Create an Account
username: password:
 
  MemeStreams Logo

Identity Roundup

search

possibly noteworthy
Picture of possibly noteworthy
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

possibly noteworthy's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
  Humor
Current Events
  War on Terrorism
Recreation
Local Information
  Food
Science
Society
  International Relations
  Politics and Law
   Intellectual Property
  Military
Sports
Technology
  Military Technology
  High Tech Developments

support us

Get MemeStreams Stuff!


 
Identity Roundup
Topic: Technology 11:10 am EDT, Oct 14, 2007

Securing Very Important Data: Your Own

The newest generation of web services is starting to collect and store far more than just the standard suite of identity data — name and address, phone, Social Security or credit-card numbers — that populates the databases of banks and credit-card processors. They increasingly store information, generated by us, that is directly linked to those virtual identities.

And users are loving them.

...

“We’re in a situation where business holds all the cards."

ONE way to change this, he said, is to make people more like organizations.

To this end, Mr. Neuenschwander and his colleagues have floated the intriguing concept of the L.L.P.: the Limited Liability Persona. This persona would be a legally recognized virtual person in which users could “invest” the financial or identity resources of their choosing.

The Limited Liability Persona

Corporations were invented during the age of exploration, when the risk associated with mounting an expedition to foreign lands was so high that no single person - even a rich noble - could underwrite a venture without running the risk of total financial ruin.

The fundamental ideas underlying the corporation are (1) the notion of a legal person distinct from a "natural person", (2) perpetual lifetime, and (3) limited liability.

Limited liability was critical to the idea of the corporation, because it allowed investors to put a strictly limited amount of money into a risky enterprise without having to take the chance of losing everything.

Law of Relational Risk

It’s a simple law, but I believe leads to important conclusions about how relations are structured:

Contribution to the relationship that is not met proportionally by the other participants is a loss to the contributor.

...

Culture, values, and shared beliefs improve parties’ confidence in assessing risks. This is particularly true where the culture practices reciprocity—possibly through status and reputation—in connection with stated values.

The principles also suggest that single sign-on (SSO) efforts are often misguided. In the interest of promoting relational continuity, the more authenticated connections the better—particularly if the user can parlay these authentications into improved reputation. Recognition of participants based on multiple channels of connectivity would be the method for improving identity assurance rather than on a single login event.

Relational Continuity Sockets Layer

This RCSL abstraction has several promising benefits for use in identity relationships.

* It could provide a standard and potentially portable container to hold the state of relationship as it changes over time.

* It could provide the means for each party to have access to theunderlying data from which the party would be able to perform a consistency check.

* It could provide a means of controlling the visibility of relationship state.

* It could provide a referencable underlying data set on which a reputation system could be built.

* It could provide a template for common operations among many kinds of identity relationships.

* It could enable multi-party relationships to be better managed by the participants.

More on LLPersonae, Identity Oracles, and RCSL

RCSL isn't really a reputation management system. It's a way to build relationships which are scoped in time and also in committment of resources. A useful analogy here is that of a card game; at each round one antes a set of resource to qualify for the round, and one obeys certain rules for the hand. In an analogous way the RCSL enables creation of predefined relationships which have both rules (for what can & can't be done in the relationship) and roles (for which participant can do what at any particular time; compare this with a game like Bridge where the roles for the players differ).

The notion here is to design the resource committment rules, rules of play, and roles to limit risk of all types to the various parties.

The game may require reputation as a condition of entry, and it may change reputation as an effect of the outcome, but in this respect reputation is simply another resource - and is not the only kind of commodity which could be used.



 
 
Powered By Industrial Memetics
RSS2.0