Difference between revisions of "Jta-trust"

From IVP Wiki
(First step -- the trust and identity network)
Line 12: Line 12:
 
   
 
   
 
===IDENTITY===
 
===IDENTITY===
When the TCP/IP protocol was developed, the network was designed to assign an IP number to a given machine on the network. In order to get on the network, you just had to be able to do so through a connected machine. And so that meant other users of the network were also just machine "nodes." You could know positively what machine you were connected to, but not WHO you were connected to.  There have been many "hacks" for this, too, the principal one being user name/passwords, which is great but not perfect.  Identity can best be verified in a trust environment (see trust, above) where there is an ongoing relationship with some entity that will certify to the network that you are who you say you are. That's why organizations that have long term, financial relationships with people (such as banks or newspapers with subscribers and the like) are in the best position to help certify identity.  
+
When the TCP/IP protocol was developed, the network was designed to assign an IP number to a given machine on the network. In order to get on the network, you just had to be able to do so through a connected machine. And so that meant other users of the network were also just machine "nodes." You could know positively what machine you were connected to, but not WHO you were connected to.  There have been many "hacks" for this, too, the principal one being user name/passwords, which is great but not perfect.  Identity can best be verified in a trust environment (see trust, above) where there is an ongoing relationship with some entity that will certify to the network that you are who you say you are such as in [http://www.superiorpapers.com/ research papers]. That's why organizations that have long term, financial relationships with people (such as banks or newspapers with subscribers and the like) are in the best position to help certify identity.  
 
   
 
   
 
===COMMERCE===
 
===COMMERCE===

Revision as of 21:00, 25 May 2010

Trust, identity and commerce -- inseparable building blocks of a free market for digital information

By Bill Densmore

The Journalism (or Information) Trust Association brings together three vital threads. Unless they are woven together, the Internet will fail to embody the best relationships of the physical world.

TRUST

The basic building block of human and business relationships. Without it, commerce is not possible because people/companies will face uncertainty. Trust can be direct (one-to-one) or proxied. Most of our trust relationships are proxied, and they are generally based upon historical knowledge. The basic Internet does not support trust because connections (relationships) can be "stateless" and ephemeral. There have been many "hacks" to overcome this (such as website Secure Certificates), but the core problem evolves from the fact that interactions are via a wire or wireless, not in person.

IDENTITY

When the TCP/IP protocol was developed, the network was designed to assign an IP number to a given machine on the network. In order to get on the network, you just had to be able to do so through a connected machine. And so that meant other users of the network were also just machine "nodes." You could know positively what machine you were connected to, but not WHO you were connected to. There have been many "hacks" for this, too, the principal one being user name/passwords, which is great but not perfect. Identity can best be verified in a trust environment (see trust, above) where there is an ongoing relationship with some entity that will certify to the network that you are who you say you are such as in research papers. That's why organizations that have long term, financial relationships with people (such as banks or newspapers with subscribers and the like) are in the best position to help certify identity.

COMMERCE

We think of commerce as involving money. But there are other forms of commerce. You can trade on your reputation. You can barter your privacy. But unless trust and a method of assuring identity are present, you are at risk of having your money, your reputation or your privacy misappropriated without your knowledge or consent. So large-scale digital information commerce is impossible outside of a service or services which provide for trust and identity management.

The "sale of content" -- not

I am among people who have been urging news organizations to think of themselves as service organizations, not manufacturers. Selling stories is like selling widgets, except that stories are perfectly replicable (copy and paste) at zero cost and physical widgets are not. So "protecting content" becomes a very, very hard problem. Better, I think, to conveniently provide trustworthy, newsworthy information wrapped within a service which can be differentiated. The service, thus, becomes the "widget" that is not easily copied.

One way to create the non-copiable service is to deliver it to a group of trusted, identifable users. Because then when one of those users misappropriates the service -- or copies a story -- it becomes easlier to sanction them in some fashion. Making an analogy to blog comments -- when you sign your name to a content, you take ownership of it and you can be called out for what you write. Pseudonymous comments leave little basis for assigning trust, or accountability.

First step -- the trust and identity network

So, the first step to enabling digital information commerce on the web is to create a trust and identity network. Apple has done this in a very proprietary way with the iTunes store. But it is opaque to the rest of us. Apple knows who I am when I buy a song, but they aren't sharing that trust relationship with anyone else (not that I'm sure I would want them to, in any case). Facebook conveys a certain degree of trust that you are who you say you are, based on experience (others look at your page, interact with you, could they all be dealing with an imposter?) But Facebook doesn't have your credit card, as Apple does, and so there is no possibility of financial trust there.

The flaw in the Apple model is that it is only Apple. What's needed is a trust and identity network that is open to a plurality of trust providers -- lets call them "Information Valets"! -- so that a consumer user has broad choice of terms and conditions for managing trust, identity and commerce. This will ensure a free market for digital information.


RETURN TO TOPIC HOME PAGE