In the wine seller example, the merchant needs to know
the age of the subject. This is a requirement that the buyer needs
to be aware of and understand if he is to decide whether he
wants to disclose the requested information. The fact that the
merchant will accept only claims from a government-issued ID
is again information that needs to make its way from the RP to
The Identity
Metasystem provides
a frame of
reference through
which entities can
negotiate which
underlying technology
to use
Negotiation is a
necessary step in a
system of systems
126 Hints Toward a Solution
the subject. The set of requirements of an RP is said to be its
policy. The IP has policies, too, as discussed later in the chapter.
Encapsulating Protocol
As the negotiation takes place, the information must actually
?¬‚ow according to the roles and the rules of the transaction. The
subject needs some wayto retrieve his identity from the IP, and
the RP needs some wayto receive it.
The existing technologies already have their own ways of representing
identity and moving it from node to node. However,
those methods will not interoperate, and therefore they need to
be abstracted away. The Identity Metasystem needs to de?¬?ne a
protocol that presents a common model to every participant so
that no speci?¬?c technology needs to be understood for establishing
a connection; such a protocol, however, should also enable
effective transfer of information according to the rules of the
particular technologies.
Pages:
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224