GUID Guide, part one

GUID Guide, part one

Rate This
  • Comments 38

What is a GUID? The acronym stands for "globally unique identifier"; GUIDs are also called UUIDs, which stands for "universally unique identifier". (It is unclear to me why we need two nigh-identical names for the same thing, but there you have it.) A GUID is essentially a 128 bit integer, and when written in its human-readable form, is written in hexadecimal in the pattern {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}.

The purpose of a GUID is, as the name implies, to uniquely identify something, so that we can refer to that thing by its identifier and have confidence that everyone can agree upon what thing we are referring to. Think about this problem as it applies to, say, books. It is cumbersome to refer to a book by quoting it in its entirety every time you mention it. Instead, we give every book an identifier in the form of its title. The problem with using a title as an identifier is that there may be many different books with the same title. I have three different books all entitled "The C# Programming Language" on my desk right now; if I want to refer to one of them in particular, I'd typically have to give the edition number. But there is nothing (apart from their good sense) stopping some entirely different publisher from also publishing a book called "The C# Programming Language, fourth edition" that differs from the others.

Publishers have solved this problem by creating a globally unique identifier for each book called the International Standard Book Number, or ISBN. This is the 13-decimal-digit bar coded number you see on pretty much every book(*). How do publishers manage to get a unique number for each of the millions of books published? They divide and conquer; the digits of an ISBN each have a different meaning. Each country has been assigned a certain range of ISBN numbers that they can allocate; governments then further allocate subsets of their numbers to publishers. Publishers then decide for themselves how to assign the remaining digits to each book. The ISBNs for my three editions of the C# spec are 978-0-321-15491-6, 978-0-321-56299-9 and 978-0-321-74176-9. You'll notice that the first seven digits are exactly the same for each; they identify that this is a publishing industry code (978), that the book was published in a primarily English-speaking region (0), by Addison-Wesley (321). The next five digits are Addison-Wesley's choice, and the final digit is a checksum. If I wish to uniquely identify the fourth edition of the C# specification I need not state the ambiguous title at all; I can simply refer you to book number 978-0-321-74176-9, and everyone in the world can determine precisely which book I'm talking about.

An important and easily overlooked characteristic of the ISBN uniqueness system is that it only works if everyone who uses it is non-hostile. If a rogue publisher decides to deliberately publish books with the ISBN numbers of existing books so as to create confusion then the usefulness of the identifier is compromised because it no longer uniquely identifies a book. ISBN numbers are not a security system, and neither are GUIDs; ISBN numbers and GUIDs  prevent accidental collisions. Similarly, traffic lights only prevent accidental collisions if everyone agrees to follow the rules of traffic lights; if anyone decides to go when the light is red then collisions might no longer be avoided, and if someone is attempting to deliberately cause a collision then traffic lights cannot stop them.

The ISBN system has the nice property that you can "decode" an ISBN and learn something about the book just from its number. But it has the enormous down side that it is extraordinarily expensive to administer. There has to be international agreement on the general form of the identifier and on what the industry and language codes mean. In any given country there must be some organization (either a government body or private companies contracted by the government) to assign numbers to publishers. It can cost hundreds of dollars to obtain a unique ISBN.

GUIDs do not have this cost problem; GUIDs are free and there is no requirement that any governing body get involved to ensure their uniqueness. A GUID is a number that you can generate yourself and be guaranteed that no one else in the world will generate that same number. That seems a bit magical. How does that work? Over the next couple of episodes we'll take a look at how that magical property is achieved.


(*) The attentive reader will note that there are usually two bar codes on a book in the United States. The first one is the ISBN; the second bar code is the number 5 followed by a four digit number that is the publisher's suggested price of the book in American pennies.

  • An interesting choice of topic, but something well work explaining. Great post and looking forward to the others in the series.

  • > It is unclear to me why we need two nigh-identical names for the same thing

    This reminds me of URI and URL.

  • Seems like a poor analogy to me.  I would expect a GUID to identity a particular instance of a book, not a particular title.  Perhaps an SSN would be a better analogy?

  • "GUIDs are free and there is no requirement that any governing body get involved to ensure their uniqueness." Who's in charge of MAC addresses? (As for type 4 GUIDs - well, they're not actually unique, just statistically unlikely to collide).

  • Looking forward to reading this series.

  • >> It is unclear to me why we need two nigh-identical names for the same thing

    >This reminds me of URI and URL.

    Except URIs and URLs are not the same thing. URLs are a subset of URIs. And incidentally, ISBN numbers are URIs too ^^

  • >Seems like a poor analogy to me.  I would expect a GUID to identity a particular instance of a book, not a particular title.

    A class ID is a GUID that refers to a particular title, rather than a specific book, no? In fact most objects don't have their own GUIDs, but COM classes and interfaces do.

  • @AC, Otaku

    The thing being identified depends on context.  COM uses GUIDs to distinguish types because that is what needs to be identified. OTOH, rows in databases often use GUIDs as primary keys, and that can translate into an instance of an object being identified by that GUID.

  • It is my understanding that UUID (universal) was considered presumptuous. It's possible for an alien on another planet to create a UUID that is identical to one created on Earth. So purists would use the term GUID (global) instead as the number is only guaranteed to be globally unique, not universally unique.

  • The subtle difference is that GUIDs are made by gnomes while UUIDs ar made by unicorns.

  • @Tergiver

    I don't believe that's the case at all. GUIDs are 'more unique' than UUIDs in general, because the UUID standard defines identifier types that are relatively likely to conflict when used by independent programs (the types based on hashes). See: en.wikipedia.org/.../UUID

    I think the 'universe' in UUID refers to the logical sense. I.e., 'this identifies something uniquely in the universe of all the things I'm considering'. GUIDs on the other hand are supposed to give you a truly unique number every time one is generated, irrespective of the content it identifies.

    So if you want an identifier that uniquely identifies an object among the set of objects your program does or might work with, that's a UUID. If you want an identifier that uniquely identifies an object among the set of absolutely all possible objects, that's a GUID. In practice it's safer (and just as simple) to just use random UUIDs over hash-based UUIDs, so most UUIDs happen to be GUIDs. But logically, that is the terminology distinction (as I see it).

  • @Jacob: I'm sure you're correct, but I like my answer better. It wasn't an original construct. I can no longer remember where I heard it.

  • I remember an instance where there was a GUID collision with Microsoft products. One of the windows 95 powertoys (Shortcut Target Menu i think) had it's GUID reused in later versions of windows by Show Desktop (or was it Send to Desktop?). I wasn't pleased, it is one of the few powertoys that is still relevant and non-trivial to duplicated.

  • I am slightly surprised the bookseller only gets five digits.  I guess 99,999 books is a lot, but I kinda assumed there were some publishers out there with more than that, and also more than 999 publishers in the US, over time.

    Your surprise is due to your unwarranted assumptions; I did not say that (1) the zero code is the only code for the United States, (2) that every publisher has a three-digit identifier, or that (3) every publisher is only allowed to own one publisher code. None of those assumptions are true. English-speaking regions use both zero and one as the region code. Large publishers can purchase one or more three-digit codes; smaller publishers can purchase longer codes that give them fewer digits to choose themselves. And when we run out of those, they'll start using another three-digit prefix; there are hundreds of those still unused. -- Eric

  • Wait, GUIDs are free!? I may have been taken advantage of on Ebay.

Page 1 of 3 (38 items) 123