Tuesday, May 23, 2006

Adresses as identity sub-attributes

In a communication space, an address is an identifier assigned to networks, nodes and other entities so that each entity can be separately designated to receive and reply to messages. An address is expressed in a given namespace, which defines a context in which an address makes sense. An address is unique in its own addressing namespace, but is not a globally unique identifier. For example, the address romeo@montague.net represents both the mail address and the JID of a user. This identifier is unique in the mail addressing namespace, as well as in the XMPP addressing space, but cannot be used as a global identifier. An address can be converted into an URI by adding a scheme, extending its unicity as an identifier. The conversion to URI enhance the address globality, but in contrast, removes its ability to route message. In a communication space, URI are static resource identifiers, whereas addresses posses dynamic routing capabilities.

Three of the most fundamental requirements of addressing are the ability to:

  • Provide an abstraction layer capable of representing any actor or entity in a given communication space,
  • Enable this representation to persist for periods of time during which it can be used to reach the resource it represents, and
  • Enable this abstraction layer to be federated across any number of communication spaces.

To meet these requirements, we will follows the architectural principle of semantic abstraction in the communication space: separate non-persistent semantic identifiers (addresses) from persistent abstract unique identifiers(UIDs). In most digital naming systems, a name is resolved directly to the physical location of a resource: a file on a disk, a host machine on a network, a record in a database. In a communication space an address is normally resolved to an identifier, which in turn resolves to the network location of the entity or a node within it.

  • UIDs are persistent values intended primarily for machine use. UIDs are permanent identifiers that can be either local or global in scope, but which never change once they are assigned to an entity. An UID is a URN, i.e., it may expire, but it may never be assigned to another entity. Likewise, if the entity is deleted from the system, the UID used to identify it is removed and never reused.
  • Address handles are non-persistent addressing values intended primarily for message routing use. Address handles typically represent semantic relationships that can change as real-world entity names and relationships change, so they do not have the same persistence requirements as UIDs. Address handles naming is implemented as an attribute abstraction layer on top of UIDs. An address can be directly used in a communication space to route messages, but an address handle also resolves to an UID from which other address handles can be derived for other addressing namespaces.

In a multi protocol communication system, this definition helps define many address handles as attribute of UIDs, and thus provide an efficient address mapping service to the federation gateways. At any time, one of these gateways may query the mapping service to obtain address handles for the target communication space they bridge to. In this context, the UIDs need not be globally unique, as they are only meaningful in the particular communication space providing the mapping service. These UIDs may be created in an ad-hoc way, or may be derived from some identity management system. From a communication space stand point, there only role is to be a unique reference to an attribute registry of address handles. No other semantic is attached to UIDs for communication purposes, although they may possess semantics when derived from an "identity system". But these semantics have no meaning for the communication space, and are not needed to perform the routing of messages. In the end, UIDs may be attributes of an identity reference created for a specific “identity system”. In that case, address handles may at most be sub-attribute of this limited identity representation for the communication space.

Technorati Tags: , , , , , ,

Labels: ,