these identities. Perhaps the most generic of these dependent aspects of policy is that of authority and authorization. Remember that a necessary facility to be provided within a social ecosystem is the establishment and conveyance of trust. Authentication of identity is one major facet of the trust infrastructure of the system; authorization is a major facet of the policy infrastructure of the system.

Authorization protocols are the mechanisms through which a differential identity, once authenticated, is approved by a sentinel to access through a portal the general interface to content. An interface typically provides a collection of actions that can be applied to the relevant content. A permission to access each action is established for one or more differential identities. There are two distinct facets of authorization processes: first is the establishment of authorization policy, and second is the application of this policy at the point of interaction between the supplicant and content.

Manifestations of Interactions

Successful interactions within social ecosystems typically follow similar processes grouped into informal yet consistent protocols. When interactions go awry, it is often because some aspect of these processes or their grouping protocols is not adhered to with sufficient rigor relative to the interaction’s potential consequences. “I left my keys in the car while I went into the convenience store and someone stole the car!” “The candidate said she was your friend and that you’d vouch for her, so I gave her my recommendation!” “The customer handed me your credit card and said he was you, so I let him charge for a new camera!” Each of these interactions illustrates some rather obvious failings in the application of well understood, albeit ill-defined protocols of human social interactions. The basic problem in such instances derives from this ill-defined nature of the relevant protocols. So, perhaps it would be useful to identify at least some of the more basic elements of interaction mechanics as the opening step in providing a better definition of them.

The first requirement for the conduct of an interaction is the establishment of the framework or the environment for the interaction. This entails establishing between the various parties to the interaction a communication channel that has well defined security characteristics. This is the step that we’re taking when we walk up to the sales clerk in the store and say “I’m ready to purchase these items.” In this environment, we assess the security characteristics of the channel based on personal observation coupled to probable threats. We convey our account number by passing the credit card to the sales clerk. We shouldn’t leave it lying on the counter in view of anyone else standing around. We should be cautious in displaying our checkbook lest someone see it and decide that we’re a good target. Rarely do we think consciously about these steps; they’re just conventions of social processes that we develop over time. And, our establishment of interaction environments extends well beyond the checkout counter of a store. We’re also involved in this activity when we dial a telephone number, or when we walk up to someone on the street and say “Excuse me, can I ask you a question?”

However we begin the process, there’s probably a bit of activity that goes on before we get down to the more serious aspects of the interaction. For example, the other party to the interaction might be currently engaged in other interactions. The sales clerk might say “I’m sorry. I’m still helping another customer. I’ll be with you in a moment.” When we dial the phone, it may be that no one answers at the other end. And, when we approach someone on the street, they may turn and run the moment we say the first word to them. Such is the admonition from our formative years: “Beware of strangers!”

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)