2 solutions for data portability and privacy

[Henry Story]

I have just looked at a couple of ways to ensure privacy in an open
data world.

First I looked at how one could do this with OpenId:
http://blogs.sun.com/bblfish/entry/the_openid_sequence_diagram

Next at how one could very simply extend https to get the desired
effect:
http://blogs.sun.com/bblfish/entry/foaf_ssl_creating_a_global

The openid solution has the advantage of working well with legacy
browsers, the https solution of being very efficient. And the nice
thing is that they should both work well together with foaf.

Hope this help, and I welcome comments. I will be trying out an
implementation of the second one next.

Henry

Home page: http://bblfish.net/

[Paul Madsen]

Hi Henry, FYI, Liberty's ID-WSF would meet the use case as follows below

Basic difference is that, rather than using FOAF, Liberty's People
Service defines a protocol for CRUD operations, and a syntax for
representing the social network.

regards

paul

--------------

Preconditions

1) Romeo has been added to Juliette's People Service. This likely
happened in the context of Juliette enabling access for Romeo to some
resource of hers, e.g. her calendar, but she could have added him
separately, His membership in her network is manifested by their being
an identifier established for him between Juliet's People Service and
his chosen identity Provider
2) Juliette was added to Romeo's People Service (likely at some
different social provider than that Juliette uses). In this case, the
social connection is symmetrical, it need not be
3) Juliette has defined access rules for her geolocation information in
terms of membership in a group maintained at her People Service, e.g.
"Allow anybody in the 'StarCrossedLovers' group of friends".

Sequence

1) Romeo's client friend-finder app queries his own People Service
2) People Service returns a list of his friends, Juliet is in list
3) Romeo picks Juliet from list and asks 'Where is she?'
4) Romeo's client friend-finder app asks Romeo's People Service for an
identity token for Juliet
5) Romeo's People Service asks Juliet's identity Provider for a security
token for her, and then forwards it to Romeo's client
6) Romeo's client uses the identity token to send a query to Juliette's
Discovery Service, asking 'Who is Juliet's Location provider?'
7) The Discovery Service returns to Romeo's client friend-finder app the
location of Juliet's Location Service Provider and a SAML security token
to use in a location query there
8) Romeo's client friend-finder app uses above SAML token to send a
location query to Juliet's Location Service Provider
9) Juliet's Location Service Provider, as it has access rules defined in
terms of Juliet's People Service group membership, queries Juliet's
People Service with the question "Is this guy Romeo in the
'StarCrossedLovers' Group?"
10) After some checking, Juliet's PS returns 'Yes'
11) Juliet's Location Service Provider returns her location to Romeo's
client

Post conditions

1) Romeo, seeing that Juliet's location has not changed since he last
checked, assumes the worst and pays a visit to the drugstore .....

--
Paul Madsen e:paul.madsen @ gmail.com
p:613-482-0432
m:613-282-8647
aim:PaulMdsn5
web:connectid.blogspot.com