Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
This document describes the vision we have for the Higgins 2.0 PDS.
A PDS is a cloud-based service that works on behalf of you, the individual. It gives you a central point of control for personal information about a you. Things like your interests, contact information, addresses, profiles, affiliations, friends, and so on. A PDS is a place where you establish bi-directional data flows between external businesses and your PDS. Or between your friends' PDS and your PDS.
Discovery. The PDS supports a discovery API that allows the user to be discoverable by other people, organizations, apps and exchanges when the incoming inquiries meet criteria the user specifies.
Interoperability. Each PDS is a peer that can exchange personal data with other PDS peers within a distributed network operated by a multiple organizations. Each PDS would be hosted by a trusted organization that acts on behalf of the individual, or be would be self-hosted. An individual's PDS would typically include links to objects stored in a friend's PDSes. These links, taken together, form a social graph that is distributed across the PDSes.
Data Management. In some cases the data itself flows directly between the data provider and the data consumer, while in others the data flows through the PDS intermediary. In some cases the source of the data is the PDS's local storage. In cases where data flows from or through the PDS, we have the opportunity to map it into a normalized data model, provide the ability to see the data values, and in some cases be able to edit and update it.
Information from a variety of data sources (e.g. social networks, telco and health data sources) are virtually integrated by the PDS and presented in a "dashboard" application in a browser or in desktop and mobile clients. The PDS gives you control over your own information by allowing you to share selected subsets of it with other people and organizations that you trust.
- Enables the user to participate as a peer within a distributed personal data ecosystem
- Provides an online profile manager web app that provides an integrated view of the user’s data, the ability update self-asserted data, a way to manage authorizations (e.g. using something like an UMA Authorization Manager) and set policies under which 3rd parties (e.g. apps) gain access to portion of the user’s information
- Implements a Discovery API that allows the user to be discoverable by other people, organizations, apps and exchanges whose inquiries that meet user-defined criteria
- Provides an identity provider (IdP) endpoint (e.g. OpenID OP, SAML, Infocard)
- Implements two factor authentication
- Provides a run-time environment for Kynetx-like apps that run within the PDS itself
- Decrypts data from the user's personal data stores (using a local key) to allow their attributes to be managed in the PDS's dashboard UI.
Attribute Data Service
- Manages a set of locally stored contexts each of which holds a different, contextualized person object
- Provides an encrypted "lock box" in the cloud such that many kinds of data in the store that cannot be read by the ADS operator
- Backs up personal data stored on desktop and mobile devices
- Synchronizes personal data to other devices and computers owned by the person using a variety of network protocols.
- Links information from contexts to accounts (profiles) that the user has at external services providers, websites, social networking sites, etc. and over which the user has joint control and rights
3rd Party Apps
- Exchange. A kind of PDS App that is involved in creating personal data exchanges analogous to a stock exchange. An exchange itself is a platform that supports yet another layer of apps above it [this is not shown above].
- Data Refinery. A kind of PDS App that reads datasets from the PDS, refines them, and writes them back to the PDS user. The refinery process includes analytics, inferencing, segmentation, etc. Refineries generally to create higher value, more refined data from the more raw forms of data, while often also making the data sets less personally identifying.
An optional Higgins Browser Extension (HBX) can be downloaded from the portal and convert a passive browser to an "active client" that has additional capabilities:
- Data capture. Since the client is integrated with the browser it can capture information about the user (e.g. data entered into Web forms, etc.) as they browse the Web.
- Web augmentation. It can also augment the user's web experience via web augmentation (overlaying context-specific information within the browser) and automatic form filling (e.g. filling in passwords).
- Security. The client can add a measure of anti-phishing protection from malicious websites.
- Privacy. Personal data is encrypted on the client before transmission to the cloud-based personal data store using a key that is unknown to the cloud-based personal data store operator.