A Bit History of Internet/Chapter 8 : Internet-of-Things

Author/Editor: Yong Tze Lin, Tan Yong Xiang, Teoh Chong Sheng, Wong Meng Huei, Woo Yi Wen, Woo Yit Wei

Introduction of Internet of Things


The Internet of Things (IoT) is a technological revolution that represents the future of computing and communications. Its development depends on the dynamic technical innovation in a number of important fields, from wireless sensors to nanotechnology.[1]

The concept of the IoT comes from Massachusetts Institute of Technology(MIT)’s Auto-ID Center in 1999.[2] The MIT Auto-ID Laboratory is dedicated to create the IoT using Radio Frequency Identification (RFID) and Wireless Sensor Networks. IoT is a foundation for connecting things, sensors, actuators, and other smart technologies, thus enabling person-to-object and object-to-object communications.[3] A new dimension has been added to the world of Information and Communication Technologies (ICTs): anyone can access the information ubiquitously and pervasively from anywhere, any device anytime. Connections will multiply and create an entirely new dynamic network of networks, which forms the IoT.[1]

RFID techniques and related identification technologies will be the cornerstone of the upcoming IoT. While RFID was initially developed with retail and logistics applications in mind in order to replace the bar code, developments of active components will make this technology much more than a simple identification scheme. It is expected in the near future that a single numbering scheme, such as IPv6, will make every single object identifiable and addressable.[4] The technologies of the IoT provide many benefits to the world. For example, sensor technologies are being used to test the quality and purity of different products, such as coffee in Brazil and beef in Namibia.

However, the security and privacy issues need to be considered. Concerns over privacy and data protection are widespread, particularly as sensors and smart tags can track users’ movements, habits and ongoing preferences. To promote a more widespread adoption of the technologies underlying the IoT, principles of informed consent, data confidentiality and security must be safeguarded.[1]

Architecture of Internet of Things


The IoT needs an open architecture to maximise interoperability among heterogeneous systems and distributed resources including providers and consumers of information and services, whether they be human beings, software, smart objects or devices. Architecture standards should consist of well-defined abstract data models, interfaces and protocols, together with concrete bindings to neutral technologies (such as XML, web services etc.) in order to support the widest possible variety of operating systems and programming languages.[5]

The architecture should have well-defined and granular layers, in order to foster a competitive marketplace of solutions, without locking any users into using a monolithic stack from a single solution provider. Like the Internet, the IoT architecture should be designed to be resilient to disruption of the physical network and should also anticipate that many of the nodes will be mobile, and they may have intermittent connectivity also they may use various communication protocols at different times to connect to the IoT .[6]

IoT nodes may need to form peer networks with other nodes dynamically and autonomously locally or remotely, this should be done through a decentralized, distributed approach to the architecture, with support for semantic search, discovery and peer networking. Anticipating the vast volumes of data which may be generated, it is important that the architecture also includes mechanisms for moving intelligence and capabilities for filtering, pattern recognition, machine learning and decision-making towards the very edges of the network to enable distributed and decentralized processing of the information, either close to where data is generated or remotely located in the cloud. The architectural design will also need to enable the processing, routing, storage and retrieval of events as well as allows for disconnected operations (e.g., where network connectivity might only be intermittent). Effective caching, pre-positioning and synchronization of requests, updates and data flows need to be an integral feature of the architecture. By developing and defining the architecture in terms of open standards, we can expect increased participation from solution providers of all sizes and a competitive marketplace that benefits end users. In summary, the following issues have to be addressed:

• Distributed open architecture with end to end characteristics, interoperability of heterogeneous systems, neutral access, clear layering and resilience to physical network disruption.

• Decentralized autonomic architectures based on peering of nodes.

• Architectures moving intelligence at the very edge of the networks, up to users’ terminals and things.

• Cloud computing technology, event-driven architectures, disconnected operations and synchronization.

