 |
|
The Social Web: Creating An Open Social Network with XDI
Drummond Reed, Marc Le Maitre, Bill Barnhill, Owen Davis, and Fen Labalme
New open standards introduce long-term, trusted links between people, groups, and bits over the Net.
[continued from The Social Web: Creating An Open Social Network with XDI, page 1]
III. SOCIAL WEB INFRASTRUCTURE
Having covered the basic building blocks of XDI, now let's look at how they can be used to create the underlying infrastructure of the Social Web.
A Banking System for Data
Perhaps the best analog for the Social Web is the worldwide banking and credit card system. This infrastructure has evolved over centuries to facilitate the global exchange of a very sensitive form of data—money. Thus it has had to address the same issues of security, privacy, and trust as the Social Web.
Figure 5 is a simple conceptual diagram of the major elements of modern banking and credit card infrastructure:
Figure 5: The major elements of the global banking and credit card system
What Figure 5 illustrates is a globally distributed network in which every end-user (person or organization) is represented by an account at a participating service provider (bank). The banks in turn are members of different industry associations (such as the credit card associations), and are ultimately identified by their registration in various different national reserve systems.
It is a classic example of many members cooperating to establish a common infrastructure that connects them all (the national reserve systems and the credit card associations), while pushing as much functionality and differentiation as close as possible to the retail service providers and their customers (the banks and their account holders.)
When looked at from this perspective, there is actually a strong resemblance to the World Wide Web architecture, as shown in Figure 6.
Figure 6: The major elements of World Wide Web as a distributed global network
In this case, the "representative" of each person and organization on the Web is their personal or organizational website. These sites are run on Web hosts (physical network servers which, unlike the banking system, may be run by the end-customers themselves.) Associations of websites and Web hosting companies, such as Truste[15] and BBB Online[16], have evolved to address various privacy, security, and trust issues. Ultimately all of these entities are identified via registrations in the global DNS (Domain Name Service) and IP (Internet Protocol) registries governed by ICANN (Internet Corporation for Assigned Names and Numbers).[17]
Because the Social Web represents a crossing of the trust requirements of the global banking system with the technical requirements of the World Wide Web, it is no surprise that it will follow the same pattern, as shown in Figure 7.
Figure 7: The major elements of Social Web infrastructure follow the same pattern
Each element of this infrastructure is a fascinating blend of similar functionality found in both the global banking system and the Web, as described in the sections below.
Personal and Organizational Accounts
To transact funds in the global banking system, you first need a bank account. To publish a World Wide Web site, you first need a network account (either with a third-party service provider, or on your own network server). To share data on the Social Web, you first need a data sharing account—a way to publish your own data and subscribe (link) to data from contacts in your social or business network.
Just as there are personal and organizational bank accounts, and personal and organizational websites, there will be personal and organizational data sharing accounts. In fact the XRI specifications for i-names and i-numbers distinguishes between these by using different global context symbol characters (the "=" sign for personal XRIs and the "@" sign for organizational XRIs).
So who will host these new data sharing accounts? That's the role of i-brokers.
I-Brokers
I-brokers are the "bankers" of the Social Web. They host the accounts people and organizations use for sharing data the same way real-world banks host accounts for exchanging funds. And just as banks offer a wide range of financial services associated with your account, i-brokers will offer a wide range of data sharing applications (see the next section, Social Web Applications.)
Will individuals use just one i-broker for all their data? Probably not. Just as people use different banking and brokerage accounts for different financial services, they are likely to use multiple i-brokers for sharing different sets of data (personal, financial, medical, vocational, etc.) However with XDI link contracts, an account holder can choose to link all of their i-broker accounts, or just selected accounts, or none at all—just the way a website author determines which pages on the site link to the home page.
What types of service providers will become i-brokers for the Social Web? Clearly those in a natural first position are the social networking sites. They already offer accounts for sharing personal data and forming links with other members.[18] The social network Neosociety has already incorporated support for i-names[19] as has the PlaNetwork collaborative wiki at Blue Oxen Associates.[20] And the developers of San Francisco-based Living Directory are creating a new XDI i-brokering service called 2idi.
Once XDI software becomes widely available, many other types of service providers will be in a position offer i-brokering services, including ISPs (Internet Service Providers), ASPs (Application Service Providers), banks, insurance companies, wired and wireless phone companies, e-commerce sites, portals, etc.
