Friday, October 18, 2013

I don't even drink milk!

Along with the smart toaster, a fridge that can sense when the household is about to run out of milk and send a compensating order to the local supermarket is presented as home automation's killer app.

Couple of things
  1. Ahem, Webvan?
  2. Lactose intolerance is a serious health issue for many
Now a fridge that could monitor 'beer' metrics - that's a use case!

And it's more interesting from an identity perspective. 

Any fridge can order milk. Only fridges that exceeds the local age of majority can order beer or wine.

Or more precisely, only fridges acting on behalf of a human who exceeds the local age of majority can order beer or wine.

That demands an identity model in which
  1. The fridge can obtain an identity token for individual users - these to be attached to the 'Buy beer' API calls to the local depanneur
  2. The token contains (or references) the user's 'age' attributes 
  3. The token is issued from an identity provider that is accredited to issue age attributes
  4. The depanneur can validate the token as coming from a trusted authority, look at the age attribute, and so determine that the fridge's request can be authorized.
OpenID Connect is tailor made for the above set of requirements. 

No comments: