The partly electronic future of identity management is proposed as a program for open security in an open society.

in: Semiotics of identity management

 

Strategies guaranteeing all possible support for accountability are based on the integration of the time dimension into information models.

in: The pattern of metapattern: ontological formalization of context and time for open interconnection

 

Like a coin, official identification has two sides. The aim is to enhance security. A consequence is that it may actually raise insecurity. If you can trust keeping your belongings in a locked compartment, it is the key you should now be concerned about to keep safe.

in: Semiotics of identity management

 

The radical but only viable solution is to keep all information available as a matter of principle. To introduce exactness and completeness into the audit trail, the once-valid-turned-invalid information must be labeled as such and maintained.

in: The pattern of metapattern: ontological formalization of context and time for open interconnection

 

[P]otential for open interconnection prioritizes authorization. […] It combines the complexities of identifying actors, (other) objects and process chains with separate activities. The unambiguous solution rests with individual situational behavior as the unit of authorization. For it has been argued that behavior is specific for a particular actor in a particular situation.

in: Semiotics of identity management

 

A useful audit trail also leads to the person responsible for registered information. For that reason, each entry, and especially the entries for existence and validity, are “intexted” with a specific pointer information object. The pointer leads to additional information about the person handling the registration. Whether the actual user really was the person indicated cannot be completely guaranteed by the information system, but the pointer provides an important clue to accountability.

Besides pointing to the person involved in and/or responsible for the information change, Metapattern assumes a pointer to the specific user interaction (i.e., administrative procedure) which controlled the operations effecting the change. Such procedures must be formally typed and implemented, and users should interact with their information system on the basis of such interaction types. Each information change/addition can then be addressed to an interaction instance, providing use and accountability integration. Such natural integration is always the best guarantee for a successful audit trail, requiring no extra effort from users.

in: The pattern of metapattern: ontological formalization of context and time for open interconnection

 

Further along the line of Metapattern’s essential orientation at integrating information differentials (mechanism: multiple contexts) […] user trust [must be supported. It] requires security on mutually reinforcing aspects such as authenticity, access control, activity coordination (workflow), authorization, audit trails, and digital archiving.

in: On metapattern and other themes in information management

 

Regarding information security, identity management requires for example as seamless a modulation as possible into authorization for using resources.

in: Semiotics of identity management

 

[W]ith existence and validity entries fundamental mechanisms are available to correct information, even retrospectively. The audit trail is never compromised.

in: The pattern of metapattern: ontological formalization of context and time for open interconnection

 

An important point of Metapattern is that relations are purposefully made, i.e. establishing a structure that is subsequently kept secure as required for […] authenticity, authorization, audit trail etc.

in: On metapattern and other themes in information management

 

When every change is registered as a state, including the time from which that state takes effect, then state at any time can be derived.

in: The pattern of metapattern: ontological formalization of context and time for open interconnection

 

All information objects have, as part of their intext, one or more validity entries.

in: The pattern of metapattern: ontological formalization of context and time for open interconnection

 

Information exchange in the so-called networked society can be facilitated realistically only with a federated infrastructure. Such an infrastructure will continue to develop, necessarily exhibiting a changing mixture of di- and convergent approaches to perspectivism.

in: Perspectivism in federated practice

 

Recognizing interdependency demands, however, that in an information sense, too, projects may not be taken on in isolation. So, in order to be, and remain, practical regardless of scope, variety et cetera, a tool for modelling interdependency is indispensable. Metapattern was explicitly designed to meet both this real, practical need and opportunity.

in: note 53.2

 

[P]erspectives must be explicitly included in what only then counts as an integral model. How? Perspective is a matter of … context, too. With integral coverage, and only then, it is possible to start arguing — a bit more — rationally about responsibilities.

in: note 53.6

 

Suppose I have to go shopping for two different items. While the shops may be different, I get on one and the same bicycle, use the same road system to reach the shops, and return home. As we grew up with highly developed infrastructure for physical mobility, and it really didn’t change its, say, nature since, as regular bicycle riders and road users we are hardly aware of it. In that case, it takes education as a civil engineer to thoroughly understand reuse, and being able to design et cetera for its change-in-continuity.
Imagine needing a separate bicycle for every destination, and taking a completely separate route. Or take a restaurant with several dishes on the menu. As a rule, there is not a separate kitchen for preparing a particular dish. There are different ingredients, while a dish results from combining a number of ingredients according to a recipe. For an additional dish, i.e. new on the menu, then, all ingredients may already be available. Otherwise, just the still missing ingredient(s) must be added to the store.
With information systems, a common mistake resides in the assumption that systems should follow the organizational pattern. So, department X ‘has’ as its ‘own’ systems x1, x2, … The same for department Y: y1, y2, … And so on. That is fine for facilitating purely self-contained tasks … but for such isolated work organization doesn’t matter at all, anyway.
With a visual metaphor, information is best considered running perpendicular to and thereby crossing organizational boundaries (instead of remaining inside some organizational entity). For we exchange information in order to coordinate our behaviors. Therefore, when departments X and Y work together on a number of subjects, a more productive alignment of information systems would be: (x, y)1, (x,y)2, … Think about me wanting to buy items in different shops. It is not only to my interest that I can get to them, but equally in the interest of each shop that it can be reached (and doing our shopping ‘on’ the Internet doesn’t change this, not in principle ; a package still has to be picked up, or delivered) .
And cooperation is not limited to just two departments. Any number may contribute to whatever subject. And what about ‘outside parties’? In fact, why cooperate, say, internally when not as one, more encompassing, party among others? Does this mean we make a separate information system for every configuration of actors on every subject?
Soon, very soon, variety of physical movements reaches a point where it becomes counterproductive to start from individual ‘travelers.’ And so it is with information systems. Practically, infrastructure becomes a perspective et cetera in its own right. Compare it with a hypothesis. As long as travelers/users feel their mobility/information needs are met (and assuming that they have a voice), infrastructure-as-is is not falsified. When it is, infrastructure is changed to meet the … changed requirements.
This paradigm shift, i.e. toward an infrastructural approach, or assuming the whole, is not yet generally ‘diffused.’ For it requires an attitude that is at least initially counterintuitive. For on a daily basis, we act as if the means we employ relate to the goal, only. However, that is the goal-at-hand, from one to the next, and so on. Means may be, say, recontextualized, i.e. applied for different goals.

in: note 53.28

 

[W]hat is practically needed […] are tools supporting variety of information, from modeling to delivering.

in: note 71.2

 

KnitbITs as the software platform for Metapattern facilitates implementation of managing temporal changes of both instance values and type-nodal structure. Especially without the latter, you cannot maintain structural control at the scale of integrated order. And both are required for establishing audit trails of use.

in: note 71.40