As with email and Web hosting, some i-brokers will specialize in services for personal account holders, some will concentrate on the business and government market, and some will be full-service brokers handling all types of accounts. In all cases, the sensitivity of the data involved will demand of i-brokers the same high standards of accountability and trust demanded today in the global banking system. The challenge is how to do this without resorting to the same type of governmental regulatory infrastructure that's taken hundreds of years to evolve.
Trust Federations
Although most Internet infrastructure has been developed through community cooper-ation and self-governance, in fact the best precedent here may actually come from the banking system. In the late 1960s, banks were struggling to get consumers and merchants to adopt credit cards. The advantages in terms of electronic funds transfer were clear. But the system was marred by the lack of a common infrastructure for credit card transaction clearing.
The emergence of Visa, MasterCard, and other global credit card associations in less than a decade demonstrates how quickly such problems can be solved by cooperation. These associations addressed the twin problems of technical interoperability and business interoperability—the former through common technical specifications and the latter through common trust agreements.
On the Social Web, XDI and other open standard identity and data sharing protocols can handle the problem of technical interoperability. But the challenge of business interoperability requires a new type of cooperative association similar to a credit card association. Called a trust federation, it is alliance of i-brokers and their customers who agree to abide by a common set of agreements in the care and handling of customer data.
Identity Commons is the first trust federation implementing i-names, i-numbers, and XDI. Its initial membership is civil society organizations (non-profits, NGOs, foundations, etc.) and their service providers who wish to promote cooperation through inter-community data sharing. For more information see the Identity Commons website at http://www.idcommons.net.
Other XDI trust federations are expected to evolve in specific industries including telecom, financial services, and healthcare. They may also develop along geopolitical guidelines or in ways that can't be predicted from earlier social forms. XRI and XDI are flexible enough to enable trusted data sharing among any type of organizational structure, trust network, or governance model.
Global Registries
The ultimate backbone of a globally distributed network is a globally distributed addressing system. As described above, for banking this is provided by the national reserve systems, and for the Web it is provided by the DNS and IP registries overseen by ICANN. For the Social Web, it is XRI registries. These fall into two categories: 1) those set up to operate on a peer-to-peer basis using XRI cross-references, and 2) those set up to serve the general public using XRI global context symbols.
The former may emerge spontaneously in any peer-to-peer data sharing context. The latter are overseen by an international non-profit called XDI.ORG.[21] The mission of XDI.ORG is to provide community-based governance for the XRI global context registry and XDI data sharing services necessary to support an open, interoperable XRI/XDI infrastructure.
Just as ICANN evolved out of the need for community-based global DNS and IP governance, XDI.ORG evolved out of the need for community-based global XRI governance. However ICANN had significant early challenges in developing a representative model because it was retrofitted onto already-operating infrastructure. In this respect XDI.ORG enjoys three advantages:
* The ability to start fresh with a new layer of infrastructure.
* The authority to govern this infrastructure by virtue of holding the intellectual property rights covering the underlying technology as a public trust.[22]
* The mandate (specified in its intellectual property rights license) to be governed according to a fully open, transparent, representative community process.[23]
XDI.ORG acquired the intellectual property rights to the underlying dataweb technology from Cordance Corporation in July 2000 and subsequently contributed these rights to OASIS to form the basis for the XRI and XDI specifications. With the emergence of these specifications during 2004, the next task is for XDI.ORG to oversee setting the technical and operational standards for XRI global context registry services and global service providers. Cordance is the first such provider,[24] and will begin offering a test program of global i-name and i-number registry services in conjunction with Identity Commons in August 2004.[25]
As the emergence of XDI infrastructure begins to attract different constituencies with a stake in its governance, XDI.ORG will work with these constituencies to develop a long-term membership and governance model. For more information please visit http://www.xdi.org. (See also Social Web Governance, below.)
Dataweb Dictionaries
One other major element of Social Web infrastructure has no direct precedent in global banking or Web infrastructure. The reason is that these systems are based on the exchange of a well-defined set of data—currency in the first case and HTML pages in the latter.
