Saturday, August 31, 2024

An Introduction to the Calculus of Identity Management

"Calculus" for many people is a scary word -- it conjures up images of "integrals" and "derivatives" and tortured algebraic expressions that don't quite work out as expected, because of a tiny mistake made three or four lines ago! -- but it doesn't have to be a scary word!

"Calculus" is the Latin word for "pebbles". Why pebbles? Because the antient Romans used pebbles to keep track of numbers as they worked through things. (I tried very hard to avoid saying "calculate things" -- because that would be kindof circular!) Thus, when Sir Isaac Newton and Gottfreid Wilhelm Leibniz developed a way to handle rates of change, it was only natural for them to call it "the Calculus" -- and considering the range of things made possible by the Calculus, ranging from understanding how little particles interact with each other to creating buildings and bridges and flying things to aiming weapons and guiding rockets to the Moon and beyond to coming to terms with the creation and functioning of galaxies of galaxies, it kindof deserves the extra emphasis!

Now, at the moment, I don't want to conjure up the vast power of the Calculus -- instead, I want to call attention to a more humble "calculus", one that was developed in the 1920s by one Alonzo Church. Using only three rules, and a function called a "Lambda", he developed a tiny little theory that, along with Alan Turing's Machine, proved to be the foundation of this tiny little movement we call "computing". Maybe some day it will prove to be consequential ... but in the meantime, I cannot help but be fascinated by how outright powerful these ideas has been in their own little sphere. The Lambda Calculus is the foundation for the Lisp family of computer languages, which are known for their power and flexibility, while the Turing Machine is the foundation of computers themselves, along with ALGOL-based languages that are known for their computing speed and power (albeit at a cost of flexibility).

It is with this in mind that I would like to create a series of posts on what I call "Identity Management Calculus". Perhaps this isn't exactly appropriate -- we don't necessarily "calculate" identities -- but I nonetheless wish to draw on the notion that we can build something pretty incredible from a handful of simple components. The first part of this series would descibe each of these components, and the second will describe some of the many ways these components interact with each other, to make identity, and even "reputation", something that can be managed!

In the spirit of these various "calculus" methods, I will not be discussing how particular algorithms work -- partially because I find them a little intimidating, and partially because I'm not entirely sure if they really matter. In much the same way that using the idea of "gates" made it possible to design computers without knowing what the circuits underneath look like, enabling "computer architects" to design how a computer operates, leaving the actual circuits to electrical engineers who would constantly improve them, my goal is to show how these fundamental bits interact with each other to create powerful methods for establishing identity -- ideas that will work, despite the underlying algorithms used underneath.

I should add that I do not consider myself an expert. To be sure, as a mathematician pretending to be a software engineer, I have had to become familiar with how to manage accounts and protect passwords; however, as I have explored these topics, I have had the impression that too often "cryptography" and "security" focuses on the algorithms, and loses track of how they are supposed to interoperate. I hope to fix that gap -- if for no other reason than I would like to have a reference for myself on this topic!

But there is a second reason I wish to pursue this topic: for several years now, I have been concerned about how much the Internet has fallen into "closed gardens" that leave us vulnerable both to the whims of massive corporate entities and to massive structural failures. In just the last few years, we have seen governments around the world work with world-wide corporations to squelsh speech, and we have also seen large portions of the internet break down because of a single bad setting pushed by a single software engineer. This isn't the internet we were promised!

To fix this, though, we need to find ways to run our own document services, create our own social networks, and index our own web pages -- but we cannot do this when our identities are created piecemeal, with every social media site, every bank, every school, and every forum either asks us to create a new identity, or offers to let on of the three or four internet giants to manage our identity for them. In short, we need a way to personalize and decentralize our personal identities, so that each one of us is responsible for both maintaining our own identities, and for managing the identities of others!

And what makes this decentralization possible, are the fundamental building blocks of identity, and how they interact with each other to make the keeping track of those identities manageable!

No comments:

Post a Comment