“On the Internet, nobody knows you’re a dog” is an adage and Internet meme about Internet anonymity which began as a caption to a cartoon drawn by Peter Steiner, published by The New Yorker on July 5, 1993.
As of 2013, this was the most reproduced cartoon from the New Yorker, presumably because the idea of anonymity on the Internet resonates with many people that have taken advantage of, or more likely suffered from, this feature of today’s Internet. Cyberattacks often rely on the lack of robust authentication and authorization when accessing cloud-based services over the Internet. Fortunately, the recent standardization of digital identity technology by the World Wide Web Consortium will enable far better protection than is available today both for people and for things (i.e. IoT).
Proving identity, especially the identities of things, is going to increasingly rely on proving the location of the thing in question at a given moment in time. The location, place, or position of a thing is often an inherent part of its physical identity and therefore should be a provable aspect of its digital identity.
With tens of billions of things connecting through the Internet to cloud-based services already today, it is quite possible that we will need to be able to verify the locations of things hundreds of billions of times a day in the coming years.
The word ‘location’ is defined by National Geographic as “a place where a particular point or object exists.” The Macmillan Dictionary defines it as “the place or position where someone or something is or where something happens.” Interestingly, Google’s ngram viewer shows the usage of the word ‘location’ in printed form growing fairly steadily between 1800 and 2000 and then declining relatively rapidly in the last 20 years.
In the digital world, we need a more precise definition of a location of a thing. Being able to prove that the thing is located within a certain two or three-dimensional boundary (‘geofence’) should be sufficient. Providing the GPS coordinates of the thing, however, although relatively straightforward today, has two major drawbacks. The first is that it is relatively easy to provide false GPS coordinates. Proof of location based only on GPS coordinates will not be sufficient for many use cases. Secondly, many jurisdictions are making location data subject to privacy regulations. In other words, storing the precise location at a specific time of a person or even a thing will be illegal in many cases.
Both these challenges can be addressed as follows:
Correlating two or more completely independent sources of location data makes fabrication of location claims extremely difficult. For example, if a thing claims that it is within a geofence based on GPS coordinates and also based on a log from a nearby cell station that is completely outside its control, then that location claim is far more trustable.
To solve the problem of storing private location data where it should not be stored, new digital techniques called Zero Knowledge Proofs, which are based on mathematics developed in the 1980s, can be employed. Rather than transmitting and storing the actual location of the thing to the verifier, these new techniques can be used to transmit and store a proof that indicates whether the thing is approximately where it is expected to be.
The question is: Who can aggregate two or more independent sources of location data for people and things in real time, while using Zero Knowledge Proofs to hide the actual location, and still prove to the satisfaction of a verifier that the thing is either inside or outside a pre-determined geofence?
The telecom industry is well placed to provide this capability — what we are calling ‘trusted location’ — as a service for a number of reasons. The first is that telecoms have extensive infrastructure, technology, and other relevant expertise that can be used to provide this service. Secondly, telecoms are already organized internally to conform to local, national, and international regulations, making them a trusted partner for offering trusted location services.
We can illustrate the deployment and value of trusted location services with the example of lenders and car dealerships. In the US alone, tens of millions of new and used vehicles are sold each year through car dealerships. Car dealerships take loans, often from the manufacturers of the new vehicles, to finance the purchase of each vehicle until it is sold to a customer. The vehicle acts as security for the ‘bridging’ loan between the lender and the dealership. Because this loan security is literally mobile, it is important for the lender to periodically (typically once a month) have a trusted third party inspect the dealership and verify that the vehicle is still in possession of the dealership.
Thousands of people in the US are involved in one way or another in verifying the location of hundreds of thousands of vehicles in any given month. There are many disadvantages to this approach, including the cost of sending people to each dealership, the cost of the time of the dealership staff to accompany the auditors, and all the manual coordination of information required between the lender, the auditor, and the dealership.
A trusted location service can automate large parts of this process. By using the built-in GPS and SIM of the vehicle (or a third-party device located within the vehicle), a trusted location service provider can receive the following data from two completely independent sources:
- Vehicle (built-in/telematics or co-located device)
- Cellular network operator
The trusted location service provider can then feed these two independently-sourced data inputs together with the geofence data that defines the circumscribed area in which the vehicle is supposed to be located into a software-based system under what is called ‘zero knowledge.’ The output of this system is a highly trusted, non-repudiable proof showing that the vehicle is, or is not, within the geofence defined by the lender.
By making a generic abstraction of this example, we can see that there are a very large number of other such use cases. We can think of the dealership as the stakeholder that is required to prove that the vehicle is still on the dealership floor.
Thing = vehicle
Required location = dealership floor
Trusted location = Is the Thing in the required location (either true or false)?
Requester = the lender of the loan for the vehicle
Provider = Trusted Location Service Provider
The Requester is therefore receiving a service from the Provider on-demand to say whether the trusted location is true or false for a specified required location.
Let’s take another example. In a smart city environment, the municipality wants to verify whether each of the school buses in its area is in the location it should be at any given time. The municipality isn’t interested in what the actual location of each school bus is, and perhaps the bus operator doesn’t want to share the exact location of each of its school buses for security and privacy reasons. If the municipality divides up its city map into polygons (see below), it can create a dashboard to show if, at any given time, there are any school buses not in the area in which they are timetabled to be.
In this example:
Thing = school bus
Required location = polygon number X
Trusted location = Is the school bus in the required location (either true or false)?
Requester = municipality
Provider = Trusted Location Service Provider
The possible number of use cases based on this approach is very large — especially when we apply it to the billions of IoT devices connected to the cloud that need to prove as part of their authentication process hundreds of times a day that they are where they claim to be. Shipping containers, trucks, wind turbines, electric vehicle batteries, charging stations, data centers — the list is almost endless.
There are already telecom service providers providing global IoT services which guarantee that any connected IoT device can access a local wireless network anywhere in the world. The customer of the Global IoT service provider is typically the owner of the device. Instead of having to deal with hundreds of local wireless operators, the owner can buy a service from the Global IoT service provider to guarantee a global footprint for that device with just one supplier to pay each month.
These Global IoT service providers are well positioned to extend their capabilities and offer not only guaranteed connectivity for devices anywhere in the world but also to provide the trusted location for those devices.
To enable this new market, MEF Forum, MOBI, and the Integrated Trust Network (ITN) are collaborating to define exactly what is a ‘trusted location service’ and to qualify ‘trusted location service providers.’ Stakeholders in every industry are invited to contribute their use cases for such services.