21.12.2015 - 'do good and talk about it'-series, volume 13
Identity Management is and always was 'Relationship Management' as well. Identities (=Users) do have relations, and those relations define the 'inner' meanings, roles and authorizations of them. In 2008, we at WedaCon started to consequently handle those 'related' objects with the same technologies, ideas and concepts as we do with the identities within our projects.
Since then, we call it 'Entity Management'. During the past years, we realized that those relations became the most powerful and usable part of the systems we designed and managed for our customers. Therefor, today we name it 'Entity Relationship Management'.
Recent initiatives in the Identity and Access Management industry are going into the very same direction, and this made us 'rethink' our approaches and compare them to what several IAM-Masterminds and collegues propose as the 'next generation' thing.
With the Internet of things (or each and everything, Industry 4.0, put-in-you-favourite-buzzword here) we have to deal with billions of objects and their relations to each other.
I would like to point out and talk about two terms here: Relationsships and 'Things' (or lets use a more common and elegant term: Entities. As a great friend and believer in philosophical approaches I would like to re-use what all those wise guys in the past 3000 years have found out on relations and entities:
Maybe the most important and one of the first appearence of the terms can be found around the ideas of 'Entities'. According to Wikipedia, an entity is 'something that exist in itself, actually or potentially, concretly or abstractly, physical or not.'
In other words, an entity is something that exists and can describe many different things like 'things', 'properties', 'events', 'relations', or all of them at once. Especially the last one ('all of them at once') gives the term 'entity' the meaning of something that 'is'.
But just knowing what an entity is (or might be) is not enough. To be able to describe entities and all the potential and real situations, we need a systematic approach. Within philosphy, this is known as 'Ontology'. Ontologies provide a common vocabulary for a given domain and formaly define the meaning of entities, their terms, properties and the relationships between them. In the end, we do not deal with 'data' any more, but with knowledge.
Let me explain that using a 'country' datamodel: In most systems currently in use for IAM approaches, we will find 'countries' as a table with all possible values. Those values are represented as strings, and the value of 'Spain' means: nothing. Its just a string. The table might include other details (dialcode, ISOCode and so on), but this data is 'static'. Introducing new concepts (or even newly learned facts) is not possible (at least not easily).
An ontology of countries tries to collect and provide 'knowledge'. 'Spain is a country' (subject-predicate-object) is a very simple knowledge representation:
The important thing here is that the ontology is used to describe the data: The concept of a country can have borders, dialcodes and IsoCodes, it can have relations. New concepts regarding countries (eg: which departments of a given company operate in a certain country) could be linked by an ontology describing an entity 'department'.
We think that building Identity- sorry: Entity Relationsship Management Systems with the help of entities and ontologies will give us new ways to manage all the Entities (Things) we need to deal with, in the upcoming 'Internet of Things' (or Internet of Entitites?).
The following video gives an overview on the power of Entity Relations by using graph-database technologies and ontologies.
GraphDatabases as ERM Backend
This is a small excerpt from our actual Whitepaper
on 'Semantic Entity Relationship Management',
which will be released soon.
If you cant wait for it, get your personal copy
by contacting us....
Feel free to contact us via email@example.com