A Unified Approachto CombatCounterfeiting:Use of the Digital Object Architectureand ITU-T Recommendation X.1255
Robert E. KahnPresident & CEOCNRI, USA
ITU WorkshopPreventing Counterfeit & Substandard ICT DevicesGeneva, SwitzerlandNovember 17 – 18, 2014
Overview of the Talk
Some Terminology & Basic ConceptsWhat are Devices and other thingsInternet Resources -- ExamplesManaging the Supply ChainObtaining relevant Information about DevicesThe Digital Object ArchitectureITU-T Recommendation X.1255DONA FoundationConclusions
Some Terminology & Basic Concepts
Devices and other Physical ThingsEntities: such as computers, networks, servicesand applicationsDigital Entities (same as Digital Objects)Unique Persistent IdentifiersState InformationResolution of IdentifiersInteroperability
What are Devices & Other Physical Things
ThingsDevicesNon-DevicesICT DevicesNon ICT DevicesDevices are able to do something that is determined in part by embedded software and other informationNon-Devices may also be useful but they may justsit there otherwise
Internet Resources -- Examples
ICT Devices -- although not all may be active in the Internet at any timeNetworksPeople (represented as digital entities)SoftwareDetectable Measurable Internet constructsSuch as network flows, virtual gatherings
Managing the Supply Chain
From fabricating components for sale to manufacturersTo Manufacturing the ICT deviceTo distributing or disseminating it to Stores and other outletsTo managing inventoryTo providing devices to end customersTo refurbishing devices for sale or repurposing
Obtaining Relevant Information about Devices (and other things)
Identifiers play a critical role here; many ways of conveying themTo understand a device’s provenance and other related information, first obtain the device’s unique persistent identifierResolve the ID to state informationShort description of the Device (usually generic)Components or other ingredients (again generic)Relevant details about software that makes the device operateWhere the particular device is in the supply chainIf a generic device is available in a few places, list themEach instance of a generic device is assumed to have a unique identifier.Perhaps other information (such as price)Enable additional device-related information to be accessible (with appropriate access controls, as appropriate)The resolution process should really make use of a standard means of resolving identifiers, but a few well known methods would be acceptableIdeally, obtaining the additional information should also make use of a standard means of accessing it as well.
Digital Object (DO) Architecture
Enables infrastructure to manage information in a network environmentProvides a machine independent data model for DOs; each DO must have an associated unique persistent identifier – called its handleHandles have a defined identifier structure, of the formprefix/suffixthat is consistent with existing identifier systemsSupports resolution of identifiers via theHandle System– a global resolution mechanismProvides a repository component to store DOs (accessible by their identifiers) and a searchable registry component to store metadata about DOs.
Digital Object Architecture (continued)
Current implementations of all three components exist and are available in the Internet at no cost with public licensesEach Repository contains a Registry of its DOs and each Registry uses a Repository to store its metadata records; these are now being combinedRepositories support an interface that uses only identifiers so it is interoperable with all such other Repositories in the Internet; and a Repository may itself be structured as a DOSecurity is provided by an integrated Public Key InfrastructureType Registries are a subset of registry technology being developed to enable user communities to develop their own semantics for use in structuring DOs
ICT Devices as Information Systems
ICT devices may interact with other Information systemsSmall changes in the interfaces to those other systems can dramatically affect its performance.Information provided from those other systems may be critical to the accurate performance of the device.The integrity of such a device thus depends on the integrity and performance of such other systems, as well as the information embedded in the device itself, and, indeed, many parts of the whole ecosystem that support it.And the ability of an ICT device as aninformation resourceto validate the software and information it gets from those systems.
ITU-T Recommendation X.1255
A framework forinteroperability-based on the Digital Object ArchitectureAdopted via the TAP process in Sept. 2013Developed in ITU-T, SG17 to address issues in discovery of Identity Management informationBut applicable more widely to interoperability of heterogeneous information systems
Created to provide administrative oversight of the Handle System, and to further the global development of pilot projects making use of the digital object architecture,an important component of which is the Global Handle Registry (GHR)Established in January, 2014 as a non-profit organization in Geneva, SwitzerlandA technical body whose Board of Directors must exhibit diverse geographical and multi-stakeholder representation.Enables multiple organizations to be responsible for collaborative administrative of the GHR, once authorized as Multi-Primary Administrators (MPAs) by DONALocal records in the GHR are created and administered locallyInitially, four MPAs have been designatedPlan to add four more per year for the next two years and then take stock.
Any approach for detecting counterfeit ICT devices will likely be applicable, at least in part, to other devices and things.Prevention requires attention of many parties at each step in the overall supply chainReliable access to information about the devices, as well as information embedded in such devices is critical: ability to dynamically resolve identifiers and interpret results is keyDetecting counterfeit devices requires learning about the nature and provenance of software that enables these devices to operateThe Digital Object Architecture and X.1255 are enablers to progressThe DONA Foundationoverall administrationof the Global Handle Registry enables widespread use of the technologyThus enabling a more dynamic and useable approach to detecting counterfeit devices and, hopefully, enabling those in a position to do so, to prevent them from getting into the marketplace