[DG-IDoT] Defining when a thing has an identity

BAILLEUX Benoit OLNC/OLPS benoit.bailleux at orange.com
Tue Sep 24 10:43:40 CDT 2013


Hello all,

During last teleconference, I have asked a question that has not been
answered during the call. Ingo suggested to ask to the whole list.

Short:

Where to put the limit, for a thing or object, between a simple list of
attributes and a whole/real "identity" for that object? Does the object
need a minimal computing power to have an identity? Or the simple fact
to be able to answer a request (even if it is "passive") is enough for
that? Are there other criteria (like, for an object, just having a
unique ID)?

Another question: in a lot of cases, instead of a proper identity,
doesn't an object in fact just carrying or using its owner's identity?

A bit longer:

Nowadays, a lot of devices, objects and things are able to communicate,
either actively or passively (upon request, as with RFID). Most of those
objects have an identifier and often a set of attributes. Some of them
are able to react to their environment. But in some cases, it seems to
me that certain object don't have a "digital identity" on their own. I
think that they just carry a set of complementary attributes for another
entity, or just have a set of attributes, but not a "real" identity, or
act on behalf of another entity.

Examples:
 - A light-bulb has an address (IPv6?) and some attributes (e.g.
firstUsed:<a date> and onFor:<a duration>). Is it a real identity?
 - A micro-chip has just an ID number. Isn't that number just an
attribute of the identity of the pet wearing it under its skin?
 - Consider a car. It sometimes act on behalf of its owner or driver
(when paying a toll), and sometimes for itself (when connected to the
computer of the garage).
 - What is the difference between an economic good with a paper label
with a serial number, or with a label with a barcode or with a passive
contactless chip (RFID)? Does only the latter have a (digital) identity?

Should we build a typology of identities (or "nearly identities")? If we
can define the wider spectrum of possible identities definitions, then
we can choose which part of that spectrum we want to address in the WG.

Finally, objects acting on behalf of their owners or with the identities
of their owners (e.g. a smartphone sending a notification) seem to be
something quite common. The owner's identity is then pervasive and
exists (sometimes partially and momentarily) in several objects at the
same time. The identity has different forms in the various objects,
depending on their needs and their capabilities, but it's really the
same everywhere. I think that situation dramatically needs an
"overarching Identity Framework" to "recognize and manage identities
across different solutions".
Do you agree?

I'm sorry for posting this so late. Please ask me if my poor English is
not understandable.

Regards,

-- 
Benoît Bailleux
Orange Labs, P&S / Architecture — Security — Enablers
Open Source referent
Phone: +33 2 96 05 20 37



More information about the DG-IDoT mailing list