Practical example and current challenges
- In the future, our food will be delivered directly to the refrigerator. The cleaning service brings shirts. One question is crucial: Who is allowed in my apartment, when and for what purpose?
- Smart living, i.e., the networking of all internet-enabled devices in the home environment, will only flourish if all entities and assets can be protected by secure and smart identity and access management. Entities include, for example, residents, owners, service providers, and manufacturers. Their assets include not only the building and the apartment – and the associated data – but also other assets such as e-charging stations and building access systems.
- This highly pronounced heterogeneity of entities and assets is also reflected in access management. Particularly in the case of building or apartment access, the needs of the individual players - such as residents, landlords, care services or suppliers, and technicians - must be taken into account with different types of access authorization. Comprehensive identity and access management and authorization procedures are, therefore, indispensable for the transfer of authorizations.
- Such access management systems must have a certain form of “intelligence” and be able to decide whether a particular access request is justified depending on the particular situation. They need to evaluate various distributed data sources from different (cloud) systems such as order histories and delivery tracking based on the use of artificial intelligence.
- In order to ensure that smart access management systems meet the highest requirements of security, privacy, and convenience, smart, context-sensitive, AI-based services need to be developed. These services must be able to access the various data sources and cloud systems, make intelligent decisions based on the evaluated data and forward these to the appropriate interface, with the highest level of performance. This requires both horizontal and vertical system integration.
- Since smart living provides access to real buildings and assets and all related services and systems for all entities, a key priority is to protect privacy, provide data autonomy and ensure security in this domain.
What added value does the "GAIA-X project" offer?
- The existence of a comprehensive identity and access management enables the realization of many security use cases of the "Smart Living" domain.
- As a cross-domain data ecosystem, GAIA-X enables the use of different authorization concepts that work cross-system, and cross-use case (e.g.to provide different entities with temporary access to an apartment whilst the resident is away).
- In the field of building security, data ecosystems are only just emerging. The GAIA-X govern-ance rules can help bridge the gap between ensuring data privacy and using data to implement security solutions.
- The provision of a reliable data infrastructure is a prerequisite for the development of central components of security & privacy services that use data in need of protection - such as AI-based face recognition for intelligent access control management.
- In the future, GAIA-X will enable the use of data catalogs, which will make it possible for the developers of such services to use certified data sources to develop better AI models.
- GAIA-X can enable the required exchange of distributed data described above to be undertaken safely, thus accelerating the emergence of AI-based access management in the smart living domain.
- Kerstin Hausmann – Aareon
- Prof. Oliver Thomas – DFKI
- Dr. Gero Fiege – dormakaba
- Dr. Jochen Bauer – FAU Friedrich-Alexander-University
- Dr. Claus Wedemeier – Federal Association of German Housing and Real Estate Companies (GdW)
- Birgid Eberhardt – GSW Association for Settlement and Housing Construction Baden-Württemberg
- Thomas Feld – Strategion
- Henrik Kortum – Strategion