As I lie in bed some nights, I sometimes am awake with a gazillion ideas revolving around in my brain. One of the things that jumped out at me the other night was how online dating was similar to the Internet of Things (IoT). Bear with me a bit while I explain what I mean. Online dating has changed a lot since it first surfaced in the late 1990’s and has now become almost the de facto goto for those looking for a relationship. Well apart from bars, they are still doing very well as meeting up places. The problem a lot of people have is one of identity with online dating. How to know that person who’s picture you are looking at is the person for you? To fix this information asymmetry most dating sites require you to fill out in some level of detail identifying information about yourself that others can use to assess if they wish to begin a relationship with you.
In the early days of the Internet, we used simple mechanisms to identify people. Passwords worked fine for most people to represent who they are and most importantly if they were allowed access to data. As time has gone on, the limitations of passwords have become apparent. Especially with multiple different places on the Internet holding differing levels of information about us. Dating sites have this issue also, not only in that they need to regulate who can alter the data they have that describes an individual, but also how to verify that the information about that individual is correct, so that potential relationships can establish a level of trust. As more and more people use dating sites, it’s getting much harder to have that verification happen. If we think about how we as human beings establish trust in another individual, it’s built on a series of relationships that we have, both in that we ‘get to know’ someone through our observations over time but also in that we talk to others who know that individual in order to get some third party information about them. Of course I’m oversimplifying a bit here, but my point is that we use many different pieces of information to build a matrix of trust and we judge how much we trust that person based on how we assess and verify that information about them.
So now we have this mass of new devices coming along in the Internet of Things. As they will be so integrated into our everyday lives and performing many individual functions for us how do we verify them even on a very simple level of ‘that one belongs to me, the other one doesn’t’ and then trust it to perform it’s function. I think the only realistic way of doing this without having to remember a huge number of different passwords is for us to build a matrix of trust based on relationships but have this be performed by our devices in an automated way. Let me describe a simple example. How does your intelligent door lock know that you are the owner of this house and it should unlock the door to let you in? First it sees you drove up in a car that it is able to communicate with to verify that you are the owner of that car, based on the car having previously verified you. Next it communicates with your phone and compares your fingerprint you used to access the phone. Finally it uses a small camera to do facial recognition to images previously captured of you to provide a third data point. Each one of these exchanges of data is also verified by using cryptographic communication to also validate the relationship of each device to each other.
So we see that in a similar way to online dating, the IoT needs to establish relationships to be able to verify trust. As more and more data points are added, it becomes possible for our devices to establish higher levels of trust based on the quality of the information and the relationships involved. Identity then and the relationships formed by being able to trust someone’s identity becomes a key enabler of the IoT. We are starting to see this with devices such as smartphones beginning to use fingerprint readers but this is about more than the simple test of ‘is this the correct fingerprint’. What is being built here is a way for our machines to identify us individually using the same methods that we ourselves as humans use to establish trust. In a way I find it comforting that this is so, as it shows that one of the most human behaviors we have, that of relating to each other, applies equally in how we build our machines.