|
|
|
|
|
| Talisman provides users with the three things they value most: convenience, savings, and privacy. Through the safe collection of greater amounts of more accurate user information, electronic services can offer more targeted, personalized experiences to their users. |
|
| Although the vast majority of work needed to maintain this system is performed by the services themselves, users do bear some of the responsibility for ensuring the system’s correct operation. Specifically, in addition to taking advantage of the various personalized services, users must maintain their accounts, sign on as necessary, and sign off when done. |
|
|
|
| The user’s task of maintaining an account actually consists of several sub-tasks, most notably involving accuracy, usage tracking, and access control. |
|
>
|
Allowing the user to verify account accuracy requires ensuring that the user has maximum access to all information known about that user, as well providing some mechanism whereby the user can correct mistakes. The precise manner by which this information is presented and corrected depends heavily upon the type of data being verified – phone numbers, for example, can be corrected directly while credit reports must be corrected through official channels. However, in general it should be assumed that the user can easily and intuitively view and correct data of all types, irrespective of who gathered the data or where it’s stored. |
|
>
|
A key component of increasing a user’s sense of privacy is allowing the user to track the usage of all collected data. In general, whenever a service accesses data on a particular account, that access should be logged in a manner that the user can view. In this way, users can keep tabs on who knows what and, if they don’t like what they see, can have some form of audit trail to contact the appropriate authorities to take action. The goal with this particular feature is not so much to proactively prevent services from misusing data – something that is virtually impossible – but to empower the user to take positive reactive action when problems occur. |
|
>
|
Finally, users should have final authority in setting access control permissions on their data. While users should be able to trust the default settings proposed by the realm providers, more proactive users should be able to expand or constrain access to their information at will. When combined with the ability to track usage, users would have the ability to immediately detect, stop, and report improper usage. The result is a self-regulating system where users, services, and realms all play a part in overseeing the community. |
|
| In general, it is expected that traditional web interfaces be presented to the user to enable all of these tasks. However, the first question is: who hosts these webpages? The answer depends heavily upon who owns the accounts themselves – a question that has three possible answers: shared accounts, linked accounts, and distributed accounts. |
|
[3 children...] |
|
| Before the user’s personal information can be used to provide personalized services, users must first identify themselves to the service. One of the key advantages of a system like Talisman is the ability to perform “global single signon” – allowing users to identify themselves once per browsing session across the entire globe, rather than once for each and every website. |
|
| This identification process can take a wide variety of forms, only a few of which will be listed in this document. In particular, this document attempts to describe three primary signon methods: type-click, one-click, and no-click. While the end effect of each of these would be the same irrespective of the type of account is being used, the examples assume that distributed accounts are in use. In addition, the various mechanisms can surely be implemented in countless ways, all of which provide slight differences and benefits. For this document, however, the examples attempt to optimize the mechanism for reader clarity, rather than efficiency or security. |
|
[4 children...] |
|
| Once the user has finished using a particular website, finished a browsing session, or finished using the client as a whole, the user must signoff the system. Just as Talisman supports signing on once globally, Talisman supports users signing off the system across all participating websites with one click. This signoff process can take a number of forms. |
|
[2 children...] |
|
|