The practice of conceptual modelling is to a large extent concerned with the representation of the social and institutional reality. Much research has been devoted to the study of the processes through which institutional reality is created by means of communicative acts. Other research has investigated the structure of the institutional reality in terms of rights, obligations, roles, positions and related notions. One topic, however, in need of further work concerns the informational and physical underpinnings of the institutional reality, which are needed not only for constructing but also for maintaining it. This paper presents a conceptual model that shows how institutional phenomena depend and build on informational and physical structures. In particular, the paper highlights the role of information registries for maintaining and upholding institutional reality over time.
Conceptual modeling addresses physical reality, but it is to an even larger extent concerned
with the social and institutional reality, as suggested by [
There exists much work on processes for creating institutional reality, [
The structure of the paper is as follows. Section 2 provides a background to institutional theory and institutional ontology. Section 3 discusses standards and ontologies on information, focusing on SBVR and the Information Artefact Ontology, that are used as a basis for the proposed conceptual model. Section 4 presents the proposed model, while Section 5 outlines our plans for validating it. Finally, Section 6 summarizes the paper and discusses a number of open issues.
Institutional theory, particularly neo-institutionalism, is one of the most important theoretical
perspectives in management and organizational research, [
One of the pioneers in the area of institutional ontology is John Searle who has investigated
how institutional reality is constructed by means of speech acts. Searle acknowledges that there
is a material world that exists independently of human beings and their beliefs, and asks “how
can we account for social facts within that ontology?”, [
Key notions of an ontology of institutions are institutional entities, institutional relationships
and institutional agents. These are shown in Fig. 1, which is a small and simplified fragment of
the ontology presented in [
Our conceptualization of information relies primarily on two sources: The Semantics of Business Vocabulary and Business Rules (SBVR) and the Information Artifact Ontology (IAO).
SBVR is a standards specification that is to be used for documenting the semantics of business
vocabularies and business rules in order to enable and facilitate the exchange of such vocabularies
and rules among organizations and between software tools. SBVR provides “an unambiguous,
meaning-centric, multilingual, and semantically rich capability for defining meanings of the
language used by people in an industry, profession, discipline, field of study, or organization”,
[
The theoretical basis for the linguistics-based architecture of SBVR is the semiotic/semantic
triangle, also known as Ogden’s triangle, [
The sides of the semiotic/semantic triangle describe the relationships between meanings,
things and expressions. A meaning corresponds to a thing, i.e “the thing is conceptualized by and
is consistent with the meaning”, [
There exist several specializations of things as well as expressions and meanings. Two kinds
of meanings are concepts and propositions, where a concept is a “unit of knowledge created
by a unique combination of characteristics”, [
The Information Artifact Ontology (IAO), [
A key notion in the IAO is the Information Content Entity (ICE), which is defined as “an entity which is (1) generically dependent on (2) some material entity and which (3) stands in a relation of aboutness to some entity”. Some examples of ICEs are natural language statements, DNA sequences and pdf files. An ICE is generically dependent on some material entity, meaning that an ICE can exist only if there is another material entity that carries it, but it is not required that this entity stays the same over time. In other words, the ICE can migrate over diferent material entities. For example, a pdf file is dependent on some but not any specific memory store — it can migrate from one memory store to another while continuing to exist. However, whenever an ICE appears in a particular spatio-temporal location, it is dependent on a specific material entity, e.g., when an SMS is read it is dependent on a specific mobile phone. In other words, the SMS is concretized in the mobile phone. Another example would be a statement that is concretized in a pattern of ink marks on a specific piece of paper.
In order to capture the notion of concretized ICEs, the IAO introduces the notion of an
Information Quality Entity (IQE), which is defined as “a quality that is the concretization of
some Information Content Entity”, [
As stated above, an ICE is about some entity, for example, a certain car, a person or a state of afairs. Thus, the aboutness relationship in the IAO corresponds to the denotes relationship in SBVR.
This section introduces a model that shows how institutional phenomena are created through
language acts and maintained over time through information registries, see Fig. 3. (The model
will be referred to as the CMIR model, Construction and Maintenance of Institutional Reality.)
The starting point is that people create institutional phenomena by enacting institutional
processes consisting of institutional acts. These processes and acts can be described and
understood in terms of their efects on the institutional reality, indicated in Fig. 3 by them being
placed on an institutional layer. However, in order to realize these processes and acts, people
need to perform information acts, similar to speech acts, [
When institutional phenomena have been created, they will continue to exist only if there are memory traces of them. Such traces could sometimes reside in the brains of people. Still, in most institutional contexts, it is required that they are externalized so that they can be easily retrieved and objectively inspected. Therefore, there is a need for information registries that can store information that provides evidence for institutional phenomena. And this information has to be physically represented on some storage medium, such as paper or flash memories. Thus, similarly to acts, registries can also be identified on the three layers of institutional, informational and physical. In the rest of this section, we fill in the details of the above outline by describing the CMIR model shown in Fig. 3.
