Embed Size (px)
DESCRIPTION
Laws of Relationships Presentation for IRM Summit, Dublin 2014
Citation preview
The Laws of Relationships(A Work In Progress)
Ian Glazer
Senior Director, Identity
salesforce.com
@iglazer
What’s the problem?
firstName
lastName
mobile
ou
nickname
title
…
firstName
lastName
mobile
ou
nickname
title
…
firstName
lastName
mobile
ou
nickname
title
…
firstName
lastName
mobile
ou
nickname
title
…
Reasonably large number of identities with a reasonable
number of attributes
deviceID
firmware
deviceID
firmware
deviceID
firmware
deviceID
firmware
Unreasonably large number of identities
with a few attributes?
Reports To
Reports To
Reports To
Works with
Reports To
Reports To
Reports To
Owns
Owns
Owns
Works with
Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data
from
Sends data
to
Uses
Controls
Works with
Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data
from
Sends data
to
Uses
Controls
Works with
Drives
Uses
Constrains
Choice Of
Uses
Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data
from
Sends data
to
Uses
Controls
Works with
Drives
Uses
Constrains
Choice Of
Uses
Can send
data to
Riden In
Riden In
Unreasonably large number of relationships between
unreasonably large numbers of people and things, each
with attributes?
Why build laws in the first
place?
• Inform our designsTest existing solutionsIdentify gaps
Laws of Identity (2004)1. User Control and Consent
2. Minimal Disclosure for a
Constrained Use
3. Justifiable Parties
4. Directed Identity
5. Pluralism of Operators and
Technologies
6. Human Integration
7. Consistent Experience Across
Contexts
The Laws Of Relationships
(A Work In Progress)
Acknowledgeable
All parties must be able to acknowledge they are
in a relationship
I acknowledge my
relationship with
Twitter Do I
acknowledge
my followers?
They will
acknowledge their
relationship with
me
But can I
acknowledge my
relationship with
them?
Is this really a Law or a feature request from the
VRM/PDE/Privacy-types?
Actionable
Relationships must be able to carry authorization
data
Can perform
actions X, Y, and
Z
Can perform
actions Q, W,
and E
Can perform
actions X, Y, and
Z
Can perform
actions Q, W,
and E
Can perform
actions X, Y,
and Z
Can perform
actions Q, W,
and E
?
?
Constrainable
Relationshipsmust be constrainable
With my
permission, it
can report its
location
It can constantly
report energy use
to my power
company
It can only used
by customers
with active
licenses
Consent
It can constantly
report energy use
to my power
company
It can only used
by customers
with active
licenses
Consent
Consent
It can only used
by customers
with active
licenses
Consent
Consent
DRM
Contextual
Relationshipsare contextual
Inactive relationships• None of the parties “use” the
relationship until a condition is
satisfied.
• The set of driver, car, insurer
relationships isn’t “used” until there is
a claim.
• Inert, inactive relationships are
still important because they
provide context
• This widget was made by Yoyodyne.
DrivesInsures
Manufactured by
Active Relationships
• Context toggles a relationship
into a usable state
Customer
Owns
Owns
Possesses
Context is a requirement• Related Research:
– Death of authentication and rise of recognition
– Relationship context metadata and the need for durable metadata
Immutable
Relationshipscan be immutable
Built by
Built by
Provable
Relationshipsmust be provable
Mechanism to prove that a relationship
exists between parties
• Single-party assertedMulti-party asserted3rd-party asserted
Single Party Asserted:X relates to Y because X says so
I work for
her
Multi-Party Asserted:X relates to Y because X and Y say so
I work for
her
She works
for me
3rd-Party Asserted:X relates to Y because Z says so
Sally works
for Mary
HR
3rd-Party Asserted:Does this require other relationships?
HR
Revocable
Relationshipsmust be revocable
Real-world revocation
Real-world revocation
Owns
Owns
Paired
Built By
Acts on behalf of
Real-world revocation
Owns
Owns
Paired
Built By
Acts on behalf of
Questions that need answers• Can either party revoke a relationship?
• If I sever a relationship should any party who was part of the
relationship still have access and use of what was shared in the
course of the relationship?
• Does this imply the idea of cascading delete?
Scalable
• Number of actorsNumber of relationshipsNumber of attributesAdministration
Transferable
Relationshipscan be transferable
Client
Temporary Transference
Client
Temporary Transference
Delegate
Client
Temporary Transference
Delegate
Acts on behalf of
client
Client
Temporary Transference
Delegate
Acts on behalf of
client
Permanent Transference
Owns
Permanent Transference
Owns
Customer Of
Permanent Transference
Owns
Customer Of
State of transference• Do we need a system of record for transference state?
• Who would maintain such a system of record?
• Can/should the relationship carry history?
Now what?
The Laws of Relationships
•Acknowledgeable
•Actionable
•Constrainable
•Contextual
• Immutable
•Provable
•Revocable
•Scalable
•Transferrable
Join the Kantara WG!
https://kantarainitiative.org/groups/irm/
IRM WG Goals• Build a solid set of laws
• Develop an IRM evaluation tool
• Test that tool on well known identity systems
• (Your suggestion here)
Go test this!
Where should we try and test relationship management?• IoT is a natural case
– Industrial settings (factories, planes, etc)
– Citizen (smart homes, sensors in public)
• Familial Relationships
– Insurance
– Healthcare
• Finance
– Complex authorization models
– Regulatory influence
Where else can we test this?• Product architecture
• User stories
• Random strangers on the bus
Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data
from
Sends data
to
Uses
Controls
Works with
Drives
Uses
Constrains
Choice Of
Uses
Can send
data to
Riden In
Riden In
The Laws Of Relationship
s
