• United States

Identification using group membership and roles

Aug 18, 20034 mins
Access ControlEnterprise Applications

* You can be a member of a group, yet hold many roles

The great thing about analogies is that they allow you to grasp an essential idea using terms and examples you are familiar with. The tradeoff is that the analogy doesn’t bear close examination. Responses to last issue’s analogy, which used the holding of a charge/debit card as an illustration of the identity management concept of “persona,” drew three responses that group into three general areas.

First, of course, are the responses that claimed that this was a fantastic use of analogy (thanks mom!). Some, however, thought that the analogy actually better illustrated group membership. That’s true, and I should have mentioned that membership of a particular group could be one way of specifying a persona. Roles (e.g., “manager of the IT department”, “youth soccer coach”) and group membership (e.g., “American Express card holders,” “subway riders”) are frequently used to differentiate among the personas available to a particular individual.

There is, in fact, a tendency to gloss over the differences among the terms persona, group member, and role. But they are different, so it’s good to get those differences down in black and white. Of course, your idea of the differences could differ from mine but before we get too esoteric or metaphysical about it I’ll give you my basic definitions so we’ll at least have a shared understanding of what I’m talking about.

Group member is fairly easy to understand. While it’s possible to have a group with only one member, it’s either a temporary occurrence (waiting for others to join the group) or a misuse of resources. A group’s members have something in common: they all hold the same charge card; they all are sophomores at Central High; they all drive Ford Mustangs; etc. Group membership is useful for distributing access to resources because it’s fairly easy to determine the aggregate needs of the group members relative to the group’s purpose – Amex holders need places to use the cards, for example.

Roles have an apparent similarity to group membership in that there can be numerous people filling a particular role. But there can also be a single individual holding multiple roles. In that case, the individual is usually in a role for a finite period of time. John Doe could have a group membership in the Republican Party of California while also filling the role of California gubernatorial candidate. Just because there are over 130 people in this role, some may want to call it a group, but the limited, finite nature of service in that role is what makes the difference.

A persona, on the other hand, always refers to a single individual. A persona is one facet of the individual’s identity. It can be defined simply by an individual’s membership in a group or filling of a role. John Doe has a persona as an America Express cardholder. He also has a persona as an IT department manager. If John uses his Amex group membership while filling the role of IT manager then the two personas overlap which could possibly form a third persona. (I don’t think a “one time use” constitutes a new persona, but others may differ on that). John Doe’s persona as an Amex cardholder is not equivalent to Jane Roe’s persona as an Amex cardholder. While both have the same group membership, their personas are made up of other things which include, but aren’t defined by, their holding of an American Express card.

Arnold Schwarzenegger is a man, an actor, a Republican and a candidate for governor of California. Georgy Russell is a woman, a programmer, a Democrat and a candidate for governor of California. We’ve defined them by group (man, woman), role (actor, programmer), group (Republican, Democrat) and role (gubernatorial candidate). They share one role but their political personas (Democrat-candidate, Republican-candidate) are different as are their public personas (sex-job-party-office sought). I’m sure they have other personas that are quite different.

Looks like I’ve run out of time, so I’ll continue next issue with the other objection to last week’s analogy before finally moving on to the “yacht club scenario.”