet). That's a double security layer. Add in a password and you have "triple level authentication." Which is of course much better than double. (the something you have and something you know) approach. It would be a new form of Multi-factor authentication.
There you have it. An added security layer. However, there is another layer as well that would be inherent in this process.
The DNS. (Domain Name System)
The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates easily memorized domain names to the numerical IP addresses needed for the purpose of locating computer services and devices worldwide. The Domain Name System is an essential component of the functionality of the Internet.
And of course the DNS is much more complicated than that. However, what I am proposing is the DNS being utilized as a firewall. Another barrier for hackers to get through. Could this happen? Could this work? A domain name as a computing firewall?
This is the definition of a Computing Firewall from Wikipedia:
In computing, a firewall is a software or hardware-based network security system that controls the incoming and outgoing network traffic based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted.
So here's a real-life proposed application that could account for around 3 billion new registered domain names right off the bat (According to one article the Internet is projected to reach 3 billion users by years end if not already. Most of those users on mobile devices.):
Let's say when you purchase a mobile device you are also assigned or choose a mobile id to match the device. What's the point of all of that? President Obama has proposed the use of "Internet IDs" for all users related to verification and authenticity of users.
Could a domain name serve as a mobile id for mobile users?
It's quite interesting that Google has been doing research regarding what they call a “device identifier” which are unique to every mobile phone.
From a Google Spokesman as told to a Clickz reporter in 2011:
“Over time, we’ll be able to enable things like frequency capping, spam filtration, improved conversion measurement and serving ads based on topics of interest, all of which will help us display the most useful in-app ads; minimize the number of irrelevant in-app ads shown; and improve in-app advertising for users, advertisers and developers.”
So why is Google proposing a "device identifier" of some sorts?
According this this article published on Marketing Pilgrim in 2011:
All of which are good things for both advertisers and consumers, though consumers are likely to balk at the idea when they realize what’s going on. To combat this automatic distrust, Google says they will offer an opt-out system, but its unlikely that mobile users will flock to the website to remove themselves.
So why use a domain name as opposed to another "device identifier" of some sorts?
For one thing domain names are much easier to remember than IP addresses. (Isn't that the reason domain names were created in the first place).
The secondary answer is probably in two parts:
Multi level authentication (security applications)
Security of the DNS (firewall)
Regarding concerns for security/confidentiality of information attached to domain name registrations. According to the new ICANN proposal for the Aggregated Registration Data Service (ARDS). ICANN reports that "gated access would only be available to requestors who applied for and were issued credentials to be used for ARDS query authentication." In other words, your personal data would be as safe as current technology allows.
There you have it. Just a few ideas about the "Internet of Domains" (IoD) that is just as real and definable as the "Internet of Things" (IoT) which doesn't have a definition either.