toggle quoted messageShow quoted text
I envision identity hubs as the digital equivalent of “The City of Atlantis”. It is the developer’s utopia where my app is both hosted for free and self-sovereign.
I am not being sarcastic. Hosted confidential storage, like an EDV, is just storage. Identity personas and apps are conceptually agents, meaning code execution as well as storage. A Solid pod, for example, has storage as well as app plugins. Depending on where and how the pod is hosted (in digital Atlantis) it might be self-sovereign or not.
My iPhone is also an identity hub. It is decidedly not self-sovereign. The app store hosts only censored code. The connectivity is anything but anonymous. My surveillance is both constant and opaque. Even so, I am “happy” to pay Apple and AT&T well over $1,000 / year for hosting my identity hub.
IMHO, taking up identity hubs in a storage workgroup may be allowed under our charter but it is overreach. Nonetheless, I am happy to engage with the working group and will approach it from the perspective of self-sovereign hosting of my persona.
As input to the discussion of [data] hub vs. the EDV sub-system [secure data} services:
I’d suggest that the expectations I’m hearing across working groups (DIF, ToIP,…) on “data hubs” is that it is a basket of distributed data services packaged as a single point of contact for an organization (about their data) that includes, but is not limited to the following:
- A collection of data exchange services which replaces customized point to point solutions for individual sources & targets
- A data exchange broker between data sources and targets that may have different schema, semantics + languages, etc.
- Provider of different data exchange types, including streaming, subscription, notifications and batch updates
- Providing industry standard interfaces to data organized for different purposes and delivered in different ways
- Raw – data lake
- (real time) raw transactions as a stream (the same feed as populates the data lake)
- Standardized transactions (common transaction schema)
- Data event notification services (e.g., value from IoT device type X over threshold Y for period Z)
- Operational data (transactions + transaction management logs) – which might use industry specific common schema
- Analytical structured data (relational. dimensional , OLAP and data mining processed)
- Standardized data exchange services, mapping/translating: data schemas, semantics, data types, formats, languages – based on the Human Colossus Foundation OCA – Overlay Capture Architecture model
Such a collection of data services is being promoted by several (not yet SSI/ZKP) offerings/solutions of “data hub” services and applications.
What differentiates that for SSI based Secured Data Services is: standards for ZKP/encryptically secured data hubs.
- From an EDV perspective (from what I have heard to in a few SDS wg meetings is), it:
- It plugs into and is accessed - directly or indirectly (e.g., via co-located direct wallet access) via data hub services.
- it is one of (and perhaps the most important) of the data sources/targets provided (transparently) to the clients using the data hub services
From: sds-wg@... [mailto:sds-wg@...] On Behalf Of Michael Herman (Trusted Digital Web)
Sent: March-10-21 7:27 PM
To: sds-wg@...; email@example.com; Credentials Community Group <public-credentials@...>
Subject: Re: [sds-wg] Reminder and Agenda for Confidential Storage Spec Call - Mar 11, 2021
RE: 3. Review ‘Division of Responsibilities between Hubs and EDVs’ list, call for objections or additions. Proposed list so far: https://hackmd.io/qClYLUPkQ7uf0r3_4O7BUQ
Dimitri and WG colleagues,
I’d like to suggest either before tomorrow’s SDS WG call or, as an early part of the call, that we establish a few things we don’t have:
- A working/workable definition of/simple litmus test for what a [Identity] Hub is?
- A working/workable definition of/simple litmus test for what an Encrypted Data Vault (EDV) is?
- That is, two definitions that clearly contrast these 2 terms.
Without the above, I believe it is difficult (impossible) to continue with agenda item #3 with any additional depth. After completing a description of the lengthy Distributed Twitter (Dewitter) app scenario, I know what an EDV is but I didn’t need and don’t expect to need anything called a Hub. I have no idea what a Hub is or if the Hub concept is even needed.
To facilitate this discussion, can someone (e.g. @DanielB) take a stab at drawing a boundary what might be considered to be an [Identity] Hub? I’ve attached the PPTX source slide as well as a rendered image (below).
Is this a reasonable request? Can we agree to precede the agenda item #3 discussion with an initial determination of these 2 definitions: EDVs and [Identity] Hubs?
1. IPR Reminder
2. Introductions and Re-Introductions
3. Review ‘Division of Responsibilities between Hubs and EDVs’ list, call for objections or additions.