Embed Size (px)
DESCRIPTION
Taking a page from the work that Kim did with “The Laws of Identity,” I wanted to provide the starting point for the community to build a similar set of design constraints and considerations for relationships and relationship management technologies. Our current IAM methods will be insufficient in a near future in which we are dealing with an unreasonable number of people and things and the relationships between them. At the IRM Summit, I’ll be presenting a strawman set of laws for relationships to help us think about this coming future. To that end, here is a preview of the laws (and axioms and attributes) of relationships.
Citation preview
The Laws of Relationships (A Work In Progress)
Ian Glazer
Senior Director, Identity
salesforce.com
@iglazer
What’s the problem?
firstName lastName email mobile ou nickname title …
firstName lastName email mobile ou nickname title …
firstName lastName email mobile ou nickname title …
firstName lastName email mobile ou nickname title …
Reasonably large number of identities with a reasonable
number of attributes
deviceID firmware
deviceID firmware
deviceID firmware
deviceID firmware
Unreasonably large number of identities
with a few attributes?
Reports To
Reports To
Reports To
Works with
Reports To
Reports To
Reports To
Owns
Owns
Owns
Works with
Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data from
Sends data to
Uses
Controls
Works with
Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data from
Sends data to
Uses
Controls
Works with
Drives
UsesConstrains Choice Of
Uses
Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data from
Sends data to
Uses
Controls
Works with
Drives
UsesConstrains Choice Of
Uses
Can send data to
Riden In
Riden In
Unreasonably large number of relationships between
unreasonably large numbers of people and things, each
with attributes?
Why build laws in the first place?
• Inform our designs • Test existing solutions • Identify gaps
Laws of Identity (2004)1. User Control and Consent
2. Minimal Disclosure for a Constrained Use
3. Justifiable Parties
4. Directed Identity
5. Pluralism of Operators and Technologies
6. Human Integration
7. Consistent Experience Across Contexts
The Laws* Of Relationships
(A Work In Progress)
• Axioms • Types • Laws
AxiomsAttributes in support of
pre-existing natural state or requirements
1. Scalable 2. Actionable
Scalable
• Number of actors• Number of relationships• Number of attributes
• Number of actors• Number of relationships• Number of attributes• Administration
Actionable
Relationships must be able to carry authorization data
Can perform actions X, Y, and Z
Can perform actions Q, W, and E
Can perform actions X, Y, and Z
Can perform actions Q, W, and E
Can perform actions X, Y, and Z
Can perform actions Q, W, and E
?
?
But relationships do not have to carry authZ data
TypesInforms the greater context
1. Immutable 2. Contextual 3. Transferrable
Immutable
Built by
Built by
Contextual
Relationship is active when conditions are met
Inactive relationships• None of the parties “use” the relationship until a condition is satisfied. • The set of driver, car, insurer
relationships isn’t “used” until there is a claim.
• Inert, inactive relationships are still important because they provide context • This widget was made by Yoyodyne.
Inactive relationships• None of the parties “use” the relationship until a condition is satisfied. • The set of driver, car, insurer
relationships isn’t “used” until there is a claim.
• Inert, inactive relationships are still important because they provide context • This widget was made by Yoyodyne.
Drives
Inactive relationships• None of the parties “use” the relationship until a condition is satisfied. • The set of driver, car, insurer
relationships isn’t “used” until there is a claim.
• Inert, inactive relationships are still important because they provide context • This widget was made by Yoyodyne.
Drives Insures
Inactive relationships• None of the parties “use” the relationship until a condition is satisfied. • The set of driver, car, insurer
relationships isn’t “used” until there is a claim.
• Inert, inactive relationships are still important because they provide context • This widget was made by Yoyodyne.
