A digital identity is a record in an information system that represents a person, organisation or thing.
A digital identity carries both explicit and implicit information.
Digital identities may be static or dynamic.
Explicit information is information that is recorded in the digital identity record and to which we can refer by reading that record.
The explicit information in a digital identity is made up of encoded facts called attributes.
In the case of a person, we can readily observe that there are different kinds of facts. For example digital identity records frequently include commonplace, contingent, but non-arbitrary facts such as the person’s given and family names, their date of birth, or nationality. They also tend to include contingent arbitrary facts like a tax file number, a drivers license number or a an employee identification number. Lastly, a person’s digital identity record may include intrinsic facts such as their sex, height, eye colour or even finger prints.
In the case of organisations and things we can observe a similar taxonomy of facts. In those cases, however, the facts will be things like the registered company name, its tax office business number, an ICANN domain name, a DNS entry, an IP address, a Network Interface MAC address or even an operating system process ID.
In all cases, to be part of a digital identity, these facts have to be collected, and encoded as an attribute in the digital identity record.
Implicit information is information that is encoded into the context of the digital identity record and which can be inferred, or derived, from information form that context.
Implicit information is essential for digital identities and is deliberately encoded into most digital identity systems by:
- Storing a digital identity record in a data-base of similarly formatted records, all of which represent a set of persons, organisations, or things with some meaning in common.
- Factoring a digital-identity data store into either inclusive or exclusive collections of identity where some fact about that identity is represented by membership in that collection, but not encoded within the digital identity records themselves.
- Ensuring that at least one attribute in a digital identity record is sufficient to differentiate each digital identity record from all the others.
Implicit information is no less important to the value of digital identities than explicit information. Most digital identity systems, and the services they provide would not be possible without careful consideration for the production and use of implicit information.
Static and Dynamic Information in Digital Identities.
Digital identities are static when the facts that comprise them are compiled into a record at one time, and then stored for use at a later time. Static digital identities may, of course, be changed, However, they are not changed when they are being used.
Digital identities are dynamic if the facts that comprise them are obtained and composed, often from multiple sources, at the time they are being used.
It is unlikely that a digital identity is ever entirely dynamic. When an event-driven composition of a digital identity is undertaken, it is usually augments a static identity with additional facts that are relevant to the way in which that digital identity is being used.
Because a digital identity is information encoded in a record, the design and population of that record with facts is entirely arbitrary and subject to the same variations in utility and warranty as any other built artefact.
What facts, how many and by what means they are collected, verified and made available are design choices.
Digital identities and digital identity data bases may be well designed or poorly designed. Likewise, there is, and can be no normative description of the facts that naturally represent either a person, an organisation or a thing. In many systems and organisations, digital identity records accrue additional facts over time and in some circumstances can number in the hundreds.
It is sometime arguable that not all the facts compiled in a given digital identity record actually describe in anyway the party the record is intended to represent.
Whether a fact does or does not legitimately represent a party is ultimately determined by the uses to which it is put. See Why we need digital identities?