A Unified Approach to Combat Counterfeiting:
Use of the Digital Object Architecture
and ITU-T Recommendation X.1255
Robert E. Kahn
President & CEO
CNRI, USA
ITU Workshop
Preventing Counterfeit & Substandard ICT Devices
Geneva, Switzerland
November 17 – 18, 2014
Overview of the Talk
•
•
•
•
•
•
•
•
•
Some Terminology & Basic Concepts
What are Devices and other things
Internet Resources -- Examples
Managing the Supply Chain
Obtaining relevant Information about Devices
The Digital Object Architecture
ITU-T Recommendation X.1255
DONA Foundation
Conclusions
Some Terminology & Basic Concepts
• Devices and other Physical Things
• Entities: such as computers, networks,
services and applications
• Digital Entities (same as Digital Objects)
• Unique Persistent Identifiers
• State Information
• Resolution of Identifiers
• Interoperability
What are Devices & Other Physical Things
Things
Devices
Non-Devices
ICT Devices Non ICT Devices
Devices are able to do something that is determined in part by
embedded software and other information
Non-Devices may also be useful but they may just sit there otherwise
Internet Resources -- Examples
• ICT Devices -- although not all may be active in
the Internet at any time
• Networks
• People (represented as digital entities)
• Software
• Detectable Measurable Internet constructs
– Such as network flows, virtual gatherings
Managing the Supply Chain
• From fabricating components for sale to
manufacturers
• To Manufacturing the ICT device
• To distributing or disseminating it to Stores
and other outlets
• To managing inventory
• To providing devices to end customers
• To refurbishing devices for sale or repurposing
Obtaining Relevant Information about
Devices (and other things)
•
•
•
Identifiers play a critical role here; many ways of conveying them
To understand a device’s provenance and other related information, first obtain
the device’s unique persistent identifier
Resolve the ID to state information
–
–
–
–
Short description of the Device (usually generic)
Components or other ingredients (again generic)
Relevant details about software that makes the device operate
Where the particular device is in the supply chain
•
•
If a generic device is available in a few places, list them
Each instance of a generic device is assumed to have a unique identifier.
– Perhaps other information (such as price)
•
•
•
Enable additional device-related information to be accessible (with appropriate
access controls, as appropriate)
The resolution process should really make use of a standard means of resolving
identifiers, but a few well known methods would be acceptable
Ideally, obtaining the additional information should also make use of a standard
means of accessing it as well.
Digital Object (DO) Architecture
• Enables infrastructure to manage information in a
network environment
• Provides a machine independent data model for DOs;
each DO must have an associated unique persistent
identifier – called its handle
• Handles have a defined identifier structure, of the form
prefix/suffix that is consistent with existing identifier
systems
• Supports resolution of identifiers via the Handle System –
a global resolution mechanism
• Provides a repository component to store DOs (accessible
by their identifiers) and a searchable registry component
to store metadata about DOs.
Digital Object Architecture
(continued)
• Current implementations of all three components exist and
are available in the Internet at no cost with public licenses
• Each Repository contains a Registry of its DOs and each
Registry uses a Repository to store its metadata records;
these are now being combined
• Repositories support an interface that uses only identifiers
so it is interoperable with all such other Repositories in the
Internet; and a Repository may itself be structured as a DO
• Security is provided by an integrated Public Key
Infrastructure
• Type Registries are a subset of registry technology being
developed to enable user communities to develop their
own semantics for use in structuring DOs
ICT Devices as Information Systems
• ICT devices may interact with other Information systems
• Small changes in the interfaces to those other systems can
dramatically affect its performance.
• Information provided from those other systems may be
critical to the accurate performance of the device.
• The integrity of such a device thus depends on the integrity
and performance of such other systems, as well as the
information embedded in the device itself, and, indeed,
many parts of the whole ecosystem that support it.
• And the ability of an ICT device as an information resource
to validate the software and information it gets from those
systems.
ITU-T Recommendation X.1255
• A framework for interoperability - based on
the Digital Object Architecture
• Adopted via the TAP process in Sept. 2013
• Developed in ITU-T, SG17 to address issues in
discovery of Identity Management
information
• But applicable more widely to interoperability
of heterogeneous information systems
DONA Foundation
• Created to provide administrative oversight of the Handle System,
and to further the global development of pilot projects making use
of the digital object architecture, an important component of which
is the Global Handle Registry (GHR)
• Established in January, 2014 as a non-profit organization in Geneva,
Switzerland
• A technical body whose Board of Directors must exhibit diverse
geographical and multi-stakeholder representation.
• Enables multiple organizations to be responsible for collaborative
administrative of the GHR, once authorized as Multi-Primary
Administrators (MPAs) by DONA
• Local records in the GHR are created and administered locally
• Initially, four MPAs have been designated
• Plan to add four more per year for the next two years and then take
stock.
Conclusions
• Any approach for detecting counterfeit ICT devices will likely be
applicable, at least in part, to other devices and things.
• Prevention requires attention of many parties at each step in the
overall supply chain
• Reliable access to information about the devices, as well as
information embedded in such devices is critical: ability to
dynamically resolve identifiers and interpret results is key
• Detecting counterfeit devices requires learning about the nature
and provenance of software that enables these devices to operate
• The Digital Object Architecture and X.1255 are enablers to progress
• The DONA Foundation overall administration of the Global Handle
Registry enables widespread use of the technology
• Thus enabling a more dynamic and useable approach to detecting
counterfeit devices and, hopefully, enabling those in a position to
do so, to prevent them from getting into the marketplace