Clean sidewalks, safe roads, green parks, pure air. That is the dream of a city in which their inhabitants enjoy walking, jogging, commuting, sightseeing, meeting people at the boulevard. But, what happens when the cities grow at a such unstoppable speed that the dream turns into a nightmare? Why smart cities services need federated access?
Not surprisingly, the tech industry already rolled up their sleeves and today is offering a range of impressive apps, services and devices that seem to solve every possible problem. This is the promise of the smart cities. For instance, a cloud-based service can help control the lights of a large park and deliver both safety and energy savings. Citizens have heard of wonders like this and are starting to use smart cities’ services. Installing a few elegantly designed apps on their phones is easy. Signing up for these services sometimes is a hassle: creating a user, choosing a new password, or selecting an identity to use. And the reality is gloomier if you are the one building smart cities’ services: as an organization or company you must coexist with third party platforms, services or data in order to offer a valuable service. Let us explore now a few of these cases for real.
Electricity
Today some cities—especially in high-income countries—have the bad reputation of consuming excessive electricity and water per capita. To mitigate this, electricity distribution companies have embraced digitalisation efforts to provide online services that empower customers to drive a change. By means of a mobile app (or the traditional browser), you can monitor and control how much energy your house is consuming. But, what if you want that other residents of your household also access these systems? Easy, with a few taps you delegate rights of using these services to anybody you wish. Now this person is helping you in saving energy, money and making your city smarter and more sustainable. What none of you knows is that in the background the electricity company deployed an identity and access management platform.
Waste management
A large municipality that aims to improve waste collection has signed agreements to exchange data with two companies. The city administration teams up with two waste management companies who operate in different areas. Waste containers have embedded sensors that send relevant data to determine optimal collection time and frequency. A system integrates this data and allows operators to monitor the neighborhoods based on real-time location of collection points and trucks. The three organisations inevitably share some data among each other, but only what is strictly necessary. When their employees use an interface that shows the pickup points, behind the scenes there is a service that makes this happen. It is a federated access system, a software-based service that enables multiple independent organisations to access each others’ data based on a trust relationship. Additionally, conscious citizens could use a mobile app or a web site to report problems to the system.
Traffic monitoring systems
In big cities and during the busiest times of the day, an ambulance might spend nearly one hour to reach its destination from the time the emergency call took place. In a smart city, the emergency services can fetch real-time information from the traffic monitoring systems in order to reduce response time. As you can imagine neither health nor emergency services are the ones who install and manage monitoring devices on the streets. Another entity such as the police or the municipality has more incentives and reasons to deploy these services. What’s more, these public services can be subcontracted from a private company. Once this system becomes operational, there will be a network of organisations accessing this information and each participant needs a subset of this data. The emergency services will have access to congestion information but not to security cameras, the police will have access to those security cameras and to speed cameras too, and the municipality might have access to a data set of their own. As things start getting complex in terms of who has access to what, these organisations, both private and public, must establish a federated network.
Wi-Fi hot spots providers
Technology per se is attracting millions of people to cities worldwide. Today if you are a tourist visiting a new city, you can find “free” Wi-Fi access at airports, libraries, museums, shopping centers, hotels, and even at outdoor areas such as parks and shopping alleys. But there is still an inconvenience. When you connect to any of these sites’ networks, usually each asks you a different requirement: input a one-time customer code, share your email, share your phone number, choose your favorite social media service to log in, or sometimes surprisingly nothing. This is inconsistent, uncomfortable, and it doesn’t bring users a sense of trust. What if you could register to a single identity provider (such as an Internet or mobile provider) so when you move to the next place on your journey, you do not need to authenticate again? This smooth experience (known as “single-sign on”) would bring visitors the feeling that they are walking across a modern, smart city. As in the previous scenarios, all hot spot providers must belong to a common federation. Although the EU has removed the roaming fees, this is still a challenge for a tourist. Especially if you are travelling outside of EU, or travelling within the EU without an EU mobile subscription.
Why Smart Cities Services Need Federated Access
The smart cities revolution brings a plethora of cases like these four (electricity, waste management, traffic monitoring systems and Wi-Fi hot spots providers), which show that smart cities will not succeed without federated access. Public services will massively benefit with federated access, but this will also create fresh opportunities for both private companies and startups. Federation will help this dream come true.
Benefits of federated identity and access management systems
- Users use their existing credentials
- Citizens use existing ID services offered by local, state or national government
- How other system users sign in is managed by their own organisation and controllable according to their own security policy
- Access control can be performed by both the customer organization and by the target service
- Application developers can focus on their core skills of developing great smart city services
- Secure, consistent, controlled and auditable processes
For more information about federation, visit here.
About The Author: Oscar Santolalla
With more than 15 years of experience in the technology space, Oscar is a trusted advisor for Ubisecure Customer Identity and Access Management (CIAM) customers and partners. As a Sales Engineer, Oscar runs product demos, supports customers and partners, and leads the IAM Academy training programme. He is also the author of the book ‘Create and Deliver a Killer Product Demo’, and hosts 'Let's Talk About Digital Identity" podcast.
More posts by Oscar Santolalla