From Resource Control to Digital Trust with User-Managed Access
Author: Wouter Termont, Ruben Dedecker, Wout Slabbinck, Beatriz Esteves, Ben De Meester, and Ruben Verborgh, SolidLab, IDLab, Ghent University – imec
The User-Managed Access (UMA) extension to OAuth 2.0 is a promising candidate for increasing Digital Trust in personal data ecosystems like Solid. With minor modifications, it can achieve many requirements regarding usage control and transaction contextualization, even though additional specification is needed to address delegation of control and retraction of usage policies.
Read the full paper here.
No more raw data: trust envelopes enable responsible data reuse
Author: Ruben Verborgh, SolidLab, Ghent University – imec
Data without context is meaningless; data without trust is useless. 2017-12-18 is nothing but a string—until it becomes a birthdate, a wedding, or the moment a security camera registered you. Handling such highly personal data requires trust. When your personal data is shared with someone, you must be able to trust that they will only use it in the way you agreed to. When someone receives your data, they must be able to trust that it is correct and that they are allowed to use it for the intended purpose. Auditors need to be able to challenge and verify this trust relationship, for example under GDPR. These everyday scenarios highlight that data ecosystems need trust as an integral part of their DNA. Unfortunately, trust is not baked into our data interfaces today: they only provide access to the raw data, disregarding the context that is crucial to its correct treatment. We need to standardize interfaces that carry data in a trust envelope, which encapsulates usage policies and provenance to ensure that data can flow in more responsible ways. In this blog post, I explore how this can work, and why they are a necessary change in the way we exchange personal and other data.
End-user identity in Solid: the interoperability problem space
Author: Ruben Verborgh, SolidLab, Ghent University – imec
The Solid ecosystem uses a decentralized mechanism of WebIDs to identify agents and to manage their access control. As the number of participants in the ecosystem increases, the question of how to manage a multitude and variety of WebIDs becomes increasingly pressing. To this end, we performed an assessment of the current state of end-user identity and the demands going forward. This document examines the interoperability angle for personal identity within Solid, providing strict technical as well as looser interpretations of the WebID concept, building upon these to outline the problem space as well as directions for solutions. We discuss the necessity of a shared understanding, and describe challenges including anonymity and pseudonymity, extending the identifier space, and disambiguating different WebIDs and identity providers pertaining to the same end-users. We thereby provide a blueprint for the work needed to mature the Solid ecosystem with regard to identity.