The purpose of XDI, however, is to enable the automated interchange of any type of data, much the way human languages enable the discussion of any type of subject. To do so across many different XDI communities requires the same vocabulary-sharing tool used by human languages: dictionaries. A Dataweb dictionary is simply a collection of Dataweb pages used to define and describe the XDI data that can be shared by subscribers to that dictionary.
Yet because they are entirely written in XML, Dataweb dictionaries can be much more powerful than their paper equivalents. They can be crawled by new "dictionary spiders" to automatically build maps between concepts and taxonomies used across multiple communities. In this way Dataweb dictionaries can also grow and evolve much faster than conventional dictionaries. Like today's Web search engines, they will be constantly monitoring the population of Dataweb pages to which they have access, creating a dynamic map of the evolving vocabulary of the Social Web.
IV. SOCIAL WEB APPLICATIONS
Just as the emergence of credit cards led to a plethora of new telephone and mail order shopping businesses, and the emergence of the Web led to the development of shopping carts, auction sites, advertising networks, content delivery networks, wikiwebs, etc., the emergence of the Social Web will bring new applications that are only possible with a trusted data sharing protocol. The following is an overview of some of these applications.
Personal Contact Gateways
Phone numbers and email addresses, for all their convenience, make it all too easy for those who want to steal our time and attention. The first and likely most common Social Web application will be the personal contact gateway: a simple way to give every i-name owner privacy control over the use of their address.
Figure 8: I-names provide a personal contact gateway, stopping spam at its very source
The gateway (typically a Web form) is hosted by your i-broker. When a request from an unrecognized contact is received, the gateway page can apply the same type of filtering and qualification tests performed by social networking sites today, such as:
* Validate that the request is from a real human being (a test used by many websites today to stop spam robots).
* Verify the requestor's email address (by sending an email to which they must reply).
* Confirm the requestor is a member of a trust federation.
* Confirm whether the requestor was referred by a friend or colleague.
Although contact gateways will not put an immediate stop to spam, they will put a stop to the harvesting of email addresses by spammers, as it will no longer be necessary to post an email address directly online. When paired with trust filters (below), they spell the beginning of the end of the era of spam.
Trust Filters
Imagine if your bank account received as many spurious requests for funds transfers as your email inbox receives spurious marketing requests today. The entire banking system would collapse. Many are warning that Internet email infrastructure is in similar danger as spam mounts to nearly half of all Internet email traffic.[26]
It has been widely acknowledged that the solution is a simple, standard form of email sender authentication, such as proposed by Yahoo's Domain Keys[27], Microsoft's Caller ID for Email[28], or the open source Sender Policy Framework[29]. However the challenge of sender authentication has never been primarily technical—it has always been the chicken-and-egg problem of adoption. Sender authentication-based trust filters are not effective until they are in widespread use, yet spam prevention alone has not been enough to spur adoption.
The emergence of Social Web infrastructure can finally solve this problem. The numerous benefits of i-names/i-numbers and XDI can turn automated identity authentication into as standard a feature of Internet infrastructure as DHCP (Dynamic Host Configuration Protocol)[30]. Furthermore, the development of global trust federations can provide the real-world accountability necessary to make it as difficult to spoof an authenticated email sender as it is to spoof a banking transaction.
Intelligent Email Management
Besides eliminating unwanted email, the Social Web can also make it much easier to manage the email you do want. XDI headers and link contracts provide a powerful new way to filter and respond to incoming messages. Instead of filtering based on standard email headers or content analysis, intelligent XDI filters can process XDI headers using the associated XDI link contract(s) to perform much more intelligent message pre-processing, including:
* Organizing all messages and attachments by thread (subject line) with 100% accuracy.
* Sorting messages and performing context-sensitive user notification based on preferences and priorities assigned to the associated link contract.
* Automatically forwarding or distributing messages among XDI auto-groups (see below).
* Archiving messages based on preferences of the associated XDI link contract.
Auto-Address Books and Auto-Calendars
Personal contact and calendar managers like MS Outlook are now standard business productivity applications. Some are used standalone by individuals. Others are linked into groupware systems such as Lotus Domino, MS Exchange, or Yahoo Business Services, where data sharing operations can be automated between account holders in the same system.[31]
Yet until XDI there has been no way to share groupware data across systems. With an XDI interface, any groupware system (client-side or server-side) can automatically exchange contact or calendaring data with any other XDI system the same way any web browser can talk to any web server. Establishing new contacts or scheduling meetings between users or groups anywhere on the Web can become as simple as sending an XDI message.
