Some interesting ideas are swirling in my mind in response to Ian Glazer’s challenge, “Killing IAM in Order to Save It” and Dave Kearn’s article “Pervasive and Ubiquitous Identity.”

Whether or not we need, as Ian suggests, to completely restructure IAM systems in order to progress is still subject for debate, but the concept of thinking about and representing relationships between identities in a directed graph format is intriguing to me.

According to Wikipedia, “Graph databases are based on graph theory. Graph databases employ nodes, properties, and edges.” The following diagram gives a simple example. 

 

Using this method, we can visualize identities as nodes, each with relevant properties, and relationships between identities as edges.  Interestingly, the edges, or relationships, may also have identities and properties of their own.  

As Dave suggests, identities are not only for people, but for things, platforms and services.  The simple diagram below begins to illustrate this concept:

 

 

 

The relationships (edges) are primarily verbs that describe what actions the relationship supports.  A primary role of identity management systems is to establish these relationships between people identities and service or thing identities in such a way that valuable actions can be performed.

These are a few of my thoughts.  What do you think?

PS. Can anyone recommend a good directed-graph drawing tool for Mac?

The older I get (and I’m getting pretty old),  the more I realize how little I know and understand in the ever-expanding universe of information.  But I take comfort in the fact I can learn a little bit new every today.

Today, I learned about Graph Databases.  One of the questions I posed in response to Ian Glazer’s recent post, “Killing IAM in Order to Save It,” was:

Are you proposing an entirely new data structure to manage the relationship graph? Neither LDAP directories or relational databases really model the graph well, but I am not familiar with robust and proven alternate data structures that do a better job.

That shows my ignorance of emerging database technology.  After posting that comment and sheepishly realizing Ian probably knew what he talking about, I googled “Graph Database” and came up with some interesting hits.  While it appears that graph databases are still in a fairly early stages, at least for commercialized products, this technology appears to be well ensconced in the Googles, Facebooks and Twitters of the world.

A helpful article for me was “Graph Databases: The New Way to Access Super Fast Social Data,” published last fall by Mashable.  A couple of excerpts:

While we’re certainly not predicting the demise of traditional databases anytime soon, we are seeing an increasing number of applications where graph databases are being used to accelerate development and massively speed up performance. …

The complexities and dynamics of the real world, however call, for new methods. This is particularly true when the world is moving at the speed of web, and everybody is racing to get ahead of everybody else. Intricate and complex processes like human behavior, as well as dynamic interconnected systems, such as those found in nature and on the web, tend to be less static and predictable, and are ideal candidates for graph databases. 

 That sounds like Ian Glazer talking to me.

  

I look forward to learning more, and particularly extending my discussion with Ian and others on the applicability of these database for Identity and Access Management.