These Services are delivered through dynamic value-chains formed by loosely-coupled partnerships among communities of suppliers, partners and customers. The business unit on this unified network surges from the number of network nodes to a higher dimension - to the number of potential connections; for that is the upper bound for the total transactions that can take place and hence a measure for the total value created or exchanged.
Transactions across domain or trust boundaries, between previously-unrelated end-points, become the most efficient value generator. AmSoft's role is to help harness this potential value that lies untapped today because of three key deficiencies:
>> Lack of Trust between end points
>> Lack of cross-domain Interoperability
>> Lack of a Control layer that spans across network boundaries
Recognizing that Identity is the critical enabler for cross-domain transactions, AmSoft structurally solved these three related problems by pioneering a new technology framework - an identity-enabled services delivery platform for the Trusted Exchange of data and services.
This public-domain standards based, open and interoperable platform makes it possible to unleash the latent value in today's networks --Telecom,Mediaand Enterprise (such as Supply Chain, Financial or Health Care) -- by enabling anonymous, pseudo-anonymous, veronymous as well as transactions between explicitly identified identities.
At an abstract level, any transaction is ultimately between two identities and unless they can be strongly associated with concrete, physical identifiers, there is no way to maintain trust in the network. Theoretically, it is as simple as implementing a directory within a domain, or a meta-directory for multiple domains but, in practice, trust does not transcend domain limits. Approaches such as User Management and SSO do not provide delegation & fine grained control when applications, users, services and data are distributed across trust boundaries.
This is because the user, data and service identifiers are established on a per-application basis. So they are applicable in a given context (such as a mobile telephony application) but may not work in another context (say, web services). Today, we use a variety of mechanisms for identification, including e-mail addresses, IP addresses, phone numbers, and other identifiers that are specific to one means of interaction (such as IM or Skype) but none of them is persistent across the many different ways that people, applications, and devices can communicate, and so, they can't be taken as proxy for someone's real identity.
A uniform abstract identification layer can solve this problem both for the addressees (who don't need to constantly change their published addresses/interfaces), as well as for the addressors,(who don't need to constantly update their local references). AmSoft is a contributor
to,and an evangelist for the OASIS standard XRI (Extensible Resource Identifier) -- an abstract identifier framework that solves trust, privacy and identifier related problems. AmSoft leverages the XRI's capabilities in its identity-centric products and solutions to enable trust that is a pre-requisite for transactions.
XRIs build on top of the existing URI and IRI syntax to provide abstract identifiers that are independent of a specific network location, a specific directory, database, or repository that might store a resource at a specific point in time. They are also independent of a specific application, specific domain, authority, or owner that may be responsible for creating, maintaining, or processing a resource, independent of a specific semantic label or descriptor, which may be associated with a resource at a specific point in time.
Back to top
The key problem in systems integration is also one of the pervasive problem in network transaction: the cross-context mapping of resources and data so that
they can be shared and consumed and understood beyond the local domain. Since resources are only identified in a local context, each additional system with which they must be shared requires an additional mapping between the two contexts. This pair-wise mapping problem grows geometrically with the number of resources and the number of systems involved. Establishing a shared abstract identifier collapses the n^2 mapping problem into a much easier n-1 mapping problem.
Further, this pair-wise integration of resources is what makes an IT Infrastructure brittle and very expensive to maintain or adapt. This is particularly true of resources whose primary purpose is to establish shared semantics across systems, e.g., data interchange schemas, dictionaries, taxonomies, ontologies, etc.
AmSoft leverages the ability to share persistent identifiers (XRIs) across all contexts (cross-references) to enable network communities to share semantics and exchange value without pair-wise integration. All this while providing identity-enabled security and control capabilities.
Back to top
Data and Services are like currency -- they cannot be easily exchanged or flow across domains in physical form. Therefore, to create value, like currency, they must be represented logically and exchanged through the ecosystem. To exchange value (as data or service), the network needs to be able to strongly associate data with the identity responsible for it. Without this strong association, there is no way to maintain trust in the system.
XRIs provide an abstract identifier framework to solve the Trust related issues but there is another pre-requisite before exchange can take place - Control! If there were no control over the logical currency that moved across the network, people would exchange it physically and not logically. The same control must extend to logical data and services on the network. But today, the more we share, and the further data or an object moves away from us, the less control we have And control is more than just Access Control - who can get this data or access this service? And the next four layers of the control hierarchy are as important but much harder to implement logically:
- Usage Control - for what end use will the shared data be used?
- Privacy Control - what will this data NOT be used for? Who will you NOT distribute it to?
- Synchronization Control - how will multiple copies and versions of the data be kept synchronized once it crosses domain-boundaries
- Expiry or Recall Control - the ability to recall or invalidate data that was shared earlier
Today, only access control is implemented on the wire and the other controls are implemented using physical constructs such as legal contracts and agreements such as non-disclosure agreements. There is no technology that can deliver boundless sharing capability along with unlimited control and therefore data sharing and control are two divergent goals - the more you share the less control you have.
But it need not always be so,AmSoft has been working in developing a holistic framework that leverages Identity technology. As a pioneer in contributing to the public domain and interoperable standards for OASIS such as XRI and XDI , AmSoft has come up with a structural solution to Sharing with Control - ProIdentity. This open standards-based identity-centric platform provides organizations with the foundation for any SOA infrastructure by providing a common data representation, description, and assertion framework for all data and services.
Back to top