A Look At IRM in the Wild
The following table is a working document which reflects the various "IRM in the Wild" use cases the IRM WG is discussing and how each applies to the IRM Principles as they are currently defined.
Use/Business Cases Explored
Principles | Migration | IoT | DNS | Block Chain (e.g., OneName, NameCoin) | Distributed Hashes | Promise Theory | Ontology | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Is there a role for a Relationship Manager? | Yes | ||||||||||||||||||||
Scalable |
|
v4, v6 | |||||||||||||||||||
Actionable |
|
IANA, Registration | |||||||||||||||||||
(Im)Mutable |
|
Immutable/Proxy/Forwarding | |||||||||||||||||||
Contextual |
|
Actually provides context | |||||||||||||||||||
Transferrable (Delegation) |
|
Bought, Forwarded | |||||||||||||||||||
Provable |
|
w/HTTPS DNSSEC | |||||||||||||||||||
Acknowledgable |
|
NMAP, other | |||||||||||||||||||
Revocable |
|
| |||||||||||||||||||
Constrainable |
|
Subnets, Domains, etc. |
Architecture Notions
Notion | Notes/Comments |
---|---|
Scope it/ Profile | |
Bounded for use/links to the real world | SAML, UMA? |
Are components a viable approach? | OAuth/JWTs OpenID Connect |
At the IdP layer as backend or data store, "contextual identity store" | Can't change the apps Hack the IdP Hack the manager be it the IdP or the AS Is it a rule generator? "Contextual claims compiler" Co-opt the IdP |
Human Understandable | |
Are there simplifying assumptions? | |
IRM provides the context for AuthZ? | |
Build up the attributes from IdP in order to meet need for a claim | |
Semantic aspects | |
Autonomous | |
Distributed Ledgers |