IoT, interoperability and identity

Interoperability - the ability of a system to work with or use the parts or equipment of another system.

It’s easy enough to get systems working together and achieve the above sense of interoperability when the different systems are all within the same domain, or between different implementations of a single software vendor’s stack.

There are many instances of this sort of interoperability in the current version of the Internet of Things. Wearables like Fitbit report step and activity data back to their own cloud.

Similarly, Home Automation systems like SmartThings report data on lights and temperature back to its cloud. New IoT devices are hitting the market every single day.

>See also: Is 2017 the year the Internet of Things will die?

Since most connect only to their own backend cloud services, they can use their own proprietary mechanisms for both the communication and the means of securing those messages.

But of course, the vision for the Internet of Things is grander than multiple siloed ‘Intranet of Things.’ To achieve the anticipated scale, and so the desired efficiencies and optimisations, (and to allow my thermostat to select a TV show about penguins on a hot day) we will need these current silos to be broken down, or at least connected together. And that demands standards.

It is commonplace to cite the need & lack of standards across the different layers of the IoT stack but there remains a different type of interoperability that, while seldom discussed, will likely be critical for IoT adoption amongst consumers: ‘identity interoperability.’

Identity interoperability refers to one IoT provider being able to accept, rely on and trust an identity created and managed by another, whether that be another IoT provider or a social network like Facebook.

>See also: How the Internet of Things is impacting enterprise networks

People have become used to this sort of convenience when using web applications. Employees can access SaaS applications like Concur using their enterprise identities, and consumers can use their Facebook identities to login to social applications.

The current default for identities in IoT requires users to create a new identity (username and password) for every IoT provider with whom they interact.

While users go through the effort of creating and managing their individual identities, silos of identity are created, inhibiting any sort of cross-provider integration for big picture analysis – such as comparing the accuracy of my step counters.

>See also: The impact of the Internet of Things (IoT)


The valuable corners of the IoT will necessarily cross the boundaries between the various device manufacturers and application providers. If not, it will be an ‘Intranet of Things’ — the same acronym but a very different value proposition.

But how do you cross such boundaries without a consistent way to refer to the devices, users and applications in question? How do you cross such borders without something equivalent to a passport for things (though hopefully without the horrible pictures? As important for IoT interoperability as standards at the radio and application layer, will be standards at the identity layer.


Sourced by Paul Madsen, senior technical architect, Ping Identity

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics