[
Lists Home |
Date Index |
Thread Index
]
Jeff Greif wrote:
> The "cartelization" being described makes Joe authenticate himself with System
> A, in order to use the trust relationship between System A and System B to
> examine your medical records (after System B verifies that System A has a
> right to look at your records because it represents the designated insurance
> provider). Is there something nefarious about this? Would you prefer it if
> Joe could access your records without this level of security?
Hi Jeff.
Questions of whether this is nefarious I shall leave to others. The question of
whether this is cartelization, however, you seem to have answered yourself with
this very example. As you illustrate, Systems A and B have apportioned between
themselves, and between themselves exclusively, the entire functionality, as
they understand it, of authenticating and authorizing users (and the very term
'trust relationship' which you use has equally, and ambiguously, both the
meanings 'mutual reliance' and 'collusion in cartel' [as criminalized by the
antitrust laws]). Your example demonstrates a priori agreement on a) the full
scope of the functionality involved; b) the comprehensive list of participants
who will execute any of that functionality; and c) the precise division of
that functionality between the identified participants. Those three criteria
define cartelization.
I would ask you to contrast that cartelization with the truly distributed
functionality which I propose, in which no process executes its functions in
anticipation of how, or by what process its output or data product will be next
used, nor to what purpose. Your System A acts in specific anticipation of how
Joe will use the outcome of the authentication process to gain access to the
specifically understood relationship between System A and System B. Designed as
truly autonomous, distributed processes ('web services') System A, proxying for
the health insurance provider, would make data which it publishes available to
Joe solely because of who Joe is with respect both to System A and to the data
he seeks, just as System B would make its particular output available to him.
For purposes of the transaction which Joe synthesizes in this instance, the
nexus between Systems A and B is not a priori, but is specific to this instance
and is established by this identifiable, isolatable, auditable act of Joe's.
Instead of Joe as supplicant before the public interface presented by one
process of the cartel, hoping that he can summon its functionality by incanting
the required form, Joe is instead the prime mover of a particular transaction,
the input data needs of which he satisfies by doing simple GETs of the published
outputs of RESTful nodes, and then synthesizing that data through his particular
expertise into a unique transaction.
Respectfully,
Walter Perry
|