17. Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data
from
Sends
data to
Uses
Controls
Works with
Drives
Uses
Constrains
Choice Of
Uses
18. Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data
from
Sends
data to
Uses
Controls
Works with
Drives
Uses
Constrains
Choice Of
Uses
Can send
data to
Riden In
Riden In
19. Unreasonably large number
of relationships between
unreasonably large numbers
of people and things, each
with attributes?
22. Laws of Identity (2004)
1. User Control and Consent
2. Minimal Disclosure for a
Constrained Use
3. Justifiable Parties
4. Directed Identity
5. Pluralism of Operators and
Technologies
6. Human Integration
7. Consistent Experience Across
Contexts
49. Inactive relationships
• None of the parties “use” the
relationship until a condition is
satisfied.
• The set of driver, car, insurer
relationships isn’t “used” until there is
a claim.
• Inert, inactive relationships are
still important because they
provide context
• This widget was made by Yoyodyne.
50. Inactive relationships
• None of the parties “use” the
relationship until a condition is
satisfied.
• The set of driver, car, insurer
relationships isn’t “used” until there is
a claim.
• Inert, inactive relationships are
still important because they
provide context
• This widget was made by Yoyodyne.
Drives
51. Inactive relationships
• None of the parties “use” the
relationship until a condition is
satisfied.
• The set of driver, car, insurer
relationships isn’t “used” until there is
a claim.
• Inert, inactive relationships are
still important because they
provide context
• This widget was made by Yoyodyne.
Drives Insures
52. Inactive relationships
• None of the parties “use” the
relationship until a condition is
satisfied.
• The set of driver, car, insurer
relationships isn’t “used” until there is
a claim.
• Inert, inactive relationships are
still important because they
provide context
• This widget was made by Yoyodyne.
Drives Insures
Manufactured by
61. Context is a requirement
• Related Research:
– Death of authentication and rise of recognition
– Relationship context metadata and the need for durable metadata
72. State of transference
• Do we need a system of record for transference state?
• Who would maintain such a system of record?
• Can/should the relationship carry history?
105. Questions that need answers
• Can either party revoke a relationship?
• If I sever a relationship should any party who was part of the
relationship still have access and use of what was shared in the
course of the relationship?
• Does this imply the idea of cascading delete?
110. With my
permission,
it can report
its location
It can
constantly
report energy
use to my
power
company
It can only
used by
customers
with active
licenses
119. Where should we try and test relationship
management?
• IoT is a natural case
– Industrial settings (factories, planes, etc)
– Citizen (smart homes, sensors in public)
• Familial Relationships
– Insurance
– Healthcare
• Finance
– Complex authorization models
– Regulatory influence
120. Where else can we test this?
• Product architecture
• User stories
• Random strangers on the bus
121.
122.
123. Reports To
Reports To
Reports To
Owns
Owns
Owns
Paired
Owns
Gets data
from
Sends
data to
Uses
Controls
Works with
Drives
Uses
Constrains
Choice Of
Uses
Can send
data to
Riden In
Riden In