It has been a while since I started this thought but it is not a case that I felt it was a bad thought but more a case that I wanted to let it stew for a while.
In the past few weeks I have seen and heard lots of discussion in regards to attributes so I thought that this renewal of my thought process would be appropriate now.
The last point of discussion here was the thought that we do need to be able to share data to better identify the rights that someone has within an application or transaction. You will note that I use these words, "rights", "application" and "transaction" loosely and this is quite intentional as I believe the fundamental idea spreads across a broad spectrum of transactions.
When we talk about sharing of data, used to identify users, there needs to be agreement as to how we identify the data that is shared. In today's space this has been accomplished through broad agreement on data dictionaries. Sometimes this is based around specific industries while other times it is based nationally. One of the realizations that has come out of working in this area has been that these specific dictionaries can restrict the use of the technologies to a narrow band of the actual user community. While a financial sector has very specific needs to communicate within its sector it has become recognized that the same community has large interaction with other parties where their "standard" data dictionary is not necessarily understood.
Now it is easy in this case to say that maybe a global dictionary is needed or to rely on a national level dictionary that is driven by government standards or by existing best practices. The issue here has always been one of broad agreement and thereby practically implementable solutions. Generally speaking, the broader the agreement, the less practical it is in terms of it's use.
So let's think about how this has worked in other technical areas. DNS is a good example whereby translation is handled through a set of distributed capabilities. Could this idea also be used with a data dictionary service? Let's think of a "centralized" service that translates attribute schema elements between defined data dictionaries. There is no need to share actual data but a method to ensure that "name" is understood as one party communicates to another.
There are of course lots of specific implementation needs to surround this but I would first like to start the discussion to see if it is a needed model before we get to the specifics of things like, knowing who we are dealing with; protecting any sensitive transaction sets; and modeling an implementation to see what is needed from a management and operational perspective to ensure viability and usefulness.
Your thoughts on this are appreciated.
- Posted using BlogPress from my iPad
