The Hard Problems of Storing Identity Information

From IIW

The Hard Problems of Storing Identity Information

Tuesday 4B Convener: Muneeb Ali, Jude Nelson

Notes-taker(s): Jude Nelson

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Hard Problems:

  • Where you keep data?
  • How you keep data?
  • Who is to keep my identity data?

Identity is a subset of a user's private and public data.  These problems should motivate systems designs for storage.

  • PKI - enforces the "who" of storage
  • User-controlled storage - enforces the "how" of storage
  • jurisdictions, trust domains, admin domains - constrain the "who" and the "how" of storage; must be visible to the user and taken into consideration by the storage system.

Takeaways from the above:

The "who" and the "how" of storage is data-dependent.  Users, not the application nor the storage provider(s), are the ones who are most affected by who stores their data, and how they store it.  Storage systems of the future need to be built to let the user control both aspects of storage directly, without having to rely on the application to do so.  If we do this, then applications cannot be data silos--users would bring their own storage to the application, and the application would only be able to write to the user's storage with the user's consent.  It's worth mentioning that this is not only beneficial to the user, but also to the application--because the application no longer hosts user data, it is no longer responsible for keeping it available, and no longer needs to run extra servers to do so.

What had been missing is a scalable user-controlled storage system that can both assimilate existing storage systems into a coherent whole and give users fine-grained control over how their data is managed.  Blockstack offers a way forward on this front.  Its client-side tools implement storage drivers for existing storage services, which gives users the ability to select which storage services host data and control how they do so.  Users can authorize external parties (applications) to read their data, and revoke permission later.  We are currently accepting pull requests to add support for more drivers, and seek community feedback on how to efficiently implement storage policies that are easy for non-technical users to control