User Managed Permission Interface
Issue/Topic: User Managed Permissions
Session: Thursday 1F
Conference: IIW-11 November 2-4, Mountain View, Complete Notes Page
Convener: Mark
Notes-taker(s): Joe Andrieu
Tags:
Discussion notes:
- Granularity
- Management
- Ceremony
- Android Market
- Infocards
Kynetx Data Model (KDM & PDS)
- <ID> (internal user id for tracking activity)
- <RID1> (ID unique per user per app)
- stuff1 (URL History)
- stuff2 (geolocation)
- <RID2>
- stuff3
- stuff4
- <RID1> (ID unique per user per app)
PDS (starting with XRI/XDI dictionary)
What's the boundary between KDM & PDS?
- KDM is application-limited
- PDS is available for sharing via permissioned access
So, how do we manage permissions for access to the PDS?
You can use application-specific gestures that make it obvious which permissions are granted. For example, dragging a GEO location onto a picture can be constructed to /mean/ that the subjects of the photo are permissioned to know that geolocation information.
In a link contract, the permissions define addressable entries in the graph
At a minimum, you need a gesture to indicate what is being permissioned
Voluntary Oblivious Compliance:
I have a bunch of things I can share, but I don't know the rules for sharing, e.g., corporate rules about data releases. But there is a background policy protecting the user from breaking those rules.
There may be a role for "policy" providers and a distinguishable role for automated tagging, which tags the data for use by policies.
Note: the PDS must keep track of permissions and data access /and/ the user should be given tools to view & manage their permissions based on actual basis
Groups v individual permissions in an ACL
Default verses specific versus override = inherently complex.
Must supply an "oops" button to revoke, fix, errors in permissions..