What makes Relationships special?

IRM is coming into its own, and as such, it is worthwhile for us to look at Relationships, and Identity Relationships and talk about how they fundamentally change the way we deal with Identities.

There are many different aspects of relationships that we can examine, and I hope to dive deeper into some of those over the upcoming weeks.

However, initially, I just want to talk about relationships themselves, and why they are fundamentally changing how we manage, and think of, Identity.

First, let us look at what we mean by Identity. Dictionary.com gives us

  1. The state or fact of remaining the same one or ones, as under varying aspects or conditions.
  2. The condition of being oneself or itself, and not another
  3. Condition or character as to who a person or what a thing is.
  4. The state or fact of being the same one as described.
  5. The sense of self, providing sameness and continuity in personality over time and sometimes disturbed in mental illnesses, as schizophrenia.
  6. Exact likeness in nature or qualities.
  7. An instance or point of sameness or likeness

In the context of IRM, Identity is being able to uniquely distinguish a particular instance from the universe of all instances

Traditionally, this is done by using attributes of the entity with a set of attributes that are sufficiently unique to be able to identify the entity. This could be as simple as username and password, (only two attributes) which together can uniquely identify the entity. Identity Management in general has been designed around assigning a unique set of attributes to entities. The examples are endless, EmployeeNumber, SSN, SerialNumber, AccountNumber etc etc etc.

The brave new world of IRM, and IoT, challenge some of the basic assumptions around identity.

My first axiom of IRM (Still thinking of what I should call it.. :) is as follows:

As the number of Entities increases, the differentiation between individual entities decreases – leading to an individual instance being identified by its relationships to other entities.

Lets have a look at how this axiom actually plays out.

There are many cases of Identity where the specific instance is very important. We can show numerous use cases with people where this is obvious. For example, in medical records, or tax services, being able to associates the data with a specific person is of paramount importance. But even when the entities we are dealing with are people, there are also more and more cases where the actual identity of the person is not important, but their relationships are used to identify them.

Lets look at Google as an example. The actual identity of a user is far less important in the Google use case, than their search history or their location! Both are actually relationships where the user is related to a set of search terms, or a geographic location.

As we move into IoT, the number of entities increases dramatically, making the individual instance much less important. For example, in the case of a mobile phone, it is not the specific phone (IMEI987654321) that we care about, but rather the one that is related to the person we wish to call!

Trying to fit the old (unique identifying attributes) into this new paradigm actually results in a poor experience, since we get stale, mismatched and obsolete data. An example we all know, is our address book! An address book stores phone numbers, but what we really need, is a way to connect to our contacts. The phone numbers were simply a temporary relationship at a particular point in time, I would much rather have a relationship to their current phone.

Being able to identify entities based on their relationships to other entities allows us considerable flexibility.

Not that this idea is new, The media, and marketing world has been doing this for a long time. Entire markets are defined based on relationships. If you are going to sell SeaHawks branded items, you probably want to market to people with a relationship to the seahawks! And we have all seen the careful marketing done to reach the “14-19 year old male” or the “25-34 year old single woman college graduate”. The Identity is less important than the relationships it has to other entities!

In future posts, I am going to examine the relationships, and see if we can identify specific characteristics that apply to all relationships.

As always, I would welcome your comments and feedback!

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?