For the Internet of Things (IoT) to grow to its full potential, security systems for enterprise Wi-Fi networks need to copy their more efficient wireless brethren, cellular networks and develop security standards tailored for the burgeoning IoT revolution.
According to an article in NetworkWorld, multiple obstacles exist when attempting to securely connect a complex array of IoT elements and sensors into a Wi-Fi network. Currently, configuring each IoT sensor with a service set identifier (SSID), identity and credentials is very time-consuming and makes the system vulnerable to user-entered errors.
Proprietary solutions from some IoT vendors are beginning to come to market but industry experts are pushing for standards that are vendor-independent.
Enter two new solutions to this problem, promoted by the Wi-Fi Alliance: the Device Provisioning Protocol (DPP) and Passpoint certification.
The DPP enables new devices to be added to a network via the smartphone of an already-authenticated user, much like an employee can give a visitor guest access on a system. The prime advantage of DPP is that it maintains security when adding a new device over Wi-Fi, so that its unique credentials are encrypted and kept hidden from the sponsor.
This protocol offers the benefit of a standardized, vendor-independent system for configuring IoT sensors, providing the sponsor is near proximity.
In other circumstances when users might desire an out-of-the-box approach instead, the Wi-Fi Alliance offers an alternative in the Passpoint certification.
Passpoint certification allows federated authentication and network discovery by publishing a list of service providers it represents via an access point rather than an SSID. This service provider list enables pre-authentication, and creates a system that is nearly zero-touch. If properly configured, an enterprise could use Passpoint to avoid reconfiguring sensors while retaining network access control.
Wi-Fi industry protocols still challenging
Yet the challenges of using Wi-Fi to connect IoT sensors remain, as Passpoint is not extensively deployed and DPP is not yet officially certified.
Meanwhile, cellular networks are much more efficient at wirelessly integrating IoT, with SIM cards containing all the configuration information needed such as passwords, device identity and network selection. The Wi-Fi industry needs to emulate the functional efficiency of cellular networks and unite around standards and certifications to catch up, or IoT’s growth will be hampered.