• Use of market mechanisms for increased competition and participation. [5]



Today’s dominant Internet Protocol (IP), Internet Protocol version 4 (IPv4), which has only about 4.3 billion addresses, is not enough to satisfy the rising IP addresses demand due to exponential growth in the number of internet user.[7] This worsening address drought leads to the introduction of Internet Protocol version 6 (IPv6),[8] which was developed to solve the shortage of internet address. It is often referred to as “next-generation internet” because of its almost limitless IP addresses (3.4x10^38 addresses).[9] It serves the function of IPv4, but without the same limitations of IPv4. Besides numerous address spaces, the differences between IPv6 and IPv4 are in five major areas: Addressing and Routing, Security, Network Address Translation (NAT), Administrative Workload, and Mobility. IPv6 also offers remarkable capability in the area of multicasting technologies.[10]

Addressing and Routing


IPv6’s extremely large address space gives Internet Service Providers (ISPs) to have sufficient IP addresses to assign to every end system so that every IP device has a truly unique address. Another goal of this address space expansion is to improve the connectivity, reliability, and flexibility. The additional address space is also helpful in the core of Internet by reducing the size and complexity of the global routing tables.[10]



One of the goals of IPv6 is Virtual Private Networks (VPNs). The new Internet Protocol Security (IPSec) security protocols, Encapsulating Security Protocol (ESP) and Authentication Header (AH) are capabilities posses by IPv6 that IPv4 does not offer.[10] Indeed, IPv6 mandates that security be provided through information encryption and source authentication.

Address Auto-Configuration


IPv6 Auto-Configuration feature reduces the total time that use to configuring and managing the systems. This ‘stateless’ auto-configuration means that it is no more need to configure IP addresses for end systems, even via Dynamic Host Configuration Protocol (DHCP).[10] This allows new equipment to communicate with the network once it is detected, which means devices are ready to use on demand, on the other word, plug-and-play.

Administrative Workload


IPv6 improves communication and eliminates the need for NAT, through its automated configuration capabilities.

Mobility (Support for Mobile Devices)


IPv6 hosts are not restricted by location. As its name suggests, Mobile IP allows a device to roam from one network to another without losing their established IP addresses.[8]

Multicast Technologies


IPv6 allows multiple addresses for hosts and networks, which means transmission of a single datagram to multiple receivers. This optimizes media streaming applications and allowing more data transmission to millions of locations. Except unicast communication, IPv6 defines a new kind of service, called “anycast”.[10] Anycast communication allows the same address to be placed on more than one device so that when traffic is sent to one device addressed in this way, it is routed to the nearest host that shares the same address.[8]



The IoT is a network of objects connected by things like sensors, RFID tags, and IP addresses. In this respect, sensors have a special role in the IoT paradigm. According to the International Telecommunication Unit (ITU Report 2005), Internet of Things can be defined as a vision “... to connect everyday objects and devices to large databases and networks ... (using) a simple, unobtrusive and cost-effective system of item identification...”.

In the IoT, sensors are the edge of the electronics ecosystem.[11] Sensors allow the physical world to interact with computers, playing an important role in bridging the gap between the physical world and the virtual one. This allows a richer array of data, other than data available from keyboard and mouse inputs. Currently, the internet is full of information that has been input by someone at the keyboard. But the concept of Internet of Things will change that, because we are at an inflexion point where more Internet data originates from sensors rather than keyboard inputs.

A sensor is a device that can measure a physical quality and converts that physical quantity into a signal that can be read by an instrument or an observer. In the idea of the Internet of Things, the ability to detect changes in the physical status of things is also essential for recording changes in the environment.[12] Sensors collect data from the environment, such as vibrations, temperature, and pressure, among others, and convert them into data that can be processed and analyzed. This allows the Internet of Things to record any changes in the environment or an object.

For example, by having sensors installed on a bridge, the data collected can be used to estimate the number of cars that travel on the bridge, the traffic on the bridge at different times of the day, and the speed of the cars travelling on the bridge. This data can then be used for navigation systems, to allow programs or software to determine the fastest route, depending on the time of day.

Also, the sensors installed on to a bridge can be used to determine the safety of the structure of the bridge. For example, the sensors can be made to detect the vibrations along each part of the bridge, to detect any impending failure or fault. By collecting such information, any problems such as damage to a structure can be detected early on and dealt with, before any problems arise.

