問題: Privacy

Data hub

0  

Personal data stored on user's own machine, accessed by API

YAML 想法

To keep data safe and secure, it is only stored on the user's machine. When a third party service wants some information, it requests it from the user's machine where it can be traced and attested.

chronological,


(別通知) (可選) 請,登錄

是的,但是如何設計這樣的API。例如,Tim Berners的Lee等的Solid。等正在努力實現類似目標。諸如GunJS之類的替代P2P方法正在嘗試實現基於本地存儲的分散式瀏覽器瀏覽器,但是,可以通過堆棧中提供的加密來實現隱私。另一種方法是OAuth2.0,它已經通過提供一種生成許可權令牌的方式,實現了對機器或網絡中所有類型的API的通用許可。它解決了任何互聯網用戶可能擁有的衆多資源的複雜問題。那麼,既然人們已經使用了這個想法,那麼這個想法將如何有助於解決隱私問題?這個“數據中心”實際上將如何運作?

Right, but how would such API be designed. For example, Solid by Tim Berners' Lee et. al. are trying to achieve something like that. Alternative P2P approaches, like GunJS are trying to realize something of a browser LocalStorage-based decentralized database, where, however, privacy can be achieved through encryption provided within the stack. Another approach is the OAuth2.0, that already realizes the universal permissioning on all kind of APIs within a machine or a network, by providing a way to generate permission tokens. It solves the complicated matters of a multitude of resources that any internet user may have.

So, being that people already use this idea, how would this idea contribute to the solution of the privacy problem? How would this "Data hub" actually function?


我在想一些很簡單的事情。我們在瀏覽器/手機中爲datahub註冊了一個數據處理程序:/ url鏈接URL必須包含所請求的datahub:名字,姓氏,電子郵件,dob,http:// returnaddress,然後返回地址將與該datahub中的數據進行ping通。

I'm thinking of some thing very simple.

We register a data handler in browser/mobile phone for datahub:/ url links

The URL must contain what's requested

datahub:firstname,lastname,email,dob,http://returnaddress

Then the return address gets pinged with the data from the datahub.


如果我們希望它成爲後端處理(例如公司的後端處理)的一部分,或者每當碰巧需要數據時,它們就必須成爲服務器端組件。還是中介。中介將通過VPN或零層建立連接,這是指向可以請求數據的用戶設備的鏈接。中介可以通過OAuth進行身份驗證。

If we want it to be part of backend processing, such as a corporations backend processing or whenever they happen to require the data, they will need to be a server side component. Or an intermediary.

The intermediary would have a connection over VPN or zerotier, a link to the user's device where the data can be requested.

The intermediary can be authenticated via OAuth.