|
|
|
|
|
|
Talisman: Distributed Private Accounts
|
|
|
|
| Current systems and applications generally make the assumption that they "own" their users. This is evinced by the expectation that users must create new accounts, with new names and new passwords, at every Website they visit. The presumption made by this technology is that these user accounts are separate and distinct -- that the data in that account is "owned" by the Website that does the gathering. Talisman is a new system, similar in intent to Microsoft Passport (but diametrically opposed in design), that returns ownership of accounts to users, enabling all the privacy and maintenance benefits afforded. |
|
|
|
| To assist in describing how Talisman will assist the various actors on the world stage, those actors are defined below: |
|
>
|
Users are people that use or administer the system; be they corporate employees, government workers, or average consumers. |
|
>
|
Services, offered by service providers, are electronically assisted activities that provide some sort of useful benefit to users. Services may be commercial, public, or private in nature. For example, some potential services might be e-commerce websites, medical patient databases, financial institutions, university student records, or even police surveillance points. Services are generally accessible over the Internet via the World Wide Web (WWW), but can also include wireless access, public “point of purchase” terminals, or virtually any electronic networked device. |
|
>
|
Realms are groups of services and related data that perform a coherent, real-world function for users. Each realm is represented by a realm provider. Realm providers are tasked with gaining the support of the services covered by the realm, arbitrating and publishing standards to represent data relevant to the realm, and defining the default rules that regulate how services use that data. Realm providers are expected to be non-profit organizations, like the World Wide Web Consortium (W3C) or Recording Industry Association of America (RIAA), organized as consortiums between industry leaders to define data standards and default usage policies for that industry. Realm providers “certify” services within their realms to guarantee particular levels of security, adherence to privacy policies, legitimacy, etc. Just like the Food and Drug Administration (FDA) certifies foods as safe to eat, realm providers certify services as safe to use. |
|
>
|
Accounts are simply data records that describe users. Each user would own and maintain one or more accounts, spread across one or more account providers. Account providers are simply service providers that also host accounts on behalf of users – account providers might also offer any number of other services. Over time, however, it is likely that account providers would specialize to provide competitive account management capabilities, opting to not offer other services. |
|
>
|
Account profiles, also known as data standards or schemas, are simply the standardized data representations defined and published by realm providers. Service and account providers that want to share information do so through the relevant account profiles. |
|
>
|
Storage providers are service providers that provide no direct end-user functionality, and instead specialize in maintaining very strong storage infrastructures. Storage providers compete based on security and reliability guarantees, performance, and cost. |
|
|
|
| Each actor is expected to perform a number of tasks within Talisman. These tasks are outlined below: |
|
[38 children...] |
|
|