Thursday Apr 02, 2009

Have a Token: ID Hats and Personae

While pondering the ProtectServe/Relationship Manager proposition, use cases and protocol flows set forth by Eve Maler, in the context of a discussion of open architectures for citizen/government interaction I had earlier in the day, I came up with the bizarre notion that perhaps the best analogy for an Identity persona claimed by an individual is not an ID card, but an ID HAT.

We often talk about wearing different hats in life ... some of mine are listed in my Twitter bio: "Husband, father, grandfather, social networking afficionado and Identity Management professional."  In one short phrase, five hats I commonly and proudly wear are identified.  Of course, I can choose to don other hats or expose other personae in my relationships with people or systems, either in person or in cyberspace.

In the case of online relationships, the trick is to provide the service I choose to relate with - the "consumer" in the ProtectServe model - with precisely the subset of my "user" data, that represents the hat I choose to wear in that relationship (my selected persona).  In the ProtectServe model, I depend on the Authorization Manager (aka CopMonkey) to provide the consumer with a token representing my chosen hat.

Now here's where the hat concept becomes more useful ... in addition to being a useful metaphor for my chosen persona, HAT is also an acronym for "Have a Token," which is  precisely the action I authorize the relationship manager to complete on my behalf.  Through this trusted third party, I have offered a token (Have a Token) to the consumer representing the HAT I choose to wear in our relationship.

Whether or not ID HAT analogy has legs will be for others to decide.  But for me, it was an analogy that helped me understand a somewhat complex concept.

By the way, (many) hats off to Eve and the other brilliant thinkers who came up with the ProtectServe concept!

Technorati Tags: , , , ,
About

Discovering Identity was founded on blogs.sun.com in May 2005 as a means of documenting my exploration of the field of Identity and Access Management. In February, 2010, I switched to hosting the blog at DiscoveringIdentity.com. In March 2012, I began posting Oracle-related information in both places.

Thanks for stopping by.

Please connect with me in cyberspace at LinkedIn or Twitter.


The views expressed on this blog are my own and do not necessarily reflect the views of my employer, Oracle Corporation, or any other person or organization.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today