Overview#

The Laws of Relationships is about Subject Relationships and specifically about Technology-Enabled Relationship Management

Ian Glazer[1]#

Taking a page from the work that Kim did with "The Seven Laws Of Identity", I wanted to provide the starting point for the community to build a similar set of design constraints and considerations for relationships and Relationship Management Technologies. Our current IAM methods will be insufficient in a near future in which we are dealing with an unreasonable number of people and things and the relationships between them. At the IRM Summit, I’ll be presenting a strawman set of laws for relationships[2] to help us think about this coming future. To that end, here is a preview of the laws (and axioms and attributes) of relationships.

Ian Glazer's point is that we are approaching a point where we can no longer manage individual digital Identity's as with the Internet Of Things we will need "to know how to deal with an unreasonable large number of things." and the relationships between those things is going to get "really messy". Ian goes on saying that "laws" are really design constraints they can help us inform our designs that we are on the right path.

Axioms of Relationships#

  • Scalable - Clearly the future holds more of everything for identity management. Relationship management much be scalable in terms of the number of actors, relationships, and attributes. But those three axes are insufficient, we must also keep in mind scalability of administration.
  • Actionable - Relationships must be able to carry authorization data. This can enable a “thing” to act without having to go back to its back-end server to determine the context in which it can operate.

Types of Relationships#

  • Immutable - Obviously, there are some relationships that do not change. A specific widget can only be manufactured once and immutability of the relationship between the widget and the manufacture provides useful contextual data.
  • Contextual - Some relationships aren’t active and usable until conditions are met. For example, my Canadian SIM card only works when I am physically in Canada.
  • Transferrable - Some relationships can be delegated to others on a temporary basis and, in some cases, one party in a relationship can be replaced with another.

Laws of Relationships#

  • Provable - There must a way for different combinations of parties to prove that a relationship exists. In some cases, a single party is all that is required. In other cases, a 3rd party separate from the relationship will be needed to prove a relationship exists.
  • Acknowledgeable - I believe that all parties must be able to acknowledge they are in a relationship. This is a form of consent management. I’m guessing this will be one of the more contentious parts of my presentation.
  • Revocable - There needs to be a way for a relationship to be revoked. This naturally raises the question of what happens to data that was shared within the context of the relationship. We, as identity professionals, need to get ahead of this narrative before Right to be Forgotten/Deleted becomes solely the domain of lawyers.
  • Constrainable - Participants in a relationship need a way to constrain the relationships and connected parties. This is needed so that parties can describe what is acceptable behavior within the relationship.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-6) was last changed on 02-Jul-2016 12:31 by jim