Build

Ensuring GDPR Compliance for PubNub-powered IoT Deployments

3 min read Michael Carroll on Mar 19, 2018

PubNub is the glue that holds IoT together, providing infrastructure and APIs for securely monitoring, provisioning, and streaming data between Internet-connected devices. For example, turn off and on lights, track the status of smart home appliances, or deliver readings from a deployment of sensors in the field in real time.

And from the beginning, we’ve always put security and compliance first. In this post, we’ll dive into how you can ensure that your PubNub-powered IoT apps and hardware are GDPR-compliant.

Initializing PubNub Securely

When initializing the PubNub object, developers have the option to enable TLS and also provide a cipher key. This is an example of what the initialization code will look like using our Javascript SDK.

var pubnub = new PubNub({
    subscribeKey: "mySubscribeKey",
    publishKey: "myPublishKey",
    cipherKey: "myCipherKey",
    authKey: "myAuthKey",
    uuid: "myUniqueUUID",
    ssl: true
});

The cipher key is used to encrypt and decrypt data that is sent to (and through) PubNub. The cipher key is usually sent to the IoT device securely during startup. PubNub does not have access to the cipher key. The auth key is needed when PubNub Access Manager is enabled. This is highly recommended so that devices have read, write or full access to channels they need.

Channels and Data Access

A common practice for IoT device communication is each device having its own incoming channel to receive messages or signals from other devices or a central server. Responses from the devices to a central server can occur over a similar outbound channel or a “global” incoming channel for all server-side processes.

It is good practice to not have any sensitive data as part of the channel name. Developers have the option of using PubNub Channel Groups in the event where they want to persist a list of channels each device subscribes to.

PubNub Access Manager

Access Manager extends PubNub’s existing security framework by allowing developers to create and enforce secure access to channels throughout the PubNub Data Stream Network. Access Manager enables the following functions:

  • Syndicating streams by authorizing users to read/write messages on one or more channels
  • Granting/revoking permissions for your real-time streams at the user/device, channel, or key level
  • Working with Auth tokens from any existing authentication system: OAuth (Facebook Connect, Twitter, Google, GitHub, etc.), LDAP, or homegrown solutions

Access Manager is critical for IoT/home automation device management, where secure real-time data is streaming bidirectionally between registered devices, allows users to get device status and control devices such as light bulbs, door locks, temperature sensors, and security cameras.

Data Storage for IoT Apps

PubNub Storage and Playback, also informally referred to as the History API, enables you to store messages as they are published, and retrieve the previously-published messages at a later time.

There are various types of messages/signals exchanges in an IoT implementation. Here are a couple examples:

  • Streaming metrics from IoT devices (temperature, pressure, location, etc.)
  • Remote firmware upgrades
  • Centralized control of IoT devices

The PubNub History API provides granular control over the types of messages that need to be persisted. For example, here is a publish operation using PubNub’s Javascript operation that does not persist the message in the PubNub network.

pubnub.publish(
    {
        message: { 
            temperature: 70
        },
        channel: 'device-43895349841230',
        storeInHistory: false, //override default storage options
    }, 
    function (status, response) {
        if (status.error) {            
            console.error(status)
        } else {
            console.log("message Published w/ timetoken", response.timetoken)
        }
    }
);

Auditing Messages

Functions and Gateways provide a highly flexible option to route messages to your own servers so that developers have the option to leverage their own infrastructure for audit purposes.

The ability to call into remote APIs is made possible via the XHR module. It’s a powerful, easy-to-use Functions API module that provides all HTTP methods (verbs), with full control over content encoding, headers, and response parsing.

Securely invoking remote APIs through Functions will require a shared secret or API key. The Functions Vault module provides access to the secrets stored in your secret store. Vault only allows retrieval of the unencrypted value of your secrets. It does not allow storing new secrets in the secret store or modifying the value of existing secrets. In order to store new secrets please go to the Functions editor page and look for MY SECRETS.

0