Managing identities and access is critical to the success of the Internet of Things (IoT), but in its current form identity and access management (IAM) cannot provide the scale or manage the complexity that the IoT brings to the enterprise, according to Gartner, Inc.
“IAM leaders must reconsider how traditional approaches to cybersecurity and IAM work in a world where devices and services are so abundant, in so many different forms and positioned at so many different points within the IT ecosystem,” said Earl Perkins, research vice president at Gartner.
The growth of the IoT means that IAM leaders of digital businesses require a way of defining and managing the identities of “entities” (people, services and things) within a single framework. The IoT is not only about the introduction of different forms of networked devices into digital business moments; it is a transformational approach to viewing and implementing processing, analytics, storage and communications.
“Traditional, people-focused IAM systems have been unable to accommodate the propagation of devices and things to give a broad and integrated view for IAM leaders,” said Ant Allan, research vice president at Gartner. “The Identity of Things requires a new taxonomy for the participants in IAM systems. People, software that makes up systems, applications and services, and devices will all be defined as entities and all entities will have the same requirements to interact.”
The Identity of Things (IDoT) is a new extension to identity management that encompasses all entity identities, whatever form those entities take. These identities are then used to define relationships among the entities — between a device and a human, a device and another device, a device and an application/service, or (as in traditional IAM) a human and an application/service.
Since devices have not traditionally been part of IAM systems in this way, the IDoT must draw upon other existing management systems to aid in developing the single-system view for the IoT. IT asset management (ITAM) and software asset management (SAM) systems have traditionally managed IT and software assets of all types. The IDoT will assume some functional characteristics of ITAM and SAM within or integrated with IAM architecture, or be linked to ITAM as attribute stores.
“Existing identity data and policy planning give IAM leaders and technology service providers (TSPs) a narrow view of entities leading to a static approach that does not consider the dynamic relationships between them,” said Mr. Perkins. “However, the concept of dynamic relationships is vital to the success of future IAM solutions. In fact, the concept of the relationship will become as important as the concept of identity is for IAM in the IDoT. It allows the IDoT to exist and become part of new responsibilities for IAM in the enterprise.”
While it is by no means certain that IAM will be the only provider of functions for IDoT relationships and interactions, the key role that the discipline and concepts of IAM has played in enterprises over the decades ensures its continued role for years to come. IAM product and services providers will ultimately determine whether IAM will play a contributing or foundational role for the IDoT, based upon the needs of the enterprise and the willingness of IAM solution providers to deliver for those needs.