Systems of Magic, and a request
Dec. 4th, 2008 05:33 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
rising_moonRecently I've read a few excellent fantasy novels which were written around believable, consistent, and reasonable systems of magic. Believable magic is one of the elements that will sell me on a writer. I've enjoyed The Abhorsen Trilogy, by Garth Nix, and, most recently, The Name of the Wind, by Patrick Rothfuss.
I've learned that Brandon Sanderson, who wrote this essay on systems of magic, is going to finish Robert Jordan's 12th and final novel of the Wheel of Time series. Depending on my Lady's response to his work, I might take up the first one. :)
Unrelatedly (maybe): can any of you recommend a good history (articles, blogs, anything) of technical approaches to affixing Identity? That is, assuring that individuals are who they say they are? I'm making a study of transaction psychology -- financial services inclined but not fixed -- and would love some background data on approaches to identity assurance. Thanks!
I've learned that Brandon Sanderson, who wrote this essay on systems of magic, is going to finish Robert Jordan's 12th and final novel of the Wheel of Time series. Depending on my Lady's response to his work, I might take up the first one. :)
Unrelatedly (maybe): can any of you recommend a good history (articles, blogs, anything) of technical approaches to affixing Identity? That is, assuring that individuals are who they say they are? I'm making a study of transaction psychology -- financial services inclined but not fixed -- and would love some background data on approaches to identity assurance. Thanks!
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2008-12-09 04:21 pm (UTC)My rule of thumb is that if an idea can be expressed in terms of an existing ontology, it is refinement (perhaps) to expand it, but the expressive power of the enclosing ontology is sufficient.
But I like set theory, and unions and intersections, and saying "ontology" a lot. :-)
no subject
Date: 2008-12-11 05:00 am (UTC)here's an early example of user-capability security: penelope saying she'll marry whoever can string her missing husband odysseus's bow. she was able to know not only that none of the men likely to vie for her hand could string it, but that none of them could become strong enough to string it within a short time-frame (hopefully long enough for odysseus to return).
one could as well simply ask users to pay a fixed fee to be authenticated. in fact, i bet casinos do some version of this somewhere... and atm enclosures have locks that open if you produce any card with a mag stripe, thereby proving that you have a card with a mag stripe and so might be a customer.
cryptographers do make calculations based on the cost of breaking their systems by brute force. but that assumes there's no flaw in the algorithm. with user-capability authentication, there is no flaw in the algorithm: what you see is what you get. so calculations of how difficult it is to duplicate the authentication ought to be straightforward.
no subject
Date: 2008-12-11 10:57 am (UTC)For any such security requirement (have, know or are) there are always two ways to overcome it. One is to fake or have the credential, the other is to suborn the system. One of the touted strengths of biometrics is that the "cost" of faking the credential is very high - unlike a physical key or fob or something, and certainly higher than a simple password.
I really do continue to see the performance-based metric as being an intersection of Are and Know, and no breaking into new ground. Penelope was always asking them to change "what they are", using a process that made it harder to suborn. Then again, it is just the same as swiping a fingerprint under the eye of a guard - you can't use a mock-up.
no subject
Date: 2008-12-11 04:45 pm (UTC)i'm going to ignore "suborn the system," because that's a danger with any system, as you say.
in short, the minimum cost of faking a biometric credential is harder to bound than a capability credential, i think. (i may have to think about this more. the classic police field tests for drunkenness ought to count as capability credentials, and they are known to be fakeable with some not-well-known cost. hm. but in general i think it holds.)
cost of revocation or change is complicated. it's not like changing your fingerprints, but you probably picked the particular cabability credential you did because it met a bunch of constraints, and they might be hard to satisfy with a different credential. you might gloss it by considering it to be the same as switching to a different biometric-- like changing all your locks. very expensive. on the other hand, some might be easy to change: "shibboleth" was another classic capability credential, and if it were found to be too easy to fake, maybe it could have been replaced by some other word that was even harder. maybe.
anyway. i think capability credentials work particularly well in situations where what you care about is really just that the authenticated person has some quality that's inherently associated with the capability you're testing-- like requiring them to pay a fee in order to prove they have money. i think at some levels of analysis they can of course be considered "having a secret" (at that level of analysis, "what you are" and "what you know" are the same, also), but i think they differ from other forms of authentication at lower levels of analysis in ways that are interesting.
no subject
Date: 2008-12-11 04:55 pm (UTC)but they still work great for situations where what you actually care about is not specific identity, but that the person authenticated *have* a capability that's associated with the one you're testing, i think.