This capability is especially powerful when it comes to global address changes. For example, when an individual moves, changes jobs, or changes ISPs, just one change to their contact data at their personal i-broker can generate a global XDI change-of-address message across all applicable link contracts (family, friends, business contacts, utilities, stores, websites, etc.)
Likewise the business card exchange of the future may be no more than entering a single i-name into your local address book (or beaming it across Bluetooth), and then letting your i-broker establish bi-directional link contracts for the desired XDI business card(s) you wish to share. You and your contact can now keep those cards automatically synchronized for as long as you both want to keep the relationship—no matter how often you move or change jobs.
Auto-Registration, Auto-Login, & Auto-Personalization
Another frequent Web user experience is manually registering, signing on, or personalizing an account at a website. This task exists today because there is no standard for automated, privacy-protected personal data interchange. XDI-enabled websites will make this type of manual data entry as obsolete as manual typewriters. On the Social Web, users will be able to:
* Register at a new website by clicking once on an XDI auto-registration button (and optionally approving the registration data requested by the site). Privacy negotiation can be handled automatically by the user's i-broker (see below).
* Zero-click automatic login at any previously-registered website unless your user preference is to remain anonymous (in which case you can manually login with one-click on a XDI auto-login button when you need to.)
* Automatically personalize any site that supports XDI (unless your user preference is not to share personalization data.)
Furthermore, with i-brokers, none of these features will be constrained to working with only a single device (desktop, laptop, PDA, cell phone, etc.). All of a user's XDI-enabled devices will be able to synchronize new links and link contracts via the user's personal or business i-broker(s). Users can even completely customize a new device within minutes just by logging it into their i-broker and selecting their XDI configuration preferences.
Websites, for their part, will enjoy both high trust relationships and high-quality, always-fresh customer data without the need to worry about constant data "cleansing."
Auto-Privacy Negotiation & Digital Identity Theft Protection
One of the largest concerns regarding sharing personal data over the Internet today is privacy. How can a user be assured that, once shared, his or her personal data will only be used according to the user's preferences?
Much progress has been made with the development of machine-readable privacy policies and privacy preference agents based on the World Wide Web Consortium's Platform for Privacy Preferences (P3P) protocol.[32] XDI takes privacy management to the next level: any time a user needs to register or share data with a website, the site can automatically negotiate privacy preferences with the user's i-broker.
This is a win for both users and sites. Users can have a simple, standard way to track and update data sharing permissions, and sites have a standard way of recording and monitoring user privacy preferences. Furthermore, both gain the benefit of automated XDI synchronization to keep sites updated with any changes to the user's contact, preference, and other personal information.
The Social Web can also provide powerful new solutions for digital identity theft protection. For example, by using reverse-authentication whenever changes are requested to a user's XDI account[33], i-brokers can make it much easier to ensure that only authorized account holders have access to the account.
Auto-Forms & One-Click Transactions
Besides basic account and relationship management, XDI can support the exchange of any data necessary to automate a transaction, from a simple e-commerce purchase to an entire online mortgage application. All it requires is for the merchant to create an XDI link contract describing the requested XDI data along the security, privacy, synchronization, and other terms governing its use.
This means "one-click" automated purchasing can now be available at any XDI-enable site, even one that does not use the user's native language (provided a Dataweb dictionary can do the necessary mapping between XDI data elements.)
Auto-Lists and Auto-Groups
Many of the capabilities discussed above will simplify and improve a user's current online experience. But the most exciting applications of the Social Web will be those that are simply not possible without it, just like online shopping carts, auction sites, and search engines were not possible without the Web.
One of these is "auto-groups," or real-time automated group formation. As Reed's Law posits, group formation is of particularly high value to communities of all kinds. The faster new groups can be formed to reflect new initiatives, new teams, new projects, or new partners—and the more efficiently they can be managed—the greater the benefits to everyone involved.
The closest thing to auto-group formation on the Internet today is the act of sending an email message to multiple recipients. However anything more than this, such as creating an email list server or setting up a wikiweb site, requires tedious interaction with an external server (or an even longer wait for an email or web administrator.)