Embedded intelligence in things themselves can further enhance the power of the network. This is possible because the information processing capabilities are devolved, or delegated, to the edges of the network. Embedded intelligence will distribute processing power to the edges of the network, and offers greater possibilities for data processing and increasing the resilience of the network. With embedded intelligence, the things or devices connected at the edge of the network can make independent decisions based on the input received at the sensors.

“Smart things” are difficult to define. However, the term implies a certain processing power and reaction to external stimuli. Advances in smart homes, smart vehicles and personal robotics are some of the leading areas. Research on wearable computing is swiftly progressing. Scientists are using their imagination to develop new devices and appliances, such as intelligent ovens that can be controlled through phones or the internet, online refrigerators and networked blinds. The Internet of Things will draw on the functionality offered by all of these technologies to realize the vision of a fully interactive and responsive network environment.



Radio Frequency Identification (RFID) is a system that transmits the data of an object or a person using radio waves for identifying or tracking the object or person. It is done by first attaching a tag, known as the RFID tag, to the object or person. This tag will then be read by the reader to determine its identification information.[13]

It works much like a barcode, where a scanner scans the barcode and the information will be obtained from the barcode. However, barcode requires a line of sight in order to be scanned whereas RFID tags do not need a line of sight to be read. This means that RFID tags can be read even if the tag is kept in a box or a container, or kept in a pocket. This is because it uses radio waves. This is a huge advantage of RFID. Another advantage of it is that there is a type of RFID tag known as a passive RFID tag which does not require batteries to function. Its power supply comes from the radio energy transmitted by the reader. Other than that, hundreds of RFID tags can be read at a time, unlike the barcode where only 1 can be scanned at a time.[13]

It is often seen that RFID is a prerequisite of Internet of Things. This is because the Internet of Things is a network of objects connected together and if all everyday objects in the world are to be connected, we would definitely need a simple and cost effective system to do it. RFID is the solution to this problem.[1] RFID tags are very simple and small enough such that it can be attached to everyday devices without being noticed. In terms of cost effectiveness, passive tags are said to cost starting from only US$0.05 each. This means that it is very cheap and is possible to be attached to huge amounts of everyday objects. Other than that, as said in the previous paragraph, there is a type of RFID tag known as a passive tag which does not require any batteries to function and gets its power supply from the radio energy transmitted by the reader. This will save the cost of batteries and we do not have to worry about batteries being worn out and replacing them. This will save us from much hassle of checking and replacing batteries. Other than saving trouble and cost, this also gives the tags infinite lifetime because they are completely dependent on the reader for power. As long as there is a reader, the tag will work. Another point stated in the previous paragraph is that hundreds of RFID tags can be read at a time. The RFID system was designed to be able to distinguish the different tags which are within range of the RFID reader. This means that there will be no mistake in the information which the tag provides and will not be jumbled up with information from other tags. RFID tags can be integrated with sensors to send not only identification data but also valuable information.[14] A sensor will monitor the change of a physical status and convert it into a signal which will be stored by the RFID tag. When a reader reads a tag, the sensors information will be sent to the reader along with the identity of the object. This way, we can monitor changes in an object such as temperature, pressure or vibration. This allows us to avoid any disaster or safety hazard from happening. For example, if we were to tag the tyres of a vehicle with a pressure sensor and we assume that a workshop has a RFID tag reader, every time the vehicle enters the workshop, the reader will automatically read the tag and obtain the information of the pressure of the tyres. It will be able to identify a specific tyre which has too much or too little pressure and so we can either increase or decrease the pressure to prevent any mishap from happening.[1]

Security and Privacy


The trend of having ever more objects included in the IT data flows and ever more connected devices, moving toward mobile and decentralized computing is evident. The Internet of things has become a new Era in this day and age. There is a need to have a solution to guarantee privacy and the security of the customers in order to have a widespread adoption of any object identification system.

The security has been done as an add-on feature in most cases, and the feeling that the public acceptance for the internet of things will happen only when the strong security solutions are in place. This could be hybrid security mechanisms that for example combine hardware security with key diversification to deliver superior security that makes attacks significantly more difficult or even impossible. The selection of security features and mechanisms will continue to be determined by the impact on business processes.