Institutional phenomena exist if and only if they are created and maintained by institutional agents. In particular, an institutional phenomenon exists only as long as some institutional agent certifies that this is the case. For example, a Swedish citizen exists only as long as the Swedish Tax Agency so certifies. The CMIR model shown in Fig. 3 allows for institutional agents to certify institutional facts, which are facts (true propositions) about institutional phenomena. And these institutional facts are represented by institutional statements that are contained in information registries, as described below.
Recall that a statement is an expression that represents a proposition. For example, the statements “John is married to Mary” and “Mary is married to John” both represent the same proposition, which is true if and only if it holds that there is a marriage between John and Mary. A statement, like any other expression, is an abstract object, meaning that it has no extension in time and space. However, there can exist persistent, physical patterns that constitute physical tokens of statements, called inscriptions. An inscription can be an electric field of a flash memory, a pattern of ink dots on a piece of paper, or a pattern of paint marks on the surface of a trafic sign. The CMIR model distinguishes between the inscription, i.e., the pattern of physical qualities, and the physical substrate, i.e., the physical object carrying the inscription. In the examples above, the flash memory, the piece of paper and the trafic sign are all physical substrates. Thus, inscriptions correspond to IQEs in the IAO, and physical substrates to information artifacts.
A collection of inscriptions can be kept in a physical registry, which is a physical object that is able to store and retrieve inscriptions. It consists of physical substrates that carry inscriptions as well as components that enable storage and retrieval actions. For example, a physical registry could include hard disks and other forms of media storage as well as processors and presentation devices.
By abstracting from the specific physical properties of a physical registry, it is possible to introduce a notion of a registry that focuses on its functional capabilities, in particular, what statements it contains: an information registry is a system that can store, retrieve and present information in the form of statements. The relationship between information registries and physical registries is analogous to the one between ICEs and IQEs in the IAO. In other words, an information registry contains statements and is generically dependent on some physical registry that contains inscriptions that are tokens of these statements. But it is not necessary that the physical registry stays the same over time; it is only required that at each point in time, there exists some physical registry containing the needed inscriptions. For example, an information registry can at one point in time be based on a particular configuration of hardware and at another point in time on another configuration of diferent hardware, while still maintaining its identity — what matters is not its underlying physical structure but the functional capabilities of the information registry.
An information registry can be used for diferent purposes, including entertainment, personal bookkeeping and systems development. However, information registries are often used for institutional purposes, meaning that they contain institutional statements, i.e. statements that represent institutional facts that are about institutional phenomena. For example, an information system of a bank would typically include statements that are about bank customers, accounts, balances and transactions, which are all institutional phenomena.
As will be seen below, institutional phenomena come into existence through institutional processes. But in order for an institutional phenomenon to continue to exist, there needs to be an institutional statement that represents its existence, thereby providing evidence for it. For example, an account in a bank continues to exist only if there is a statement that represents this fact. Furthermore, it is also required that the statement be contained in an oficial information registry that is authorized by some trusted institution, e.g. the bank that provided the account. In other words, the account will exist if and only if there is an information registry authorized by the bank that states that the account does exist. Generalizing, an information registry that is authorized by some institution is needed for upholding the existence of institutional phenomena. Such an information registry will be called an institutional registry. And the institutional statements in it will be said to record institutional phenomena, i.e. provide evidence for them, thereby maintaining their existence.
In order to create or modify institutional phenomena, institutional agents enact institutional processes. An institutional process consists of a sequence of institutional acts, where an institutional act is an act performed by a single institutional agent with the intent to contribute to some institutional efect, i.e. to create, delete or modify some institutional phenomenon. An example of an institutional process is a wedding ceremony, in which two persons to be married and a wedding oficiant participate, and together they carry out a number of institutional acts, which result in the creation of an institutional relationship, a marriage.
Institutional acts are realized through information acts, where an information act is an act that collects, transfers, processes or registers information. For example, during a wedding ceremony, a participant can perform the information act of transferring information by saying “I do” through which the agent also performs an institutional act. It can be helpful to distinguish between four kinds of information acts. An information collection act is an information act in which an informational agent makes some information available to itself in the form of an expression. The agent can do this by reading the expression as it has been documented or by directly perceiving its environment. An information transfer act is an information act in which one informational agent makes some information available to another informational agent. An information processing act is an information act in which an informational agent processes information, e.g. by performing some computation on a number of expressions. An information registration act is an act in which an informational agent stores a statement in an information registry. Agents that have the capability to perform information acts are called informational agents.
