Fixing Facebook, The Internet, Money, And Most Other Digital Stuff

Blockchains and other cryptographic protocols are useful for online payment processing and other digital exchange systems, and p2p protocols for decentralized or crowdsourced security validation are highly desirable features of a modern digital system of accounts. What I dislike about Bitcoin (the best-known blockchain implementation) is that it invites speculation just as if it were gold. A modern digital system of accounts is best served by a unit of account that is relatively free from intrinsic value and thus free from speculation.

My sense is that making a universal transaction accounting/auditing system (also known in distributed and p2p computing circles as a distributed ledger) part of a “native” internet protocol suite will make it more stable. If it is ubiquitous it becomes like air and people are less likely to speculate on air than on gold or bitcoins. Such a core Internet protocol would provide an automatic  “audit trail” of every applicable read and write transaction, including but not limited to every payment, that is posted.  Such a protocol could be used for many important applications:

  • intellectual property management, especially for individuals posting on blogs and social media
  • micro-payments such as those proposed by Jaron Lanier in Who Owns the Future
  • retail payment systems
  • international payment systems, exchanges, etc.

Because its use could become so ubiquitous it should be designed and built very openly and carefully by a large public institution such as W3C, or by open crowdsourcing — not by a lone entrepreneur or small shop. What I’m proposing is actually an upgrade to the internet protocol suite — the core internet protocols — that would maintain a link between every named resource and a metadata file. I’m not current enough on the tech to get more specific or detailed about the implementation. http://en.wikipedia.org/wiki/Internet_protocol_suite

The innovation I suggest is to permanently and unbreakably link every named resource (or its URI) on the Internet to its own metadata file. I call that file the metadata “tail” or “fork”. Such a file might be a flat file, a structured database, a distributed hash table, an encrypted block chain, etc. — I leave that to better software engineers than me. The link between the named resource and its metadata tail must be unbreakable for the life of the resource and the metadata must be inviolable. The link should be maintained as deeply in the internet core protocols as possible. It may be possible to implement the metadata store itself at a considerably higher layer to allow for easier updates to the data store technology. After all I am probably advocating the creation of trillions of gigabytes of metadata here. A sort of audit trail of practically every read or write operation on the Internet.

Every resource’s metadata file would contain the following metadata:

1. At the minimum: creation date and author

2. Other optional metadata might include owner (if other than author), ownership rights, expiration date, etc.

3. History (audit trail) of every read, write, copy, payment, etc. transaction involving that resource.

We know that getting money is a means to getting many things of value, not that it IS value. And its fungible and persistent (durable) so its very handy and convenient. We’d be hard pressed to design money without this convenience, fungibility, and durability and still get people to use it. That’s the catch 22 for people hoping to solve ANYTHING by inventing new forms of money or non-money or whatever.

But we do have some serious problems with old forms of money. So I nominate (with tongue in cheek) dried fish as the new international standard unit of accounts. No, make that coconuts. Or barrels of oil. Or Bitcoins. or killoWatt hours (kWh) of electricity … Whatever we choose, if its a finite natural or virtual thing in limited supply people will rush to acquire it and if possible “corner” the supply. So maybe its best to use something in unlimited supply, such as plain, immaterial numbers. Oops, no, people have been speculating on “the numbers game” forever.

The more I think about all this the more I think my proposal to update the internet core protocols to add an “audit trail” of all transactions is the only solution to our problems —  with money, with accounting fraud, with social media content rights,  and with lots of other difficult problems  too numerous to mention at this point.

Poor Richard

PS My only innovation (if it is such at all) is placing the link to the metadata repositories deeply into the internet core protocol stack and applying the protocol to potentially all reads and writes on the Internet, not just financial transactions. It may also be innovative (or not) to propose individual and distributed metadata repositories, possibly using blockchain cryptography, rather than a common repository, for each and every named resource on the Internet. The main problem to overcome is the volume of metadata. The current Bitcoin blockchain would probably break under such volumes.

Related:

Further Discussion:

  • Poor Richard: Debates about money, accounting, credit, debt, etc. seem mostly anachronistic to me. What we should be more concerned with designing is the digital micropayment economy (protocol) proposed by Jaron Lanier in “Who Owns the Future” and which I try to imagine one approach to in my rough note  Fixing Facebook, the Internet, Money, and other stuff
  • Edouard Bry: Poor Richard, what about large purchases like a car, a house?
  • Edouard Bry: Poor Richard, that proposal negates anonymity. Personally I believe total lack of anonymity is not realistic from a human perspective. It’s OK conceptually but it does not take enough into account the need for some privacy most human beings have…
  • Poor Richard: An Internet-wide micropayment system can be used for all purchases, large or small, but at the small end it provides a unique service that Jaron Lanier explains in “Who Owns the Future” and related videos.  Thus far Lanier is not well-liked by many of the P2P, FOSS and “free culture” people. Lanier does not describe the implementation of the system, which is what I have tried to address. No one has yet proposed any specific user interface details, but the user interface would allow all internet users to make and receive payments of any size — but of special importance it would permit very tiny payments of fractions of a cent for comparably small services and goods like clicking a “Like” button or for posting or reading a facebook post.
  • Poor Richard: Edouard Bry, do you think Poor Richard is someone who would abandon anonymity? No. The application must include strong cryptography and access controls for varying degrees of privacy for different applications. Like block chains, a micro-payment protocol will be used by a wide variety of applications in addition to micro-payments. An Internet-wide micro-payment system can be used for all purchases, large or small, but at the small end it provides a unique service that Jaron Lanier explains in “Who Owns the Future” and related videos. http://youtu.be/cCvf2DZzKX0 So far Lanier is not well-liked by many of the P2P, FOSS and “free culture” people. Lanier does not describe the implementation of the system, which is what I have tried to address. No one has yet proposed any specific user interface details that I know of, but the user interface would allow all internet users to make and receive payments of any size — but of special importance, it would permit very tiny payments of fractions of a cent for comparably small services and goods like clicking a “Like” button or for posting or reading a facebook post.
  • Andrew Bransford Brown: I kind of agree, however, it is an incremental process. You might have a look at http://promiselanguage.blogspot.com It solves the payment part. The structure might also solve the “metadata” issue you are referring to. “Promise Language”
  • Bernd Nurnberger: Interesting. Not sure I can agree in light of this: “Silicon Valley megacorps have no interest in transparency. They don’t want to talk to reporters who would ask them real question about their for-profit surveillance business operations. Why would they risk it when they can fall back a trusted crisis PR technique: shut the doors, don’t pick up the phone, lie low for a while and wait for the storm to pass.” 

  • Poor Richard: Andrew, the applications, like payment processing, could be incremental, but it is fundamental to my idea that the various applications I mentioned would all share a common back end that I call an automatic audit trail protocol for the Internet core protocol stack.
  • Richard Saunders: A world citizens movement and ultimately world governance could be set in motion simply by updating the internet core protocols to allow for secure “voting” on nearly all internet content
  • Adam Lake: Richard Saunders, why not use a protocol like email for p2p social networking with all data on personal servers?

  • Richard Saunders: Search “p2p email”. I haven’t investigated any of them, but it seems like a good idea for us to adopt p2p versions of the apps we use. That’s a different level of interaction than the core internet protocols which everyone uses automatically by default. They don;t need to make any decision or choice about it. Everyone worldwide is already using a common set of digital “tools” to interact with the internet therefore building a worldwide movement by using those common tools is as much a no-brainer as possible. I suspect there are forces within the internet governance community that fear the idea of building secure voting technology into the core internet protocol suite because of the potential disruption of all the old vested interests and powers.

  • Marco Fioretti: “secure internet voting” cannot exist, period. It’s not even wrong.

    As for “p2p versions of the apps we use”, and just for general reference (I have NO time to work on it for free, you are all sincerely welcome to do it yourself, or find somebody else who can!) here is a faster, much simpler way to get something similar soon. An intermediate but IMO unavoidable step towards real “p2p versions of the apps we use”: http://per-cloud.com

  • Richard Saunders: @Marco Fioretti “secure internet voting” cannot exist

    Marco, is your objection to the word “secure”? I mean it only in a relative sense. If relatively secure financial transactions can exist, relatively secure voting can exist on the internet, can it not?

  • Marco Fioretti: “If relatively secure financial transactions can exist, relatively secure voting can exist on the internet, can it not?”

    No.

    Financial transactions are relatively secure only because if they go wrong someone surely notices it, often immediately, and comes asking for a refund or repetition. With internet voting, it’s impossible to realize that something bad happened. Unless it’s not secret, which would be so bad to be half disgusting half ridiculous.

    It’s absolutely impossible to guarantee that all software+hw combinations used for voting by people who by and large use their birth date as password or never update software etc… would be free of trojans, keyloggers and such. This has proved tolerable for making online payments only for the reason in the previous paragraph, it could never happen with voting. People who couldn’t be bothered to vote could even never notice that their computer was infected to vote on their behalf.

    If voting happens outside a safe place, there is no protection from abuse as in any variation of “vote now what I tell you and never tell anybody, or I’ll shoot you”

    etc etc. So no, relatively secure voting CANNOT exist on the internet. Period. Believe me I do NOT want to offend, but it makes me sad to see how many people who apparently thought of this for more than 2 minutes still propose Internet voting.

    And above all: WHY? Let’s assume just for the fun of discussion that all I’ve said doesn’t exist: what would be the REAL advantage of internet voting?

  • Richard Saunders: @Marco “what would be the REAL advantage of internet voting?

    I use the word “voting” broadly to include things such as “liking” and rating (+1, -2, etc.). Using an encrypted distributed ledger provides an audit trail. My point is that an encrypted distributed ledger (perhaps some type of “blockchain”) should become part of the core internet protocols. This would allow the world to rate any internet content or to “vote” in some fashion on everything. Security is always relative, so higher value data would need more protection, just as now.

  • Melvin Carvalho: …Using the new structured data layer of the web, contracts, governance, anything that an be modelled with data can be created. When you look at the web, try not to think of giant corporations controlling it, or locking it down, it was made for everyone to do anything they want. Any use case you can imagine with a block chain is doable on the dencentralized web.
  • Richard Saunders: Melvin, structured data and linked data are typically defined by triples: subject – predicate – object. This does not automatically constitute a strongly secure distributed ledger. If that is what one is after they still have to build that somehow. If we want to create a strongly secure distributed ledger, a bitcoin-style blockchain may not be the best route. BUT WHAT IS?
Advertisements

Identity Management

Peerpoint Abbey, Ireland

Peerpoint Abbey, Ireland (Photo credit: trexcali)

[The following is a new draft addition to the PeerPoint Open Requirements Definition and Design Specification Proposal (currently a shared Google Doc). The PeerPoint project is an open and collaborative effort to develop requirements, standards, and specifications for peer-to-peer internet technologies that will promote fair and sustainable societies. On-going updates to this topic will be made at the above link. Your collaboration is invited! – PR]

PeerPoint Identity Management

The first step in defining the problem space of identity management is to define identity. What is it?  From The Free Dictionary (tfd.com):

identity: 1. The collective aspect of the set of characteristics by which a thing is definitively recognizable or known

PeerPoint Terms and Definitions

  • entity: anything that has a definite, recognizable identity, whether a person, group, organization, place, object, computer, mobile device, concept, etc.

    Identity conceptual view

    Identity conceptual view (credit: Wikipedia)

  • attribute: any characteristic, property, quality, trait, etc. that is inherent in or attributed to an entity. An entity has one or more attributes and an attribute has one or more values. For example “the sky (entity) has color (attribute) of blue (value).” This entity-attribute-value (EAV) model is sometimes called a “triple” as in the Resource Description Framework (RDF). An attribute (which is also a kind of entity) may have attributes of its own. These are often logically nested in a hierarchical fashion. For example, an address may be an attribute of a company but also an entity with attributes of street, city, state, etc. An entity may have multiple instances of the same attributes, such as multiple aliases or addresses. (Different programming languages, protocols, frameworks, and applications may organize the entity-attribute-value model differently; or use different terms such as object for entity or property for attribute; but this is probably the most generic approach.)
  • Rdf-graph3

    Rdf-graph3 (Photo credit: Wikipedia)

    identity: a definitive and recognizable set of attribute-value pairs (or entity-attribute-value triples) for a particular entity. The set of attribute-value pairs may be partial or exhaustive, depending on the intended purpose of the identity construct.

  • identification (ID): a dataset (value, record, file, etc) which represents the most concise amount of information required to specify a particular entity and distinguish it from others. An ID may be local to a particular context, such as a company employee ID or inventory number, or it may be universal. Examples of universal ID are Global Trade Item Numbers (GTIN) and uniform resource identifiers (URI).  The ID typically consists of a smaller quantity of data than the full identity dataset and only represents or refers to the full identity.

