Use/Business Cases Explored
Principles | Migration | IoT | DNS | Block Chain (e.g., OneName, NameCoin) | Distributed Hashes | Promise Theory | Ontology | ||
---|---|---|---|---|---|---|---|---|---|
SalesForce | Strong Device Identity (SDID) - Low Computing Power | SDID - High Computing Power | |||||||
Is there a role for a Relationship Manager? | Yes | Yes | Yes | Yes | |||||
Scalable | FULLY | PARTIAL Reality of IoT Raw device data stream, vs. identity (asset token) | FULLY Seems to scale | FULLY Has to be | FULLY v4, v6 | ABOX instances, wip TBOX rules | |||
Actionable | PARTIAL | FULLY By the nature of the of the asset token and platform | PARTIAL Want it to be, brings real benefits | PARTIAL Level of actionability will vary | FULLY IANA, Registration | FULLY Defined in TBox | |||
(Im)Mutable | PARTIAL | FULLY Depends on info available from the device |
| PARTIAL Depending on the computing power and connectivity of the device | FULLY Immutable/Proxy/Forwarding | FULLY TBox ->'Reasoner' ->ABox | |||
Contextual | FULLY | FULLY Depends on constraints of the device Nothing that excludes this | FULLY Actually provides context | FULLY TBox ->'Reasoner' ->ABox | |||||
Transferrable (Delegation) | NONE | PARTIAL As token of "agency" Need to re-mint token (new JWT) | FULLY Bought, Forwarded | FULLY Ontology referentials | |||||
Provable | PARTIAL | FULLY If HoK (signed JWT via JOSE) | PARTIAL Requires gateway | FULLY | FULLY w/HTTPS DNSSEC | FULLY Ontology referentials | |||
Acknowledgable | PARTIAL | FULLY Allows it to be assigned, you can show this | FULLY NMAP, other | FULLY Ontology referentials | |||||
Revocable | PARTIAL | FULLY Delete the token, there is an endpoint for access token status | NONE | FULLY | PARTIAL | FULLY Ontology referentials | |||
Constrainable | PARTIAL | PARTIAL From the device perspective - not referring to back-end | PARTIAL Difficult to add constraints - limited options | FULLY | FULLY Subnets, Domains, etc. | FULLY Ontology referentials TBox ->'Reasoner' ->ABox |
Architecture Notions
Notion | Notes/Comments |
---|---|
Scope it/ Profile | |
Bounded for use/links to the real world | SAML, UMA? |
Are components a viable approach? | OAuth/JWTs OpenID Connect |
At the IdP layer as backend or data store, "contextual identity store" | Can't change the apps Hack the IdP Hack the manager be it the IdP or the AS Is it a rule generator? "Contextual claims compiler" Co-opt the IdP |
Human Understandable | |
Are there simplifying assumptions? | |
IRM provides the context for AuthZ? | |
Build up the attributes from IdP in order to meet need for a claim | |
Semantic aspects | |
Autonomous | |
Distributed Ledgers |