The security and privacy issues should be addressed by the forthcoming standards which must define different security features to provide confidentiality, integrity, or availability services.

These are some security and privacy requirements with descriptions:

• Resilience to attacks: The system has to avoid single points of failure and should adjust itself to node failures.

• Data authentication: As a principle, retrieved address and object information must be authenticated.[15]

• Access control: Information providers must be able to implement access control on the data provided.[16]

• Client privacy: Measures need to be taken that only the information provider is able to infer from observing the use of the lookup system related to a specific customer.

The fulfillment of customer privacy requirements is quite difficult. A number of technologies have been developed in order to achieve information privacy goals. These Privacy Enhancing Technologies (PET) can be described in short as follow:[17]

• Virtual Private Networks (VPN) is extranets established by close groups of business partners. As only partners have access, they promise to be confidential and have integrity. However, this solution does not allow for a dynamic global information exchange and is impractical with regard to third parties beyond the borders of the extranet.

• Transport Layer Security (TLS), based on an appropriate global trust structure, could also improve confidentiality and integrity of the IoT. However, as each Object Naming Service (ONS) delegation step requires a new TLS connection, the search of information would be negatively affected by many additional layers.



In conclusion, Internet of Things is the concept in which the virtual world of information technology connected to the real world of things. The technologies of Internet of things such as RFID and Sensor make our life become better and more comfortable.


  1. a b c d e International Telecommunications Union (2005). ITU Internet Reports 2005: The Internet of Things. Retrieved from www.itu.int/internetofthings/
  2. Patrick J. Sweeney, Patrick J. Sweeney (II.) (2005). RFID for dummies. Wiley Publishing, Inc.
  3. Uckelmann.D, Harrison.M, Michahells.F (2011). Architecting the Internet of Things. Springer Heidelberg Dordrecht London New York
  4. Internet of Things in 2020: Roadmap for the future. (May, 2008) Retrieved from: http://ec.europa.eu/information_society/policy/rfid/documents/iotprague2009.pdf
  5. a b Vision and Challenges for Realising the Internet of Things, European Union 2010,ISBN 9789279150883. Invalid <ref> tag; name "visions" defined multiple times with different content
  6. National Intelligence Council, Disruptive Civil Technologies — Six Technologies with Potential Impacts on US Interests Out to 2025—Conference Report CR 2008–07, April 2008, Online: www.dni.gov/nic/NIC_home.html.
  7. What is IPv6? (2011, June 01). In Apple Inc. Retrieved November 10, 2011, from http://support.apple.com/kb/HT4669
  8. a b c Todd Lammle (2007). CCNA: Cisco Certified Network Associate Study Guide, Sixth Edition.
  9. What is IPv6? (2000-2011). In What Is My IP Address.com. Retrieved November 15, 2011, from http://whatismyipaddress.com/ip-v6
  10. a b c d e What is IPv6? (2000). In Opus One. Retrieved November 4, 2011, from http://www.opus1.com/ipv6/whatisipv6.html
  11. Sensors empower the "Internet of Things" (May, 2010) Retrieved from: http://www.edn.com/article/509123-Sensors_empower_the_Internet_of_Things_.php
  12. International Telecommunications Union (2005). ITU Internet Reports 2005: The Internet of Things Executive Summary. Retrieved from http://www.itu.int/osg/spu/publications/internetofthings/InternetofThings_summary.pdf
  13. a b Wikipedia Retrieved from: http://en.wikipedia.org/wiki/Radio-frequency_identification
  14. The Internet of Things: 20th Tyrrhenian Workshop on Digital Communications
  15. For RFID authentication see Juels, supra note 14, at 384 s; Rolf H. Weber/Annette Willi, IT-Sicherheit und Recht, Zurich 2006, at 284.
  16. See also Eberhard Grummt/Markus Mu¨ ller, Fine-Grained Access Control for EPC Information Services, in: Floerkemeier/ Langheinrich/Fleisch/Mattern/Sarma, supra note 4, at 35–49.
  17. Fabian, supra note 6, 61 s; Benjamin Fabian/Oliver Gu¨ nther,Security Challenges of the EPCglobal Network, Communications of the ACM, Vol. 52, July 2009, 121–125, at 124 s.