Versions Compared

Old Version 4

changes.mady.by.user iainh1 NA

Saved on

compared with

New Version 5

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
  • Volunteered Personal Information is a related subject to VRM (vendor relationship management), see http://cyber.law.harvard.edu/projectvrm/Main_Page for details of that work. Volunteered Personal Information is the personal information that is typically known only to the individual, and which most likely can only be accessed by agreeing to the individuals terms or release; an example is 'my future purchase intention'.
  • User Driven Information is an adjunct to volunteered personal information and adds the scenario where the information being volunteered by the individual is not specifically 'personal' (in legal terms); an example might be an anonymised product review.
  • Individual is the initiator of a flow of user driven/ volunteered personal information, and typically the data subject.
  • Organisation is typically the relying party, the recipient of the user-driven or volunteered personal information. Other organisations might be third party identity providers (e.g. a credit bureau or government function), or a user-driven/ 4th party service provider (see here for definition).
  • authorization manager (AM): An HTTP server (per [HTTP]) capable of interacting with hosts in
    order to convey resource access decisions, and with requesters in order to determine their suitability for access.
  • authorizing user: A web user capable of indirectly controlling access by requesters to
    protected resources on hosts, by instructing an AM how to make access decisions.
  • host: An online service capable of interacting with AMs in the role of an HTTP client (per [HTTP]) in order to receive and act on access decisions, and interacting with requesters in the role of an HTTP server (per [HTTP]) in order to respond to access requests.
  • protected resource: An access-restricted resource (per [HTTP]) that can be obtained from a host with the authorization of an AM and, indirectly, the authorizing user.
  • requester: An HTTP client (per [HTTP]) capable of interacting with hosts and AMs to request, and receive access to, protected resources.
  • requesting client
  • requesting service
  • requesting entity
  • requesting user
  • personal datastore a user-managed data warehouse, stored wherever the user wants, and made available to requesters as directed by a user (the authorizing user). It's defining characteristic is that it exists under the control of the individual, whether that be physically, contractually or both.
  • independent datastore a data warehouse, stored somewhere, where the user may or may not have control over requester access.data in context. Data is meaning encoded in a medium. However, data by itself lacks the context of who created it, where, how, and why it was created. Information includes context so that the recipient can more fully extract meaning; it includes not only the facts of "what" but also details that can include who created it and why, who is transmitting it and why, how it relates to the recipient, and constraints on its use. In the work of the Information Sharing work group, individuals provide the context that enables recipients to better understand and make use of the meaning encoded in shared information.
  • Sharing is an intentional, voluntary act of giving, typically subject to explicit or implicit rules of use.
  • Information Sharing is the voluntary act of giving information, subject to rules of use. After agreeing to terms, one party shares information with another, communicating a copy of the data to be shared and applicable context.
  • Individual A natural person.
  • Entity A corporate person.
  • Party A natural or corporate person who enters into an implied or explicit agreement, either for the purposes of a specific transaction or as part of an ongoing relationship.
  • Recipient is the receiver of information, for whom the rules of use apply. This is a legal person, either corporate or natural, who receives limited title in the information to use according to specific provisions of an information sharing agreement. In Vendor Relationship Management terms, the recipient is typically the Vendor in the transaction.
  • Originator is the authorizing person in any information sharing exchange. Typically, this party is the owner of the information. In all cases, the originator is the controlling party for the shared information. In Vendor Relationship Management terms, the originator is typically an individual.
  • Intermediary is any person (corporate or natural) who accesses, communicates, or processes shared information on behalf of either the recipient, the originator, or another intermediary. They are not a Party to any information sharing agreement that might exist between an originator and a recipient, although separate agreements may create obligations between the intermediary and the party on whose behalf they operate.
  • Software is machine readable, executable code that performs specific tasks.
  • Service is a running instance of software.
  • Application is the software or service that receives, processes, and distributes shared information, typically run by an intermediary to provide a service to an individual or entity. This is to be distinguished from the legal person that may own or control the software or service running the software.
  • Datastore is one or more applications which host information for sharing with designated recipients under an information sharing agreement. The term may be used to refer to one specific datastore hosting a particular set of data, or generically to the common aggregate of all such datastores under the control of a party. Such datastores may be located anywhere the controlling party desires, both physically and digitally.
  • Personal Datastore is a datastore under the control of an individual.
  • Corporate Datastore is a datastore under the control of a corporate entity. In VRM nomenclature, it is often referred to as a data silo (although silos typically aren't considered as points of sharing or distribution).
  • Authorization Point is an application that that mediates requests for protected information. It acts as the primary policy store and policy decision making point for recipients requesting access to shared information. It provides authentication services so that recipients can access information hosted at a datastore.
  • Communications Point is an application that mediates incoming communications on behalf of a party. It is a special case of an authorization point applied to protected resources that provide for incoming communications.
  • Information Dashboard is an application that aggregates communications and authorizations controls, allowing parties to manage their relationships with recipients of shared information. The dashboard allows originators to set, revise, and revoke policy for shared resources on a per recipient basis. It also provides a secure, spam-free, incoming channel for recipients to communicate with originators on previously authorized terms. Parties may have one or more dashboards and dashboards may aggregate the services of multiple communications and authorization managers.

h2 Still under development
*DISCOVERY! next up

How do we let the user move from one personal datastore provider to another without losing service?

...