The Problem of Categories

Existing categories can make understanding the identity paradigm difficult. But as networking dissolves current paradigms, those categories are evolving - as they must.

The ultimate mission of the evolution of networked computing can be summed up in the phrase "anytime, anywhere, from any device - but also reliable in performance and behaving only as expected." Identity provides a paradigm for networked computing rooted only in applications, data, and those who use them.Many implications flow from this mission, and progress towards this goal is taking place today on many fronts simultaneously. This can make relating to and maintaining a working understanding of what is happening quite difficult.

People comprehend and relate to complex systems like network infrastructure and the behavior of dynamically distributed applications by developing models (or paradigms) that let us feel connected to what is happening well enough to predict how it (and we) will be affected by various activities. We then refine those paradigms into buckets or categories that let us work with the pieces while still feeling we are staying in touch with that overall picture.

Nearly all of our existing paradigms for relating to IT infrastructure, however, tend to be "rooted" or "anchored" in either devices or physical locations. If we succeed in making every one of those anchors irrelevant, then a new paradigm is needed that doesn't require those anchors to let us effectively relate to the global network and the parts of it we are dealing with. We do need some anchor, however, otherwise we will remain adrift and make mistakes as we approach the problems we are called upon to solve.

This is where identity comes in, by providing a paradigm through which network computing can be understood that is rooted only in the applications, data, and those who use them. The identity paradigm builds downward from those anchors to a given device or sub-technology, thus identity is a paradigm that can survive having everything "pulled loose" from its current moorings. And since making those moorings irrelevant is the mission, we need such a paradigm to regain firm footing as network effects work their inevitable evolution on computing.

If identity is a unifying construct, however, it is also one that tends to reorient us at a high level around a very different view of the computing structures we are building. This essentially top down paradigm can make it tough to keep all the details that are involved in producing the desired results in focus and properly related to the bigger picture. People tend to deal with this by developing categories for various parts. These categories allow us to stay oriented when we need to drill down to understand or alter some particular behavior of the network.

This process is very effective at letting us both understand a paradigm and also organize our work and skill sets around the task. But while this process of creating categories lets us relate easily to very complex things with many moving parts that are all in motion simultaneously, it also makes it difficult to change paradigms when we need to. A new paradigm will almost certainly demand a new category structure.

So as a paradigm shift occurs, the very categories that brought us order and organization become barriers to our understanding and adaptation to the new paradigm. We have seen this in identity for many years now, as identity technology and identity management concepts have been stuck in first one and then another category based on existing paradigms rather than coming to have their own category structure.

Fortunately this is finally beginning to change. Through the addition of higher level categories like identity management, provisioning, collaboration, etc. we have opened up space for the new paradigm to get traction. By morphing older categories into areas like application security, identity assurance and authentication, etc. we become slowly able to let go of the older paradigms from which they arose. Then as concepts like risk management and compliance enter the IT world as requirements, we can re-knit a fabric of categories around the identity paradigm that will fit the new environment.

We are early in this process, but it is well underway. And now it is time for far more people to realize that the paradigms they use to relate to networked computing must shift and the categories must broaden and change. Technology is always evolving, and keeping up is a key part of staying in the game.

Identity is the new frontier of computing, and most of the tremendous value computing promises will only be unleashed when this paradigm is understood and the results of that understanding integrated into nearly all parts of the computing landscape.