The issue: identity. This is quickly explained with an Internet search and a bit of copy and paste. Finished! And again: digital. Finished!
What I find a lot more interesting is to ask what can I do with an identity! If you have an identity, you can authenticate yourself for a communication partner: the receiving partner trusts this authentication and is also willing to give information if a fundamental premise is fulfilled: namely that he/she, i.e. the giver, authorises this as well.
What I find to be the most interesting thing is that this triad of “identity, authentication und authorisation” is to be heard everywhere. However, it suddenly becomes silent as soon as a cross-domain solution is wanted.
Does a sensor in “Company A’s” domain eagerly provide information to the monitoring software in “Company B’s” domain? Is the monitoring software allowed to do that, and if so, on what conditions? How did the software find the sensor anyway? Simple questions that arise with every diagram and chart the willing reader attempts to fully understand.
In the “Annual 2013/2014, digital infrastructures, working group 2 of the national IT summit (AG2)” on page 295, I discovered that: “… for efficient operations a suitable device identity management component is required, …” and that there is obviously need for action.
At this year’s (2017) IoT World in Barcelona I gazed in awe at numerous interesting and propitious solutions! In the discussions however I always got the same answer: i.e. that the question of cross-domain “digital identity” has still not got anywhere near to getting a reliable answer.
And visiting the working group 3 “Security of networked systems“ at Platform Industry 4.0 (Berlin, October 2017) demonstrated that the “digital identity” in a sub-working group i4.0/IDS will definitely initiate some discussions.
If you replace the “device” quote in the annual with “connector”, then we are getting as close as possible to Industrial Data Space and “digital identity” becomes tangible (and the triad becomes audible again): which IDS Consumer Connector is allowed to elicit data from this IDS Provider Connector? And if the Provider Connector imparts data – which data and on which basis does it formulate the usage control which obliges the Consumer Connector to proceed with the data in an authorised way?
In time there will be a first attempt which will be suitable for keeping the “digital identities” of the connectors participating in a multi-domain topology available in an “identity provider” IDS Connector.
Subsequently, nicos will be able to showcase the first draft of an IDS Broker that will give us an understanding of the triad with a service: the authorisation service.
Information:
nicos AG has been a member of the Industrial Data Space Association since the beginning of 2017. Jörg Langkau is dedicated to the further development of Industrial Data Space. On Twitter you can follow the managing director of nicos Research & Development GmbH at @LostinDataSpace.