Well, I’m on the flight home from Burton’s Catalyst conference. The conference was a good one, and as I wrote in my previous post, we have a lot to learn from enterprise identity. The most important thing about Catalyst however, is the priority Burton puts on relationships. Their consultants spend less time talking and more time connecting people with others in their industry, and they’ve replaced vendor booths with evening hospitality suites, where a less staged form of social interaction can take place. In other words, they understand the importance of relationships.
Which brings me to the point of this piece: Relationships and Identity. I heard Bob Blakley give his talk on needing to introduce a Relationship entity into the identity discussion for a second time (see my brief summary of the first time here). As I listened to the talk, I noticed that Bob was subtly equivocating between two definitions of the word relationship as the talk progressed. It was interesting because Bob’s typically very precise with his language. When someone like him begins to equivocate, it’s typically because there’s some unconscious energy surrounding the word that’s trying express itself, but because it isn’t fully conscious, it sort of slides out at the seams.
These unintentional expressions are the stomping grounds for Freudian analysis because usually what’s seeping out is repressed and in the highly repressive Victorian era in which Freud lived, these energies were often repressed to the point of disease. The trick for the analyst has always been (at least) two-fold: to notice these moments of seeping intent AND to allow the PATIENT to interpret that intent without introducing too much of the analyst’s own perspective into the interpretive process (this is called projection and a BIG no-no).
The second trick is often much harder than the first. Fortunately for me, however, I’m less interested in analyzing why Bob’s leaking “Relationship” energy (though that would no doubt be great fun!), as I am in riffing on the energy in a more jazz-like way by letting it combine with my own thoughts about building a business in this space. In other words, I’m going to EXPLICITLY project.
To understand Bob’s first use of the word “Relationship”, let’s go back to the simplified diagram of the identity provider I’ve used ad nauseum in this blog:
Here we see a person (Subject) trying to get some information to a website (Relying Party) that they currently have entrusted to a third party (the Identity Provider). Bob starts his talk addressing the relationship between the Subject and the Identity Provider. His first point is that Identity Providers need to focus on building QUALITY relationships between them and their subjects, since, as he’ll claim, that’s ultimately what they are selling.
This makes complete sense and is an important point. Who we are is always defined in context. My relationship with my wife is entirely different than the one I have with my coworkers. Because of this, in a very real sense, I am a DIFFERENT person with them than I am with my wife (though I try to be less bifurcated than most, which has some interesting ramifications for both my work AND my marriage!). Regardless, the point is, the context of your relationship with your IP will DEFINE what KIND of identity about you that they possess and that relationship should be made explicit when they share that identity with a Relying Party.
The confusing equivocation comes when Bob explains his “Relationship” data object, which I have reproduced below:
This is a fictional example Bob envisions coming from Facebook. Confusingly, the example is of a claim that Facebook has between him and a coworker, namely that they are friends. Now this is a NEW kind of relationship (between two people), which I would argue is actually the CLAIM of this relationship data object (namely that Bob and Lori are friends). So Facebook is claiming that Bob and Lori are friends, but for this to be a true RELATIONSHIP data object in the sense Bob was talking about in the beginning of his presentation, the top of the card should read “Relationship: Three year member of our casual social network” rather than “friendship”, which is really part of the claim an only coincidentally a “relationship”.
In other words, the thing that makes a data object a “Relationship” data object, is not if the claim is about two people, but rather that in addition to any claims, it ALSO contains details about the context between the IP and the subject within the data object itself–in this example this could include the duration of the relationship (three years), how frequent it is (every day!), and how serious it is (just for fun). Now this is in some ways just a case of a bad example on Bob’s part that probably confused his audience, but I bring it up because incongruities like this get me actually THINKING, and as I thought, two important questions came to mind:
- What other relationships are missing from the Identity scene that might be inhibiting its development?
- What other information would be valuable in Bob’s “Relationship Data Object” besides the nature of the relationship between the Subject and the IP?
These questions are, of course, only tangentially related to Bob’s original discussion, but like I said, exegesis is just a path to interesting thinking rather than an end in itself for me. In my next post, I want to begin to unpack some of that thinking, because I think it’s important for the business of Identity (Relationship?) moving forward.