Identity management problem space

The PeerPoint requirements will explore various parts of the Identity Management problem space, all of which overlap or interpenetrate each other:

  1. description
  2. classification
  3. identity provisioning and discovery (directory services, including identity & directory linking, mapping, and federation)
  4. authentication (validation, verification, security tokens and security token services)
  5. authorization (access control, role-based access control, single sign on)
  6. security (anonymity, vulnerabilities, risk management)

1. Description

Description is meant here in its most general sense as the entire set of attributes and values that describe an entity, and not simply a “description” box or field in a record. This is the aspect of identity management which establishes the set of attributes and values (or profile) by which an entity is typically recognizable or known in a particular context. A description can attempt to be exhaustive, but in most cases it is only as complete as required for its intended purpose in a given application.

PeerPoint requirements

  • Identity management functions should be consistent across all PeerPoint applications, so the requirements should be implemented as part of a PeerPoint system library from which all applications, middleware, APIs, etc. can call the necessary functions. Interfaces or connectors must be provided for non-PeerPoint-compatable systems.
  • There are many methods in existing software applications, protocols, and frameworks to describe the identity of entities. The PeerPoint identity management solutions must inter-operate with as many of these as possible. For that reason the PeerPoint descriptions of entities must be as generic, modular, composable, and extensible (open-ended) as possible.
  • PeerPoint user interfaces (UI) must allow users to extend and customize entity descriptions in as intuitive a manner as possible without reducing or destroying the interoperability of the descriptions with those of other platforms. One approach is to provide user input forms with the most common or universal attributes for various types of entities, combined with fields for additional user-defined attribute-value pairs as well as simple tags.
  • In both standardized and customizable parts of entity descriptions, the UI should provide as much guidance as possible about the most typical names and/or value ranges for attributes without locking the user in to these “preferred” or popular choices.

One of the most basic entities in social networking systems is the person or member (or in more abstract terms, an account). The identity description for such an entity is commonly called a “user profile.” User profiles are also found in most applications that involve online collaboration. The most primitive form of user account consists of a user ID (or UID) and a password, where both the ID and password are simple alphanumeric strings. But increasingly, user accounts for social and collaborative applications include elaborate user profiles. Facebook is a good example, having one of the most extensive user profiles of any internet application.

This is a partial screenshot of Poor Richard’s Facebook Profile:

The information in a Facebook User Profile is organized into numerous logical categories. Some not shown above include the user’s friends, Facebook groups to which the user belongs, and a personal library of documents and images. Other profile sections include unlimited free-form text.

Many of the profile data categories such as “Arts and Entertainment” may include unlimited numbers of “likes” or tags. These are added via an intuitive interface in which the user begins typing something such as a-r-e-t-h-a- -f-r-a-n-k… and as the user types, a list of matching tags is displayed and  continuously updated with each keystroke, showing possible matches from the Facebook database. If no match is found by the end of typing, the entered tag label is displayed as-is with a generic icon. Facebook’s database of entities in the various categories is created and maintained primarily by Facebook users who create Facebook “pages” for people, groups, companies, products, movies, authors, artists, etc.

Other social network sites have profile features not found in the Facebook User Profile. Google + adds a feature to the “friends” data category called “circles” and a homepage feature called “hangouts”. Google + users can organize friends into user-defined categories called circles that inter-operate with other Google apps, and can create live audio-video chat groups with user-defined membership. LinkedIn has additional profile data categories for resumes, cvs, and employment references, recommendations or testimonials.

In addition to users, on various social networks accounts may be created for special-interest groups, fan clubs, companies, organizations, and topic pages of all kinds. The structures of the profiles for different types of accounts on different networks vary widely.

Very limited, generic profiles are also hosted by services such as Gravatar and About.me.

Sample Gravatar profile:

OpenID Simple Registation is an extension to the OpenID Authentication protocol that allows for very light-weight profile exchange. It is designed to pass eight commonly requested pieces of information when an End User goes to register a new account with a web service.

Gravatar and OpenID SR are simple examples of what PeerPoint will call a meta-profile (a profile that can be used across multiple applications or systems).

