[Log In] []

Exploring the science and magic of Identity and Access Management
Tuesday, June 18, 2024

Identity Map

Author: Mark Dixon
Thursday, November 10, 2005
5:35 am

Over the past few months, I have been pondering about how to describe Identity
in a way that encompasses how we think about ourselves in the "natural
world" as well as how we represent ourselves in the "digital world."
I asked myself, "How would I describe my own Identity? How would I categorize
the many attributes that uniquely describe my own existence? Out of those ponderings
have emerged the "Identity Map." I offer an introduction today and
will describe the various elements of the Identity Map more completely in days
to come.

I welcome any and all comments.

Core Identity
A fundamental premise undergirding
the Identity Map is that each person is unique. This unique "Core Identity"
can be identified or described by attributes categorized into Names, Characteristics,
Relationships, Roles, Location, Experience, Knowledge and Reputation. Each attribute
adds to the fundamental uniqueness of each individual. Brief descriptions and
examples of each include:

  1. Names
    I am known by many names. My given name is Mark.
    My surname is Dixon. My i-name is MarkDixon.My social security number is [wouldn’t
    you like to know?]. My kids call me Dad.

  2. Characteristics
    I have some measureable characteristics
    that don’t change – my DNA signature, my fingerprints. Others change over
    time – height, weight, hair color. Does IQ change? I don’t know.

  3. Relationships
    I have relationships with people, institutions
    and things. I am father to my children, brother to my siblings, husband to
    my wife. I am an employee of Sun Microsystems and an alumnus of Brigham Young
    University. I own a Nikon camera. I love Chinese food. I can’t stand professional

  4. Roles
    . The functions I perform in life are roles: Father,
    husband, Sun Identity Practice Lead, Identity blogger, Church volunteer, registered

  5. Location
    . When I used to travel every week, I’d tell people
    I claimed home addresses in Mesa, Arizona and United seat 2B. These are descriptors
    of physical locations, relative to different known reference points. However,
    my current location (latitude, longitude, elevation) will vary, depending
    on where I am physically located at any moment in time.
  6. Experience. I have experienced many things in the 52+ years
    of my earthly existence. I have been stabbed by a pitchfork, run for a touchdown,
    flown around the world and milked a cow (many times). Each experience adds
    uniqueness to my core identity.
  7. Knowledge. During my existence, I have amassed much knowledge,
    some of it shared by many, some of it unique. Both you and I probably know
    the Pythagorean Theorem. You probably don’t know the names of my kids. I hope
    you don’t know my blog password.

  8. Reputation
    Other people and institutions say things about
    me, some of it good, some of it bad. The credit bureaus say I have a good
    credit rating. The DMV say I’m a so-so insurance risk because I’ve had a couple
    of tickets in the past three years – but they also say I hold a valid drivers
    license. BYU says I hold a BSEE degree. My wife likes me (and that is what
    really counts).

Physical Identity refers to tangible items that represent
identity attributes. Common physical identity items include birth certificates,
drivers licenses, graduations certificates, etc. Each of these symbolically
represents one or more attributes from the categories listed above. Creation
or destruction of a Physical Identity doesn’t alter the core identity attributes
it represents. If my drivers license gets trashed, I still exist. For 4 bucks,
I can get a new one.

Digital Identity refers to symbolic digital representation
of identity attributes. These are normally very small subsets of the entire
Identity. Common digitally-represented items include user ID, password, name,
address, telephone number. Digital identities can be stored, transferred, used
for access system, or stolen (ouch!).

Blended Identity refers to physical items that contain
identity attributes. Smart cards or credit cards with magnetic stripes are examples
of physical identities that contain digital identities.

So, there it is – the Identity Map. I hope this framework proves to be valuable
for discussing the various facets of Identity. Stay tuned for more.



9 Responses to “Identity Map”

    Good attempt at the classification of the user data . My response!!

    Comment by Shekhar Jha on November 11, 2005 at 4:08 am

    Mark, I think this is a really useful and creative analysis.

    What I have been doing lately is classify identity data into credentials, entitlements and attributes.

    I know that ‘abuses’ your model, because you would correctly point out that my credentials and entitlements are also kinds of attribute.

    However, it fits neatly with the SAML assertion types (assertions of identity, entitlement and ‘other stuff’), which is my not-very-hidden motive for doing it that way.

    Some notion of ‘time’ also seems to me to be indispensable. I think an assertion of identity is an assertion that ‘this person in whom I observe some attribute now’ is identical with ‘the person in whom I observed some attribute previously’: so identity data is data which supports your belief in that assertion. That could therefore be appearance, role, credentials, inference from evidence of the person’s skills or memories, and so on.

    I’ve made the point elsewhere that ‘credentials’ are nothing more than evidence that the person presenting the credentials ‘is identical with’ the person to whom they were granted at some point in the past.

    Hope this helps… keep up the good work!

    Comment by Robin Wilton on November 11, 2005 at 5:24 am


    Thanks for your comments. I don’t think you are abusing the Identity Map model. You are focusing on Digital Identities, which I believe are symbolic representations of core attributes.

    Your terms map nicely to the Identity Map. Credentials are “names”, entitlements represent “relationships” and attributes represent any other “attributes” in the Core Identity. To assert a Digital Identity is to claim that these credentials, entitlements and attributes do indeed represent a unique individual.



    Comment by Mark Dixon on November 11, 2005 at 6:16 am

    Apologies, Mark, my memory is so lousy these days… looking back through your blog, I see that I made pretty much the same comment about 20 entries back. (doh!)

    Feel free to censor if I go on repeating myself! ;^)

    Comment by Robin Wilton on November 11, 2005 at 6:41 am

    I’m not sure if there is real reason to differentiate the “physical identity” and “digital identity”. I dont’t think that driver’s licence is much different from a privilege in an information system (except for the “storage media”). I see both these “identities” as personas.

    You may be interested in my post describing the Persona Model .

    Comment by Radovan Semancik on November 15, 2005 at 9:50 am


    Thanks for your comments and for your links to your website and Person essay.

    I agree that physical and digital identities are similar in nature, but I find it useful to discuss a strictly physical symbol (like a paper birth certificate) to set the stage discuss a digital symbol (such as a digital certificate). Methods for distribution, replication, protection and theft can be quite different between physical and digital realms.

    Best regards,


    Comment by Mark Dixon on November 15, 2005 at 5:06 pm

    Hi Mark, I’ll throw out some possible additions to your list for consideration
    1) opinions, what I think of other people (flip side of rep?) and things (e.g. my list of favourite musicians)
    2) interests, related to but not synonymous with knowledge, e.g. I know things on topics I have no interest in and I’m interested in things I know almost nothing about 🙂
    3) attention, things I have looked at, listened to, e.g. my click stream. Perhaps this is encompassed through experience?

    Comment by Paul Madsen on November 16, 2005 at 11:34 am

    >> 1) opinions…
    >> 2) interests… not synonymous with knowledge

    Could be categorized under relationships towards people and maybe you add topics here.
    Should really be added as it is important e.g. concerning personalized advertising…

    >> 3) attention…

    I do not think this matches experience. It’s rather of the same category than interest as I probably won’t look at things in which I in which I do not take any interest. Time comes in here too, the time I spend on these things tell you more about my identity than just what I looked at etc.) This might also be labelled “history and timing of actions”?

    Kind regards, Matthias

    Comment by Matthias Fischer on January 23, 2006 at 6:09 pm

    thank you for this. i have referred to it in my school artwork. i am researching identity and this helps me a fair bit. =)

    Comment by hayley on June 20, 2006 at 4:26 pm

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.