Drives Insures
Manufactured by
Active Relationships
• Context toggles a relationship into a usable state
Active Relationships
• Context toggles a relationship into a usable state
Active Relationships
• Context toggles a relationship into a usable state
Customer
Active Relationships
• Context toggles a relationship into a usable state
Customer
Possesses
Active Relationships
• Context toggles a relationship into a usable state
Customer
Owns
Possesses
Active Relationships
• Context toggles a relationship into a usable state
Customer
Owns
Owns
Possesses
Active Relationships
• Context toggles a relationship into a usable state
Customer
Owns
Owns
Possesses
Active Relationships
• Context toggles a relationship into a usable state
Customer
Owns
Owns
Possesses
Context is a requirement• Related Research:
– Death of authentication and rise of recognition – Relationship context metadata and the need for durable metadata
Transferable
Client
Temporary Transference
Client
Temporary Transference
Delegate
Client
Temporary Transference
Delegate
Acts on behalf of client
Client
Temporary Transference
Delegate
Acts on behalf of client
Client
Temporary Transference
Acts on behalf of client
Client
Temporary Transference
Permanent Transference
Owns
Permanent Transference
Owns
Customer Of
Permanent Transference
Owns
Customer Of
State of transference• Do we need a system of record for transference state?
• Who would maintain such a system of record?
• Can/should the relationship carry history?
Laws
If a thing cannot be X, then it is not a relationship
1. Provable 2. Acknowledgeable 3. Revocable 4. Constrainable
Provable
Mechanism to prove that a relationship
exists between parties
• Single-party asserted • Multi-party asserted • 3rd-party asserted
Single Party Asserted: X relates to Y because X says so
I work for her
Multi-Party Asserted: X relates to Y because X and Y say so
I work for her
She works for me
3rd-Party Asserted: X relates to Y because Z says so
Sally works for Mary
HR
3rd-Party Asserted: Does this require other relationships?
HR
Acknowledgeable
All parties must be able to acknowledge they are
in a relationship
I acknowledge my relationship
with Twitter
I acknowledge my relationship
with Twitter
I acknowledge my relationship
with Twitter Do I acknowledge my followers?
They will acknowledge
their relationship with me
They will acknowledge
their relationship with me
But can I acknowledge my relationship with
them?
Is this really a Law or a feature request from the VRM/PDE/Privacy-types?
Revocable
Real-world revocation
Real-world revocation
Real-world revocation
Owns
Owns
Real-world revocation
Owns
Owns
Built By
Real-world revocation
Owns
Owns
Paired
Built By
Acts on behalf of
Real-world revocation
Owns
Owns
Paired
Built By
Acts on behalf of
Real-world revocation
Owns
Owns
Paired
Built By
Acts on behalf of
Real-world revocation
Owns
Paired
Built By
Acts on behalf of
Real-world revocation
Owns
Paired
Built By
Acts on behalf of
Questions that need answers• Can either party revoke a relationship?
• If I sever a relationship should any party who was part of the relationship still have access and use of what was shared in the course of the relationship?
• Does this imply the idea of cascading delete?
Constrainable
With my permission, it can report its location
With my permission, it can report its location
It can constantly report energy use to my power company
With my permission, it can report its location
It can constantly report energy use to my power company
It can only used by customers with active licenses
Consent
It can constantly report energy use to my power company
It can only used by customers with active licenses
Consent
Consent
It can only used by customers with active licenses
Consent
Consent
DRM
Now what?
Laws, Types, and Axioms
Laws Types Axioms
• Provable • Acknowledgeable • Revocable • Constrainable
• Immutable • Contextual • Transferrable
• Scalable • Actionable
Join the Kantara WG!
Send me comments : https://www.tuesdaynight.org/
2014/05/28/the-laws-of-relationships-a-work-in-
progress.html
Go test this!
Where should we try and test relationship management?• IoT is a natural case
– Industrial settings (factories, planes, etc) – Citizen (smart homes, sensors in public)
• Familial Relationships – Insurance – Healthcare
• Finance – Complex authorization models – Regulatory influence
Where else can we test this?• Product architecture
• User stories
• Random strangers on the bus
Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data from
Sends data to
Uses
Controls
Works with
Drives
UsesConstrains Choice Of
Uses
Can send data to
Riden In
Riden In
The Laws Of Relationships
