The internet today, as well as the entire set of our digital activities require trusted tiers to care for our data:
- a database for corporate info
- a web site for blogging (wordpress, ...)
- a web site for going social (facebook, twitter, google plus, ...)
- a web site for bookmarking or ranking other web sites (evernote, ...)
- a website for trading used goods, selling handicraft or art, ... allowing others to buy online (ebay etc...
- a cloud space for backing up and sharing raw files (dropbox, wuala, box,...)
These tiers provide two main services: storage and presentation. They offer:
- the hope that our data won't be modified, lost, misused etc
- a suitable presentation (photos, blogging activity, comments, contacts, social ...)
More gererally today, corporate and private users face an increasingly puzzling set of questions regarding their data, be it stored on a hard disk, the cloud, or databases:
- where is this file?
- can I access the previous version?
- is this one the last version?
- have we worked using the same version?
- can I find for sure the document mentioned here as a reference?
- can I find all the documents having this one as a reference?
Using an internet platform for sharing and holding our data raises many other issues, including copyright terms, modification terms, transfer of a right to modify, reuse of pictures in commercials, legal terms based upon sovereignty etc...
Also, relying upon a remote site for one's data provides no guarantee that others see what we see, that no man in the middles tampers with the data or our access to the site, that link rot will not forever make obsolete existing references to ancient data etc.
Data cloud services on the other hand offer opportunities for presenting and sharing data under terms that do guarantee sovereingnty, ownership and copyright rights (as e.g. using services like Wuala, Mega etc., here listing only services that warrant client side encryption), but these services are poor at presentation (only lists of raw files), except maybe for pictures.
Despite its qualities this cloud of data cannot today be leveraged to a valid infrastructure for the vast variety of user needs addressed by the internet today. Most importantly, data cloud services do not support executing scripts on server side.
Trust 3.0 as a foreseable future
What the cloud lacks today to fully support a refundation of the internet is what I choose to call Trust:3.0. Trust 3.0 expects the following properties:
- a file can be indexed and found by some plain text embedded data regardless of its physical location (be it dropbox, wuala, a user's shared NAS etc.)
- when found it can be asserted that the file never was modified (i.e. neither the hosting nor a man in the middle inadvertently or purposedly modified it)
- the file can be opened using its standard editor/viewer
- no remote trusted tier is involved
TRUST 3.0 transfers trust to data, thereby eliminating the risk of data corruption when accessing documents from the web. This renders trusting a web site or service for the preservation of data irrelevant. When found, a document will be verified locally. Guessing today the list of possibilities offered by such a scheme is impossible.
Trusting data allows for automation: any endpoint, be it a program or human, can decide whether executing some code is safe. This is a yet unachieved quest for the semantic web as a whole (w3c).
By transferring trust to data, the above premises open a vast range of dream possibilities:
- documents can be exactly searched, among the set of all their valid copies, yet being unaware of any physical location
- documents may link to others: references, relevant concepts, copyright terms, versions, behaviors (how to edit, how to display...)
- documents containing such references can be exactly searched as above
- data can be organised by users according to their own criteria, maybe combined with corporate hints or requirements
- internet users regain ownership of their data: they choose at will to publish their data on any cloud system available
- internet users may remove data at any time and make their intent explicit (even though of course the data may have been duplicated)
- internet users can publish entire web sites in user space - i.e. the web site is an html/css/js document entirely run on client side
- one's digital life can be aggregated from what is publicly available and harvested by robots on a myriad of locations
- a new economy of third party aggregating / viewing web sites and apps emerges: you can choose a publishing cloud for its legal terms, and a viewing site for its features.
- referenced documents may be public or not, thus allowing to keep for oneself an undisputable proof of authorship
- chains of references make documents unforgeable, since attacking them would require compromising a number of independent servers
- documents may be given trusted timestamps by publishing their identifier (as e.g. by sending an email, using the bitcoin ledger, using a trusted service etc.)
TRUST 3.0 is the promise of a project currently in stealth mode - contact me for more information.