The Flipside of Identity

Yesterday, while discussing some of my favorite topics with someone, I argued that identity and semantic web are two sides of the same coin. This is a recurring theme in the 10^10 vision, and it turns out I’ve touched in the topic in this blog before.

Oneperspective is that consistent identityis necessary forbroad implementation of semantic web. It is true that reliable global identification is the biggest immediate roadblock to the potential of microcontent sharing (with trust configuration next in line, IMO). However, that is only the superficial connection.

To go deeper, you need to realize that when we talk about “identity”, we are rarely (if ever) talking about the actual identity of anything.I previously argued that ourreliance onartificial surrogates of identityhas all sorts of consequences. These tokens are incredibly useful, but we have to remember that they are simply tools that help us achieve goals within our current constraints. There is still immense room for improvement. It may never be possible to completelyisolate and latch the true essence that identifies an individual (and who cares about perfection, anyway?), but we are getting closer every day, and that’s where the deeper connection is.

Every token that you obtain (PIN for your bank account, your car key, credit card, etc.) is an attempt to assert a relationship between your physical essence and some other physical state or historical event has been confirmed. For example, your voter registration card vouches the following:

The person holding this card has been verified to have the same physical appearance and signature as the person who has beenbeen confirmed to be a resident of a certain locale, above a certain age, and meet a laundry-list of requirements for citizenship.

There are probably ten other indirections inthe custody chain which I’ve left out, but that’s OK. Since it wouldn’t be scalable for the poll workers to troll through all of the relevant recordsto verify this on-demand, you get a card.

The important thing here is to realize that the “identity tokens” you useare a combination of a bunch of historical assertions all keyed indirectly off of your physical description. The root key can be Photo ID and signature, fingerprint, DNA, or even a pattern memorized in your memory (in absolute terms, only slightly less permanent than your Photo ID). In other words, you can think of identity as consisting of two separate components:

  • A unique key that can be deterministically derived from the physical entity and supports unambiguous and repeatable equality testing. It’s very important to realize that this key doesn’t need to contain any actual information; it just needs to support those three requirements to an acceptable tolerance. In fact, it is often best if this key does not contain any information.
  • A bunch of metadata keyed off of that identifier. The more metadata tied to that identifier, the more valuable the metadata and identifier become.

You want the equality-testing operation to move to the essential, converge, and be as shared as possible; while you want the universe of metadata keyed on that operation to explode. The fact that the first piece (pure naked authentication) is often mixed all up with the metadata is mainly due to pragmatic implementation considerations and can sometimes obscure the fact that these are two distinct concepts.

Once you have nailed the naked authentication,identityis the sum total of your memory and experiences (“renmin voice“) and everyone else’s memory and experiences about you (“committee of gossips“). Storing this metadata in a universally accessible way is the long-term vision of all of these microcontent efforts.

Note that I’m not arguing that semantic mesh will make tokens irrelevant; I am just pointing out that in the bigger picture, these efforts are pursuing exactly the same goals, and security tokens can be seen as architectural optimizations and a flipside of the bigger problem.

Leave a Reply

Your email address will not be published. Required fields are marked *