PeerPoint requirements:

  • Digital identity, representation of a set of claims made by one digital subject about itself or another digital subject
  • Online identity, social identity that an internet user establishes in online communities and websites
  • Federated identity, assembled identity of a person’s user information, stored across multiple distinct identity management systems
  • the capability to create and maintain identity meta-profiles for users and other types of entity
  • the ability to create multiple alternate  profiles for the same entity
  • intuitive user interface for creating, customizing, and maintaining meta-profiles
  • allow the creator of any identity profile to determine where any portion of it is stored and with whom any portion of it is shared
  • capability to synchronize PeerPoint profiles with profiles in non-PeerPoint applications and systems

2. Classification (“people, places, and things”)

Different kinds of entities have different kinds of descriptions, so an important part of the identity management problem is the problem of sorting things into various categories. Sorting things into categories or classes is often called categorization or  classification. Classification systems are often called taxonomies. Examples might include the index of an encyclopedia, a library card catalog, or a glossary of internet terms.

In the case of information systems, the term ontology means “a rigorous and exhaustive organization of some knowledge domain that is usually hierarchical and contains all the relevant entities and their relations.” (tfd.com)  Wikipedia says  “An ontology renders shared vocabulary and taxonomy which models a domain with the definition of objects and/or concepts and their properties and relations. Ontologies are the structural frameworks for organizing information and are used in artificial intelligence, the Semantic Web, systems engineering, software engineering, biomedical informatics, library science, enterprise bookmarking, and information architecture as a form of knowledge representation about the world or some part of it. The creation of domain ontologies is also fundamental to the definition and use of an enterprise architecture framework.

Another related term in information systems is namespace, often used in relation to wiki structures and directory services.

In identity management, two of the main systems of categories, or taxonomies, would be categories of entities and categories of attributes. Attributes are themselves categories of values (the attribute “color” is a category of colors: red, blue, green, etc.).

Examples of high-level categories of entities might include:

  • people
  • groups
  • organizations
  • places
  • internet technologies
  • devices

Examples of very high-level categories of attributes could include:

These taxonomies become semantic web ontologies when they are defined in machine-readable protocols such as:

Linked Data

One great advantage of machine-readable ontologies is the ability to semantically link data across the web.

Linking open-data community project

The goal of the W3C Semantic Web Education and Outreach group’s Linking Open Data community project is to extend the Web with a data commons by publishing various open datasets as RDF on the Web and by setting RDF links between data items from different data sources. In October 2007, datasets consisted of over two billion RDF triples, which were interlinked by over two million RDF links. By September 2011 this had grown to 31 billion RDF triples, interlinked by around 504 million RDF links. There is also an interactive visualization of the linked data sets to browse through the cloud.

Dataset instance and class relationships

Clickable diagrams that show the individual datasets and their relationships within the DBpedia-spawned LOD cloud, as shown by the figures to the right, are:

3. Identity provisioning and discovery (directory services, including identity & directory linking, mapping, and federation)

(requirements to be determined)

No center or hub (identityblog.com)

4. Authentication (validation, verification, security token service)

(requirements to be determined)

5. Authorization (access control, role-based access control, single sign on)

(requirements to be determined)

6. Security (anonymity, vulnerabilities, risk management)

(requirements to be determined)

1. User Control and Consent:

Digital identity systems must only reveal information identifying a user with the user’s consent. (Starts here…)

2. Limited Disclosure for Limited Use

The solution which discloses the least identifying information and best limits its use is the most stable, long-term solution. (Starts here…)

3. The Law of Fewest Parties

Digital identity systems must limit disclosure of identifying information to parties having a necessary and justifiable place in a given identity relationship. (Starts here…)

4. Directed Identity

A universal identity metasystem must support both “omnidirectional” identifiers for use by public entities and “unidirectional” identifiers for private entities, thus facilitating discovery while preventing unnecessary release of correlation handles. (Starts here…)

5. Pluralism of Operators and Technologies:

A universal identity metasystem must channel and enable the interworking of multiple identity technologies run by multiple identity providers. (Starts here…)

6. Human Integration:

A unifying identity metasystem must define the human user as a component integrated through protected and unambiguous human-machine communications. (Starts here…)

7. Consistent Experience Across Contexts:

A unifying identity metasystem must provide a simple consistent experience while enabling separation of contexts through multiple operators and technologies. (Starts here…)

%d bloggers like this: