The Pan-Canadian Trust Framework Using Prolog

A ‘declarative framework’ (such as Prolog) focuses on the ‘what’ needs to be done, satisfied, relied on (i.e., proven to be true) versus ‘how to do it.’ In our case, with the Pan-Canadian Trust Framework (PCTF), it’s the question of ‘Can we rely on or accept a digital identity originating from a province or territory?

Currently, Prolog is used to model AI, machine learning, natural language query (all of which are now again fashionable and actually feasible). I used a variant of Prolog back in my undergrad days, when I took an AI/Expert System grad course and that’s what piqued my interest. I discovered that Prolog is an excellent fit to what we are trying to achieve with the trust framework.

In a nutshell, Prolog provides precise syntax and further formalizes what we’ve already been doing in the Pan-Canadian Trust Framework (PCTF) in terms of ‘goals’, ‘rules’ and ‘facts’. Prolog allows you to specify a set of formalized ‘terms’, or logical propositions that are numbers, atoms, variables, compound terms (which are predicates).

I realized that this ‘declarative approach’ is what we’ve been doing all along with the PCTF, in contrast to ‘imperative approaches’ (how to do it) that other identity management guidance and frameworks do, getting into trouble if the focus is strictly on the ‘how’ without understanding the ‘what’. That’s a problem we want to avoid.

So, expressing the PCTF in Prolog:

  • The PCTF overall context can be modeled as a set of goals, rules, and facts. The main goal is ‘Can we accept this identity? Yes/No’
  • Trusted process outputs defined in the PCTF can be modeled as predicates: currently, we have three high-level predicates: authenticated_user, proof_of_identity, and notice_and_consent
  • Based on these high-level predicates, the question of accepting an identity can be expressed as a simple rule:

trusted_digital_identity_person is true when authenticated_user, proof_of_identity, and notice_and_consent are all true.

Each of these high-level predicates (authenticated_user, etc.), in turn, can be decomposed into lower-level predicates (e.g. unique_identity_information), and rules, which are actually conformance criteria that need to be met for the predicate to hold true.

In the end, the Prolog approach forces a rigour, along with a clearly defined set of rules, all leading to satisfying the goal: ‘Can we accept this identity? Yes/No’. Furthermore, these rules, predicates and criteria are easily adjustable as we test the PCTF operationally, without calling into question the overall soundness of the framework.

I know this all sounds incredibly geeky — we don’t need to force our community to learn Prolog (even though it is really simple) — but it gives us a really powerful tool to specify what we want, leaving the ‘how’ to the Provinces, Territories and our trusted solution providers to determine. The Prolog approach provides us with the precision, and confidence to make declarative statements based on complex evidence without getting lost in the weeds (but without losing the rigour and detail). This will be very useful when we are doing the assessment process, and we, as policy analysts, must provide clear and present advice to our decision makers who need to sign on the dotted line.

Any comments questions welcome. I’ll be talking about this more, during my upcoming SSIMeetup Seminar on January 9th, 2019. Register here.

A big thanks to Twitter follower meme_machines for putting me down this path. Thank you, Christopher!