User Managed Permission Interface

Issue/Topic: User Managed Permissions

Session: Thursday 1F

Conference: IIW-11 November 2-4, Mountain View, Complete Notes Page

Convener: Mark

Notes-taker(s): Joe Andrieu

Tags:

Discussion notes:




 * Granularity
 * Management
 * Ceremony


 * Facebook
 * Android Market
 * Infocards

Kynetx Data Model (KDM & PDS)
 *  (internal user id for tracking activity)
 *  (ID unique per user per app)
 * stuff1 (URL History)
 * stuff2 (geolocation)
 * 
 * stuff3
 * stuff4

PDS (starting with XRI/XDI dictionary)

What's the boundary between KDM & PDS?


 * KDM is application-limited
 * PDS is available for sharing via permissioned access

So, how do we manage permissions for access to the PDS?

You can use application-specific gestures that make it obvious which permissions are granted. For example, dragging a GEO location onto a picture can be constructed to /mean/ that the subjects of the photo are permissioned to know that geolocation information.

In a link contract, the permissions define addressable entries in the graph

At a minimum, you need a gesture to indicate what is being permissioned

Voluntary Oblivious Compliance:

I have a bunch of things I can share, but I don't know the rules for sharing, e.g., corporate rules about data releases. But there is a background policy protecting the user from breaking those rules.

There may be a role for "policy" providers and a distinguishable role for automated tagging, which tags the data for use by policies.

Note: the PDS must keep track of permissions and data access /and/ the user should be given tools to view & manage their permissions based on actual basis

Groups v individual permissions in an ACL

Default verses specific versus override = inherently complex.

Must supply an "oops" button to revoke, fix, errors in permissions..