Information acts are realized through physical acts, where a physical act is an act that influences physical objects by changing their structure, mass, energy or position in space. And an informational agent is grounded in a physical agent, which is a physical object that has the capability to perceive its environment through sensors and act upon it through efectors. At each point in time, an informational agent is related to exactly one physical agent but over time the physical agent can vary.
The CMIR model aims to show in what ways institutional phenomena are dependent on and grounded in informational and physical structures. The model highlights the role of information registries for maintaining and upholding institutional phenomena over time and over organizational, national and institutional borders. The latter presupposes that communication and interaction between institutional actors take place according to well understood and standardized patterns. To ensure that the CMIR model supports these goals, we plan to carry out an analysis based on a case from the domain of open banking, which is a practice of high complexity regarding institutional as well as informational aspects. Below, we outline how we intend to perform this analysis and also indicate some preliminary observations from such an analysis; more work is needed for a complete validation of the CMIR model.
Open banking is a banking practice that gives third-party financial service providers access to
the transactions and accounts of bank customers. These institutional entities have their origin
in the digital infrastructure controlled by financial organizations, and they are accessed through
the use of APIs. Open banking allows the networking of accounts across organizations for
use by consumers, banks, and third-party service providers. To support Open banking, the EU
published a directive, [
When designing new institutional entities, software and digital agents of the Open banking
digital infrastructure, a designer needs to analyze what is meant by the institutional concepts
used in the PSD2 directive (EU 2015/2366), as well as the accompanying Berlin group standard
(Berlin Group 2018), [
In the following we will map the classes in the CMIR model into key PSD2 concepts in order to gain knowledge of what the PSD2 concepts mean in terms of institutional and informational notions.
The small case study aims to evaluate the suggested model with respect to its ability to
represent and explain key PSD2 concepts, more precisely to identify what possible representational
deficiencies, [
The central theme of PSD2 is to provide regulations of new services to be operated by ThirdParty Payment Service Providers (TPP) on behalf of a Payment Service User (PSU ). For example, PayPal (a TPP ) can ofer payment services through which an individual or an organization (a PSU ) can transfer money held in accounts in a bank.
To provide the new services, a TPP needs to access the account of the PSU, which is maintained by an Account Servicing Payment Service Provider (ASPSP ), usually a bank. An ASPSP must provide an interface (called a “PSD2 compliant Access to Account Interface” a.k.a. an “XS2A Interface”) to its accounts to be used by a TPP for accesses, which are compliant to and regulated by the PSD2 directive.
Realizing the payments services requires software, called Applications, that shall be provided by both the TPP s (versus the PSU s) and APSPSs (versus the TPP s) — the latter is referred to as ASPSP Applications.
(ASPSP) Applications with related functionality are grouped together into an XS2A Interface, which facilitates the management, publication, and discovery of the ASPSP Applications. When implementing and publishing its ASPSP Applications, an ASPSP must adhere to several rules defined in the PSD2. Doing so ensures that diferent ASPSP s will provide uniform naming and access, as well as consistent semantics to their ASPSP Applications, thereby facilitating communication within a digital infrastructure. To express and organize these rules, the Berlin standard introduces the notion of an API Access Method, which works as a template for ASPSP Applications. An API Access Method specifies a name and a description of its semantics.
An API Access Method partially specifies how an ASPSP API conforming to it can be located. Technically, this is done by specifying an Endpoint that is to be part of the URL at which the ASPSP API can be accessed. Finally, an API Access Method specifies the HTTP method to be used, which tells whether a corresponding API is about creating, reading, updating, or deleting information. Some API Access Methods are mandatory, meaning that an ASPSP must support them according to the Berlin standard. Formally, HTTP method and Endpoint (URL) are not part of the PSD2 standard per se but instead of another standard, namely the REST protocol, which is used by PSD2.
Table 1 shows a mapping of PSD2 concepts into CMIR concepts1— this mapping is still work in progress and needs to be both consolidated and extended.
The definitions of the concepts of the CMIR model can be used to analyze the meaning of the concepts of the PSD2 standard. However, as can be seen above, several representational deficiencies with respect to the suggested model and the concepts in the PSD2 standard do occur, some of which will be briefly discussed below.
