Large Scale Data Sharing made safe and simple.
As the web gets more personal some ideas spread like wild fire and others just fizzle. Things like tokenized payment systems that take many years in concept for success all it takes is one large corporation to adopt it to make it mainstream. The mobile application movement is a lot like this expanding into data sharing with concepts like menu sharing among families and friends for dinner. This can be considered by some as a sign of a new trend. Personal level sharing with select personal discrimination is natural human behavior and good design. These concepts could soon expand into all kinds of new sharing and approval applications where a document or menu is shared for short time to get an order or input, bid, or opinion. This type of sharing is cognitively natural. With these new implementations and new password less applications renders us on a new era of application design.
Looking closely, the You Create You Own (YCYO) concepts are just simplified subsets of existing data logic with a cached or isolated client. Its almost like previous designers went too far at first. keeping everything on the server and implicitly saying “trust us.” This has been clearly violated recently and there is a clearly a need for change. The blame if that could be a concept that applies here. The loss of data is clear, disturbing and very costly to society now and in the long term. So what is next, is it going to be the same excuses and lack of security?
Now the current collective task may point to pulling back with a new emphasis on the simple, the secure, the easy to implement with respect to the large scale. A gross example of this is the current password implementations with vulnerabilities at every turn from forgotten passwords to vulnerable old defunct accounts threatening the whole business process and leaving a wake of lost data. The huge cost of all this identity theft threatens the whole system of privacy. There is really no blame except maybe it was designed wrong, maybe the emphasis was on cheap untested with respect to large corporate bonuses, regardless all those important records could be and were downloaded in less than a minute.
The key here is responsibility. Natural ownership and responsibility has some unique properties ranging from the legal to general personal control. Using two concrete concepts, a remote level of indirection (multiple mappings) and validation or where the data came from or authentication. An example, A HIPPA profile with all its legal and ethical ramifications. Meaning if there is a breach the organization in question is required to tell you there was a breach and what was stolen. The information has to have a level of security or there are consequences this is all the law can specify. Yet if the information is stolen without notice the system, the law, the expense of implementation, is a joke. To change a complex system like this requires even more time and expense. Markets and people can only handle massive changes this so many times before rebellion. Then people will revolt. Lets all revolt.
In the You Create You Own (YCYO) storage pattern/scenario if someone creates an object that they own there is an implicit level of trust. If the owner/patient can share information securely with only the doctors that need it. The doctor has his ability to add results of tests, thoughts and communications. Luckily the world is changing. Emerging are new web authentication methods like SQRL and others which require a simple registration and decentralized client authorization and validation schemes within a browser and mobile applications. This may trigger a new computing realm where personal data is managed by the person that owns it.
With the current social legal ramifications of personal information storage and management security may eventually lead to better more distributed designs where the keys are not all in one place and distributed preventing massive data loss. With smarter faster computing clients along with secure local storage keeping a unique object secure is trivial an inexpensive. Also linking important objects to other objects along with a private object cache that is used to modify, delete and associate with other objects is very trivial with the phat client. To be useable the objects have to be transferable to a new device, sharable with others and associated with other objects in a personal way.
These new potential client designs are robust mature and ready for large scale effort and contain an exciting possibilities for large data and personal security with a long term legal view. One aspect of personal secured objects is natural limiting, as a group one person can only use a limited set of objects over time. There is also only so many distributed devices can be accessed over a set time. In contrast to a server where all personal objects can be accessed and completely downloaded in a few minutes. This new concept is worthy based on this alone. Making a lifetime of work in the future what can be now done in minutes.
Also a business may want to use a set of objects to provide and procure business revenue. Therefore, a family or organization can own only what they need to accomplish the task at hand. This may be to place and order, order the same order again, or pay a purchase order, make a deposit, order the company lunch or ask for attendance at a meeting. All of these examples have a wonderful natural pattern. Create, use, share and archive. Each of these object events can contain a final event like the food was delivered the order fulfilled and money was paid the meeting adjourned. They also contain a linked chain of command as in a parents controlling a siblings behavior online and else where. Maybe something that matches the current laws would be more appropriate to everyone.
A simple analogy may lie in a concept is similar to a personal password manager that grows up into a personal information and sharing manager with realtime notification and events. Something that can control what was shared with whom and what was changed or added. Then when the sibling turns 18 they are in control of their own profile. As gross and potentially scary as it is we know the current system is not working. Even with the ability of an information manager to remain flexible there is a time and date stamp on the event or decision. Each new rewrite or change of our personal information systems will migrate to something. Who would not want to simplify things and and make them more legally and physically secure.
Conclusions: The future fight is to rally for the personal security manager and global standards to support it. This may be baby steps to take back personal security and the internet so expect a fight. A personal dynamic cryptographic, easy to use and change information safe that helps everyone manage personal information is technically real. There are forces that doe not want this type of personal control. We all need to learn to use our personal data responsibly on a mass level for this to work and we have the right to know when our data is being used sold exchanged or manipulated. The internet was created and maintained by people for people lets use it responsibly.
Multilingual Secure personal information manager that is supported by laws and standards.
World Wide secure personal information standards, devices and open source software.
A publicly funded international organization that lobbies for personal information security.
Clear and appropriate uses of peoples information, contacts and meta data.
In a recent search there is nothing but scattered pieces of hope.
Recent events by government and business reveal by example how much they collectively respect and are able to protect the American Public and its most precious commodity its people, their time and future. More and more it feels like pawns in a game without rules. This seems impossible yet we have done impossible before. Thank you for your time.