Securing Very Important Data: Your Own The newest generation of web services is starting to collect and store far more than just the standard suite of identity data — name and address, phone, Social Security or credit-card numbers — that populates the databases of banks and credit-card processors. They increasingly store information, generated by us, that is directly linked to those virtual identities. And users are loving them. ... “We’re in a situation where business holds all the cards." ONE way to change this, he said, is to make people more like organizations. To this end, Mr. Neuenschwander and his colleagues have floated the intriguing concept of the L.L.P.: the Limited Liability Persona. This persona would be a legally recognized virtual person in which users could “invest” the financial or identity resources of their choosing.
The Limited Liability Persona Corporations were invented during the age of exploration, when the risk associated with mounting an expedition to foreign lands was so high that no single person - even a rich noble - could underwrite a venture without running the risk of total financial ruin. The fundamental ideas underlying the corporation are (1) the notion of a legal person distinct from a "natural person", (2) perpetual lifetime, and (3) limited liability. Limited liability was critical to the idea of the corporation, because it allowed investors to put a strictly limited amount of money into a risky enterprise without having to take the chance of losing everything.
Law of Relational Risk It’s a simple law, but I believe leads to important conclusions about how relations are structured: Contribution to the relationship that is not met proportionally by the other participants is a loss to the contributor.
... Culture, values, and shared beliefs improve parties’ confidence in assessing risks. This is particularly true where the culture practices reciprocity—possibly through status and reputation—in connection with stated values. The principles also suggest that single sign-on (SSO) efforts are often misguided. In the interest of promoting relational continuity, the more authenticated connections the better—particularly if the user can parlay these authentications into improved reputation. Recognition of participants based on multiple channels of connectivity would be the method for improving identity assurance rather than on a single login event.
Relational Continuity Sockets Layer This RCSL abstraction has several promising benefits for use in identity relationships. * It could provide a standard and potentially portable container to hold the state of relationship as it changes over time. * It could provide the means for each party to have access to theunderlying data from which the party would be able to perform a consistency check. * It could provide a means of controlling the visibility of relationship state. * It could provide a referencable underlying data set on which a reputation system could be built. * It could provide a template for common operations among many kinds of identity relationships. * It could enable multi-party relationships to be better managed by the participants.
More on LLPersonae, Identity Oracles, and RCSL RCSL isn't really a reputation management system. It's a way to build relationships which are scoped in time and also in committment of resources. A useful analogy here is that of a card game; at each round one antes a set of resource to qualify for the round, and one obeys certain rules for the hand. In an analogous way the RCSL enables creation of predefined relationships which have both rules (for what can & can't be done in the relationship) and roles (for which participant can do what at any particular time; compare this with a game like Bridge where the roles for the players differ). The notion here is to design the resource committment rules, rules of play, and roles to limit risk of all types to the various parties. The game may require reputation as a condition of entry, and it may change reputation as an effect of the outcome, but in this respect reputation is simply another resource - and is not the only kind of commodity which could be used.
|