User Managed Permission Interface

From IIW

Issue/Topic: User Managed Permissions

Session: Thursday 1F

Conference: IIW-11 November 2-4, Mountain View, Complete Notes Page

Convener: Mark

Notes-taker(s): Joe Andrieu


Discussion notes:

IIW11 THU 1F 1.jpg

  • Granularity
  • Management
  • Ceremony
  • Facebook
  • Android Market
  • Infocards

Kynetx Data Model (KDM & PDS)

  • <ID> (internal user id for tracking activity)
    • <RID1> (ID unique per user per app)
      • stuff1 (URL History)
      • stuff2 (geolocation)
    • <RID2>
      • stuff3
      • stuff4

PDS (starting with XRI/XDI dictionary)

What's the boundary between KDM & PDS?

  • KDM is application-limited
  • PDS is available for sharing via permissioned access

So, how do we manage permissions for access to the PDS?

You can use application-specific gestures that make it obvious which permissions are granted. For example, dragging a GEO location onto a picture can be constructed to /mean/ that the subjects of the photo are permissioned to know that geolocation information.

In a link contract, the permissions define addressable entries in the graph

At a minimum, you need a gesture to indicate what is being permissioned

Voluntary Oblivious Compliance:

I have a bunch of things I can share, but I don't know the rules for sharing, e.g., corporate rules about data releases. But there is a background policy protecting the user from breaking those rules.

There may be a role for "policy" providers and a distinguishable role for automated tagging, which tags the data for use by policies.

Note: the PDS must keep track of permissions and data access /and/ the user should be given tools to view & manage their permissions based on actual basis

Groups v individual permissions in an ACL

Default verses specific versus override = inherently complex.

Must supply an "oops" button to revoke, fix, errors in permissions..