Day: December 10, 2004

Somehow radioland screws up my greek characters when I post them (except in the diagram, which is a gif). Maybe this is another reason not to use them (meaning greek characters). So the reader of the post below has to use some imagination.

Model and terminology

Carl Ellison’s use of a notation to capture the relativistic aspects of identity reminded me of a paper I wrote a couple of years ago that went very much along the same lines.

I presented it to my friend David Vaskevitch, who is a CTO at Microsoft. He liked and understood the ideas, but made a great number of quite funny jokes at my expense about my introduction of greek symbols into the conversation.

A few months later we had a meeting with Bill Gates where Bill, as is typical of him, began to drill deeply into our technology proposals. Within minutes he was posing questions which were related precisely to the problem of identity and “relativity”. Someone piped up that we needed Kim’s greek equations. I said that David had made me throw them out. Bill said, “Why did he do that – I love equations.” And so on we forged!

I think Carl’s use of English language characters may be a big step forward. But here is how I put it at the time:

 

The problem of representing people digitally is sufficiently complicated that we require a model and terminology in order to describe and solve it. The model in Figure 1 decomposes the problem into three components of representation.

·Alpha (the first in a series) is the object’s representation of itself – for example, a person’s representation of himself.

·Theta ( somewhere in the middle of a series) is the representation of the object by a third party, derived at least in part from an alpha, but not conclusive.

·Omega (the last in a series) is the representation selected by an observer. This is based on zero or more alphas and zero or more thetas, and may be persisted as a new theta that can be consumed in constructing other omegas

 

The model can be expressed symbolically as Omega = Phi (Alpha, Theta), where Phi () is some function of alpha and theta where either alpha or theta can be null. A given phi is one of a set of many possible functions, most of which have conventionally been performed manually using organizational policies.

For the masochistically inclined, I have posted some more of this document here (link lost – Kim)  – with greek characters that actually work.

Good news from Carl

Meanwhile, Carl’s response to yesterday’s posting means we are converging some more:

 

You’re right, Kim. I was talking about O’s view of P rather than P’s view of P (which is as close as I can get to P’s real identity). I hadn’t been thinking of a person who selects different views of him- or her-self to disclose to different people or in different situations. That’s something some people do  (I know – almost everybody) so we had better pay attention to it and its effects.

 

Carl Ellison, who is a really interesting person from security space, has started to blog. I&#39ve already done some identity interviews with him, and I&#39ll be posting those when I get to the laws to which they pertain. For years Carl worked at Intel. Amongst many other contributions, he was one of the inventors of SPKI (Simple Public Key Infrastructure) – a technology we&#39ll be looking at going forward. Carl now works at Microsoft.

Carl&#39s first comment on the Laws was that the First Law is really a law of privacy, not identity. I disagree – here&#39s why.

To think about identity, you have to think about a system of identity. There really can be no identity outside of the system through which it is defined. The Laws of Identity are – in my view – the laws that make a sustainable system possible. And the Law of Control defines the most fundamental of those requirements. It is true that the effect of the Law of Control is to allow the parties to an identity relationship to achieve privacy. But it is a law of identity just the same.

In a recent post Carl attempts a rigorous definition of identity that is in line with the thinking of SPKI:

I define the identity of person P as being a function not I(P) but rather I(P,O,t) – the identity of P from the point of view of observer O at time t.

This relies on one of the definitions of identity: “The quality or condition of being the same as something else.”

In particular, in this case, the two things that are to be established as the same are:

1. characteristics C about P that O observes at time t

and

2. O&#39s memories M at time t of P (built over a period of time)

These two sets of information are not matched exactly. O may remember P at an earlier time before P&#39s hair turned white and that characteristic is not to be observed again.

Rather, those two sets of information are compared to find matches and non-matches. As long as the matches constitute enough entropy to rule out all other P’ in the world, then O can conclude that s/he knows the identity of P — assuming the non-matches do not rule out P.

So, if set-intersect(C,M) has enough entropy to specify P uniquely over the entire universe and set-intersect(C,anti(M)) is empty (or can be discounted), then identity has been established. [I&#39m not completely comfortable with the handling of anti(M) and welcome refinements, while I keep thinking about how to fix this formulation.]

This is great thinking. I really like his understanding of the role of memory, the use of a notation for viewpoint and the concept of an intersection set. But there is a flaw – which I hope is just terminology. I(P,O,t) is not the Identity of P, but rather O&#39s view of the identity of P. P emits an identity (and is capable of releasing more than one), and O views it, evaluates it, remembers it We need to separate the perception of something from the thing itself. The finger pointing at the moon is not the moon.

Carl has spent a long time trying to show people what to him is obvious: that O&#39s view of P is what matters to O (as opposed to the assertions of traditional PKI). But let&#39s not dismiss the role of the subject in selecting her identity and choosing what to reveal – which is equally important to the system as a whole. You cannot deal with half of this question. Oh yeah: I call the set-intersect (C,M) “recognition”.

Scott Mace has posted his interview with Owen Davis, President of Identity Commons.

I found a new page that lists all of Scott Mace&#39s interviews in the “Opening Move” series – including those done at the 2004 Digital ID World Conference. Speaking of which, IT Conversations is supposed to be posting all the presentations from the Digital ID World Conference – but only one session seems to be up so far.

James Governor wins “most passionate feedback” award with this endorsement (I think it&#39s an endorsement) of the Second Law:

rogue elements? the bloody Corporations are rogue elements. they have to start taking responsibility for their identity bulemia. they swallow all this information and then go puke it out afterwards. the fraud happens in the toilet bowl. if they didnt stuff themselves with information they have no *right* to ask for, and certainly not to insist on, then fraud and identity theft would be way harder. rogue elements? rogue elephants more like.

Jamie Lewis is coming back on the air real soon now. That will be fun. Unfortunately his day job has been getting to him.