We know we need High Assurance Digital Identity.
But we don’t know what this is, exactly. However, to realize the full potential of Internet of Things (IoT) investment we must approach the Identity of Things (IDoT) differently than what we are accustomed to for the identity of persons.
We believe the true value of IoT is realized in a decentralized ecosystem. It is in the counterintuitive letting go of direct control to realize the combinatorial power of the ecosystem.
However, to have the confidence to do this, it needs to move from concept to practice, from model to discipline. HADI (High Assurance Digital Identity) must include elements like Governance frameworks, TIPPSS-style security and policy models, useful documentation, proven and validated implementations, and the ability to be compliant with the rapidly moving targets of industry practice and government regulation.
It is a journey our identity communities are all moving toward. And this part of the journey is just as true for all IoT ecosystems.
High Assurance Healthcare Identity of Things needs even more.
When we focus on the specific sector of healthcare, the barre goes higher. In these situations, it really can be life and death.
The past 18 months has taught us that flexibility and dynamic response will be essential to thrive moving into the future.
Concepts like telemedicine, remote healthcare and virtual clinical trials which had been dabbled in for years are now being recognized as critical to ensure access to health services. Despite pandemics and other challenges. Healthcare organizations see the benefits (and potential savings) of serving their patients where they live, and not requiring travel into clinical facilities unless absolutely required.
To make this happen for healthcare, we must extend and adapt HADI.
Starting with Governance Interoperability.
- Healthcare ecosystems are highly diverse, and are made up of rivalrous interests
- To manage these we must work with Identity Ecosystems, Supply Chain and Vendor Relations, Partnering and Alliances, Standards Groups, Lawmakers and Regulatory Bodies.
- Governance Interop is required to have all these stakeholders play together.
Healthcare needs rugged and resilient digital identity protocols. Protocols we engineer to survive interruptions of power, signal, and humans. Protocols that recover swiftly and gracefully from hostile environments.
Healthcare identity of things must be delivered with compact code. The TinyML community is a great example of squeezing the most value, machine learning in their case, into a small format.
But we also must design our protocols to run with concise messaging where connectivity is low and slow. One experiment showed a simple identity communication’s data weight could take all day under with some common wireless channels.
And special care must be given to devices running with old or limited resources, unable to process new identity layer tasks in addition to old ones.
And for humans to trust healthcare devices, HADI needs a Human-Computer Interaction revolution.
Health, wellness, fitness, and clinical devices have rich and complex digital identity. Enough to overwhelm a person.
And increasingly complex identity, what with all the parties to a device, and their relevant roles, and their many jurisdictions, and the other devices and systems that exchange data with the device or that control it. Also enough to overwhelm a person.
So we need user research to help craft user experiences for a world with pervasive identity. Experiences that let us have useful and meaningful conversations about the identity of each thing in our world.
P.S. We walked through this and a few other ideas at Identiverse 2021. IoMT At Risk. A Wider Team Critique of Digital Identity Threats to the Internet of Medical Things. Read all the posts from our Identiverse talk.