Metasystem and the Network Effect
11 Jun 2009Kim Cameron recently posted a paper "Proposal for a Common Identity Framework: A User-Centric Identity Metasystem". Although this paper is hard to read at places, it brings up some interesting points. It somehow formalizes the "Identity Metasystem" in form of a set of abstract services, which I understand as (possibly unconscious) attempt at creating a abstract architectural layer for identity services, one of the shearing layers in software architecture.
The paper suffers from inconsistent terminology and its use through the paper. If frequently fails to distinguish cyberspace entities and realspace entities. It also seems to assume a binary view of trust: something is either "in doubt" (in claims) or becomes a "fact". I consider this binary view to be one of the worst fallacies of most current identity architectures and systems.
However I believe that the worst drawback of the proposed architecture is that it does not reflect one of the most important requirement for Internet-scale distributed systems: the requirement to support positive Network Effect. If the network node can communicate with each other directly, the value of the network is proportional to the square of the number of nodes. However, if communication is limited to channels, the value of the network is significantly limited by the number of channels. The value of such channelized network grows much slower. In the identity space you can see an example of this in the PKI for qualified digital signatures. This PKI is being constructed for almost 10 years, received substantial investments both for research and implementation, it was frequently stated that there is a need for such a mechanism. And still the technology acceptance is very low. May the limitation to channel identification through the accredited certificate authority channels be one of the reasons for PKI failure?
The paper proposes or assumes similar channelization of the Identity Metasystem: the contractual agreements between claims providers. I don't believe it is feasible to consider contractual agreements between network nodes in Internet-scale systems. There are just too many connections, combinations of interactions. How many claims providers there could be on the Internet? 10? That's clear monopolization. 100? That's approximately one per country. I think that there will be much more of them. Probably one per an organization. That means millions. And that means millions of millions of contractual agreements. That's clearly unfeasible. There would need to be trusted third parties that will "bridge" gaps between organizational claims providers. And there we are back in the PKI world which haven't demonstrated any substantial success on the Internet during a decade of well-funded efforts.
I think that the primary problem is in the binary view of the "trust". The information in the cyberspace cannot be considered to be "facts", but rather an opinion of its author. No information is absolutely reliable and all the information (at least in cyberspace) is subjective. Therefore there may not be a strict need for a contract between parties, but rather a method of a proper risk management and information reliability evaluation. Any "identity" system needs to be firmly based on a "trust" infrastructure between nodes, between resources, cyberspace entities. And I don't think that a "trust" infrastructure based on a binary view would be feasible on the Internet scale.