Within eSSIF-Lab, we maintain a set of mental models, which we also call patterns, which are descriptions, both casual and formal, of sets of concepts (ideas), relations between them, and constraints, that together form a coherent and consistent 'viewpoint', or 'way of thinking' about a certain topic. They have been crafted so that they may serve as a basis for architecting, desiging, and implementing IT components and their governance processes.
One might think that everyone has their own mental models, and uses them to make decisions, make sense of the world, etc. Any mental model that helps a person cope in the world is ok. For example, the ancient Greeks had a mental model that said the earth is at the center of the universe, and the sun and planets somehow revolve around it. Further development of the model allowed them to compute planetary positions, which played a role in fortune telling and therefore was considered important. Doing this is very complex. In the 16th century, Copernic revolutionized science by stating that the sun, rather than the earth, was at the centre of the universe. It wasn't like he changed the universe itself - he only changed the frame of reference, the perspective, i.e. the mental model that he used to look at, reason with, and explain the universe. Copernic showed in a dramatic way that changing one's perspective can have very profound consequences.
Most changes of perspective do not have such large effects. If he had proposed to put Jupiter at the centre of the universe, or the moon, he would have ended up with different mental models, but the complexity of computing planetary positions would have remained equally complex. Changing ones point of reference to the sun, however, made things much easier: planetary trajectories could now be seen as simple ellipses, with the sun positioned at one of the folcal points.
'Mental modeling' is the art (yes, as far as we know it's not a science) of creating models that make things easy. It's like 'searching for the sun'. We have been mental modeling artisans for several years now, and we have come up with models that are stable, in the sense that we have been using them and have found them to be quite helpful. Also, we have slightly less mature models, that need to be used in practice to see how well they work. And we have some models that we are in the process of describing, which we present here as ongoing work.
These are models that are mature (stable). They have been applied during several years in various circumstances, and have shown to be valid (when consistently and consequently applied). Therefore, they are proposed for widespread use (and further evaluation/validation).
The Parties, Actors and Actions pattern captures the foundational concepts and relations that we need for thinking about how things get done. It answers questions such as: 'Who/what does things?', 'How are their actions being guided/controlled?', 'Who controls whom/what?', 'Who/what may be held accountable?'.
Models under review
These are models that we think go a long way to being mature, but may contain flaws we haven't detected yet.
- discusses difficulties that exist with the various/numerous meanings of the term 'identity',
- postulates a definition for identity that relates to what a person or another entity actually is,
- shows that it is comprised of partial identities that are the actual artifacts we need to focus on in SSI contexts, and
- shows how this relates to (attributes in) credentials.
The envisaged Managing and Governing Pattern will explain how parties organize that their objectives are realized, either by doing the associated work themselves, or by arranging for other parties to do that. The contribution of this pattern is to show how this is done, based on the idea that every objective has a single party that owns the objective.
These are placeholders for models that we think we could document, but haven't come around to doing.
The envisaged eSSIF-Lab Identity Pattern will describe the concepts and relations that help to explain the mechanisms that a party uses to identify entities, and mechanisms for communicating with another party such that both parties can identify an entity and know whether or not they identify the same entity.
The envisaged Decentralized GRC pattern will describe how parties can set objectives, and pursue them to be succesful. The latter means that the party must be capable of assessing and managing the risks associated with not realizing them. In a decentralized world, this means that it needs to depend on other parties, that may or may not be too reliable. Also, it means that the party must be able to set and realize objectives to satisfy requirements of other parties (compliance).
The envisaged Mandates, Delegation and Hiring pattern will capture the ideas behind Mandating, Delegating, Hiring and their relations. It will extend the Parties, Actors and Actions pattern with concepts that describe how the ownership and
works for relations between parties and actors are to be (de)populated, and how to determine for party the actor is working as it executes an action.
The envisaged Duties and Rights pattern will describe the relations between jurisdictions, legal entities and the duties and rights they have within them. This pattern will be based on the theory of Hohfeld.
The envisaged Decision Making pattern will describe how parties would, could, or should reason in order to reach good conclusions and make good decisions. This can be used as a basis for understanding the information needs of parties as they need to decide e.g. whether or not to commit to a transaction proposal, or whether or not data is valid for some purpose. The pattern is based on Toulmin's model for reaonsing (of which a pragmatical text can be found here).