And that's just the first step in group coordination. To go beyond discussion to action requires adding other collaboration tools like calendaring systems, file sharing systems, instant messaging systems, etc. Each of these has its attendant setup time and cost, increasing the effective overall friction of new group formation.
XDI can overcome the tedious steps involved with creating and provisioning new groups no matter how many companies, organizations, or communities are involved. All it required is an i-name and/or i-number for the group and an XDI link contract defining membership. Depending on the capabilities of the host i-broker(s), all the XDI automated data sharing features and functions described in this section can be available to the group immediately. And every group member can use their own i-broker account to simplify and manage all their group memberships and preferences.
Furthermore, auto-groups can scale to any size project. New groups can be formed alongside or nested within existing groups, and groups can be linked across multiple XDI communities. XDI group management can be delegated as necessary using link contracts, so it can support any model of centralized or decentralized decision making.
Social Search
Another breakthrough XDI application will be "social search"—searches that require sensitive permission, relationship, reputation, and other trust metadata not available to today's search engines. Dating and job hunting are the two most common examples today, so it's no surprise these are the first applications offered by many social networking sites. However they represent only the tip of the social search iceberg. Other examples of social search include:
* Searching for a particular skill set across a network of volunteers who make their skills experience available to NGOs and non-profits for particular projects.
* Searching for grants or funding for a project that has already obtained endorsements from experts in a certain field.
* Searching for people who have long-term experience with a particular make, model, or brand of product and are not affiliated with the manufacturer or resellers.
* Searching for merchants in a particular neighborhood that are recommended directly by community residents.
* Searching for a particular antique across vendors that offer a strong guarantee of authenticity.
Many more examples of the power of social search are discussed in "The Augmented Social Network" and the work of other social networking pioneers including Vladis Krebs, developer of InFlow social network analysis software.[34]
Reputation Networks
Imagine a Google where the page rankings reflect trusted community feedback about the quality of the information and the links. The service would be invaluable. Such is the power of XDI reputation networks, where such rating and evaluation information is gathered via authenticated XDI link contracts that ensure its security and integrity.
Although a full exploration of this topic beyond the scope of this paper, work such as OpenPrivacy's Reputation Capital Exchange (which enables users to carry some or all of one's accumulated reputation or social capital from one site to another)[35] and eBay's Feedback Forum[36] show that reputation networks can help people and organizations select products, services, vendors, suppliers, and partners faster and more intelligently. They can also become powerful new forces shaping the evolution of both civic and commercial organizations and markets.
[Continued on next page...]
Footnotes
[15] See http://www.truste.org.
[16] See http://www.bbbonline.org.
[17] See http://www.icann.org.
[18] See http://www.livingdirectory.net.
[19] See http://www.livingdirectory.net.
[20] See http://planetwork.blueoxen.net.
[21] XDI.ORG began in July 2000 as XNSORG. It changed its name when the technical standards evolved from XNS to XDI.
[22] See the XDI.ORG Intellectual Property Rights Agreement at http://www.xdi.org/licenses-and-agreements.html.
[23] Ibid.
[24] See http://www.cordance.net.
[25] See http://www.idcommons.net.
[26] http://www.ecommercetimes.com/story/32478.html.
[27] See http://antispam.yahoo.com/domainkeys.
[28] See http://www.microsoft.com/mscorp/twc/privacy/spam_callerid.mspx.
[29] See http://spf.pobox.com.
[30] The protocol used to automatically obtain an IP address and DNS server when you boot up a computer on a TCP/IP network.
[31] For more details, see the OASIS XDI Technical Committee white paper "The Dataweb: An Introduction to XDI," at http://www.oasis-open.org/committees/download.php/ 6434/wd-xdi-intro-white-paper-2004-04-12.pdf.
[32] See the W3C P3P home page at http://www.w3.org/P3P.
[33] Reverse authentication is when a service provider contacts you at a known address to confirm your identity, such as when a website sends you an email to authenticate your email address.
[34] See http://www.orgnet.com.
[35] See "Enhancing the Internet with Reputations" at http://www.openprivacy.org/papers/200103-white.html.
[36] See http://pages.ebay.com/services/forum/feedback.html.
|
