MIT ID Attributes

UPDATED: 4/9/1998 MIT ID Home Page

Attributes of the MIT ID

The following MIT ID attributes were described in the 1994 design document People Related Projects by Scott Thorne, the MIT Data Administrator, and have been reworded in this document for clarification. These attributes form the basis by which the MIT ID may be used as an Institute wide identifier (See the document The History of the MIT ID). As the MIT ID becomes more fully deployed across Institute computing systems, MIT Data Administration will help departmental teams design solutions to clean up data problems which violate the MIT ID attributes.

UNIQUE: Each MIT ID must uniquely identify a single individual across MIT computing systems. No two distinct individuals can have the same MIT ID even if they only appear in different systems. As a unique identifier the MIT ID should not be reused unless it can be determined that no Institute systems, including backups and archival data contain the MIT ID. Multiple people with the same MIT ID cause "Duplicate MIT ID" data problems (See MIT ID Data Problems: Duplicate ID Problem).
DISTINCT: Each individual should have a single distinct identifier to be used across Institute computing systems. This identifier will be used as long as the Institute has need to retain records about the individual. A separate number (non MIT ID) may be used to identify individuals within a given system; however that system will need to maintain a mapping between its internal identifier and the MIT ID. A person with more than one MIT ID results in "Multiple MIT ID" data problems (See MIT ID Data Problems: Multiple ID Problem).
RANDOM: The MIT ID should have no implied meaning encoded into it and may not be equal to a person's Social Security Number. It should not be possible to assertion any personal information about the individual to whom the number is assigned nor to determine the approximate creation date of the MIT ID. When a person's status with the Institute changes there should be no reason to change or remove the MIT ID.
PUBLIC: The MIT ID must be considered public data so that any Institute system authorized to assign MIT IDs can search against and find existing MIT IDs. While a person's MIT ID is not considered confidential, the ability to lookup another individuals MIT ID is restricted to authorized users. Since the MIT ID is not confidential, Institute systems should not use the MIT ID by itself for authentication purposes; simply obtaining someone else's MIT ID should not enable a person access to Institute resources. Additional authentication and authorization mechanisms should be used such as Kerberos, MIT Certificate Server and Roles Database.