Essentials:
   Overview
   White Paper
   News
   License

Technical:
   Reputations
   Requirements
   Platform

Projects:
   Talon
   Sierra
   Reptile (SCDS)
   User Content License

Resources:
   Definitions
   Background
   Bibliography

Credits:
   Acknowledgements
   Founders

OpenPrivacy.org

Definitions

  • Reference: A pointer to an entity (generally a URI, often a URL). Examples include a physical or virtual object, place, person, pseudonym, web page or site, opinion, reputation, bias, profile, and reputation calculation engine.
  • Nym: Short for "pseudonym," a nym is a fictitious name that can refer to an entity without using any of its directly identifiable characteristics, such as name, location, etc. OpenPrivacy uses public-key pairs to represent a nym, with the owner having sole access to the private part and the public part being published to at least one external party. A long-lived nym is useful in that it allows for trust (or "reputation") to accumulate over time and usage. Often, we refer to the public key as the "nym," as it is how the entity is know in the outside world.
  • Principal: An identifiable, pseudonymous, or anonymous entity. A principal can be uniquely referenced by its public key. Any static entity that can be referenced can in theory be a principal, the only requirement being that it can store a private key and perform signature operations.
  • Opinion: A unique description of something (pointed to by a reference). Uniqueness is satisfied by attaching a hash, generally created from the pricipal's signature, to the opinion such that no two opinions are exactly the same. An opinion may be clearly subjective (as in "openssl is a good cryptography package") or appear as a statement (as in "I live in San Francisco," where the reference is "San Francisco" and the description is "where I live").
  • Reputation: A value that represents the collective opinion of some reference. A reputation is really just another name for an Opinion, as it is the calculated opinion of a Reference by the issuing Reputation Calculation Engine. Reputations are ephemeral, and the weight applied to an Opinion representing the reputation of some Reference is subjectively applied by the end user (person or program) that requests it. As Principals add their Opinion to a Reference, it accrues (positive or negative) reputation capital that has several useful properties:
    Secure
    Reputations cannot be subverted, and the source of reputation assertions can always be traced. This provides non-repudiation as well as the mechanism with which to decide which reputation information to trust.
    Transitive
    Reputations are transitive (within the constraints of a well-defined domain). For example, if A trusts B as a source of local news, and B trusts C for local news, then it could be determined that A trusts C for local news.
  • Bias: While reputations generally reflect the sum of many opinions of a single reference, a bias is an accumulation of opinions that represent the views of a single principal. Biases may be divided by area or type of reference (such as groups of political or demographically descriptive opinions). A RCE uses one or more Bias collections in the couse of its calculations.
  • Offer Template: A set of seemingly disparate opinions can be grouped together (in a bias-like structure) for the purpose of finding best matches in a universe of unconnected data. A reputation service that receives an offer template may advertise prizes for parent nyms that can validate ownership of a subset of the template.
  • Profile: A collection of pseudonymous opinions (also in a bias-like structure) that an entity claims that it can prove belong to a single (parent) entity. (The proof itself is called validation.)
  • Agent: Any individual, organization or electronic entity that creates, filters, gathers and/or publishes reputation data. Doing so enables entrance into the OpenPrivacy system for purposes of joining the anonymous demographics marketplace. Agents have an internal state and can initiate communications with peers when set conditions are met.
  • OpenPrivacy Agents inter-communicate using "Profile Reputation Objects," based on the XMLDsig standard, providing a secure, capability-based environment for information sharing. They form a peer-to-peer network and may simultaneously function as a client (or "Primary Agent") for a local user and as a server (or "Secondary Agent") providing reputation and potentially other services ("facilities") for remote agents.

  • User: An end point of communications. Also, an intelligent agent (e.g., a human).
  • Reputation Server: A Reputation Server is an agent that can respond to reputation requests such as putReputation() and getReputation(). In addition, reputation servers provide the communications and storage platform for Reputation Calculation Engines.
  • Reputation Calculation Engine (RCE): In order to make full use of the OpenPrivacy platform, use of and calculation with reputations is called for. Human users act as intelligent reputation calculation engines and add value to the system by adding reputations to entities and objects. An automated reputation calculation, part of an infomediary agent, has the ability to:
    • incrementally refine Reputation/Opinion accumulation into a Bias
    • use Bias to (pre-)calculate responses
    • modify (edit) one's own Bias or create a Bias
    • attach confidence quotient to returned results
  • Broker or Broadcatch Infomediary: A broker is a reputation server that has added intelligence for some domain. Generally, a broker is capable of adding value to profile and reputation information by collecting, sorting, indexing, matching or otherwise enhancing connections between data. Note: Brokers are built on top of the OpenPrivacy platform and therefore are generally outside the scope its requirements.

Assumptions

Basic

  • Users have access to personal information access and buying habits

Advanced

  • Users can collect their own net surfing habits
  • Users can anonymize themselves from the net
  • Users can authenticate purchases with
    • sellers
    • banks
    • credit card institutions
  • Authenticating institutions will participate by employing anonymous authentication mechanisms
  • A PKI exists for authentication purposes
  • Users will have their systems online 24x7 (e.g., via cable or DSL modems) for purposes of autonomous local encryption and authentication operations
  • P3P and other commercial and home-grown systems will provide negotiation mechanisms to enable autonomous operations.


  OpenPrivacy satisfies one of the requirements for Broadcatch systems
   and supports the Principles of the Identity Commons

Historical note: OpenPrivacy closed its virtual doors in May of 2002.
I wish this
site were
Drupal Strategy and Consulting