Some concepts of the CMIR model are too general to map into any concept in the PSD2 standard or the REST protocol (construct deficit) or maps into too many concepts in PSD2 (construct overload). An example of the former is the class ‘Institution’ that may be too broad to be of practical use to explain anything in PSD2 – ‘Institution’ may in fact map onto the 1The subclasses of Agent in the Informational Layer are omitted for reasons of space. entire PSD2 as a rule framework within the institution of the European Union. ‘Institutional Phenomena’ maps onto several Institutional Entities in PSD2 such as TPP, ASPSP, PSU, Account etc. This may indicate that this class should be specialized into several subclasses in the CMIR model.
The ‘Agent’ class on various levels in the suggested model, i.e. Agent-classes on both the institutional and informational level, maps onto the same Agent concept in PSD2, indicating a form of representational redundancy. However, the layered approach here, institutional agents versus informational agents, may help highlight and clarify when exactly the actions of an agent gain legal force with respect to an institution. As an example consider running the PSD2 agents in a sand-box (test-environment) — the payment transactions carried out in the sandbox will change the sums of the accounts involved in the transactions but this is only done on the informational level — nothing is changed on the institutional level. In order for the latter to occur the transactions must occur in an environment maintained, regulated and recognized by an institution.
Several concepts in the CMIR model have no correspondence in PSD2. This particularly applies to the classes in the physical layer indicating heavy construct excess, i.e. that the CMIR model contains concepts/classes that is not meaningful (to explain PSD2 in this case). However, even if the PSD2 standard does not aim to regulate the physical layer, e.g. computers, IP-addresses, physical human beings etc., all PSD2 concepts do relate to classes in the physical layer, e.g. a PSD2 Host is physically grounded in a computational hardware, which has been granted access to the Internet and identified with an IP address. Furthermore, even if the PSD2 currently does not aim to regulate the concepts at the physical layer, this may be wanted in the future for reasons such as (standardization of) reliability, environmental friendliness, and performance. In this respect, the layered approach (institutional, informational, physical) of the CMIR model may be used to find missing, but needed, concepts in a standard such as PSD2.
In other cases, the absence of a relationship between a CMIR concept and a PSD2 concept may occur from level of granularity diferences, i.e. some CMIR model concepts such as statement or fact do not map onto a PSD2 concept per se but sometimes to attributes of PSD2 concepts. In the table above, we have coded this as a ‘p’ (for partial correspondence). For instance, a statement or a fact regarding the balance of an account may be modelled as attributes of PSD2 Request/Response pairs. In the CMIR model, this is instead treated as a concept of its own. Doing so may be an advantage, since we are able to model attributes of the fact or statement, since this is being modelled as a class, but could also be overkill if this level of granularity is not needed.
Based on information ontologies, we have proposed a conceptual model that shows in what ways institutional phenomena are dependent on and grounded in informational and physical structures. The model shows how institutional phenomena are created through institutional processes, which are performed through information acts, which in their turn are performed through physical acts. To capture these dependencies, the model has been structured into three layers: institutional, informational and physical. While these acts are required for creating institutional phenomena, they do not sufice for maintaining them. In order to cater for their maintenance, there is a need for institutional registries that can store and retrieve information that provide evidence for the phenomena. And these registries are dependent on informational and physical registries, meaning that the three layers reoccur also for the registries.
Institutional and informational agents can be grounded in both human beings and digital
artefacts. When it comes to the ability of efecting institutional phenomena, they both have
that ability if they are properly authorized within an institution. However, it seems that digital
artefacts cannot be responsible for their acts, which distinguishes them from human beings,
which is a distinction that cannot yet be captured by the CMIR model. Furthermore, it has been
argued that it could be fruitful to ascribe responsibility also to digital artifacts, [
Another issue concerns the institutional character of information and registries. Clearly, both physical registries and information registries are institutional entities, as they can be the objects of rights. And the same holds for statements and facts, for example, consent can be given to sharing facts. Thus, there seems to be a layered structure, where one institution is the basic one, addressing some domain, e.g. vehicles. And then there are statements and registries needed to uphold the institutional phenomena in that institution. In order to manage that information, there is a separate institution, on top of the first institution, in which the statements and registries are institutional entities of their own, which are regulated in accordance with that second institution.
The relationship between informational agents and information registries need to be investigated. They share several similarities, as they both can process information in the form of statements and both need access to some physical substrates to store inscription of the statements. One possibility is to view information registries as specializations of informational agents.
Another issue relates to the contents and formulation of rules that govern institutional processes. Such rules can address one or several of the three layers, i.e., some rules solely describe institutional efects, while others also describe the information to be created, and yet others even the physical acts to be taken. This layering allows for a separation of concerns when formulating institutional rules.