RE: [projectvrm] Data Ownership, VRM & Standards - Suggesting a Directory

[Mike Kirkwood < >]

Mark,

Very interesting to consider the business opportunities (for both parties) in 
this model.   Further ramblings...

One of the things that a standard like the CIQ below could enable, similar to 
the T&C work is to create a process language that comes core to how the 
default model is setup, without exempting participation to those who don't 
already have the correct things in place.

A possible consideration in the directory models is to figure out how to to 
absorb easily the existing solutions, and figure out how to apply 
certification on new benefits to the parties.  So they really desire the 
certification.    Was thinking the absorb function allows the person to 
communicate with the company on their terms.  The certification phase allows 
the company to get something back from the person.   When talking multiple 
directories, absorb is used a lot in big directory projects (you become a 
tree of my model, rather than an attribute of my record).   This provides a 
simple-ish way to get a common model to work with of disparate rules and 
memberships.

A directory to directory intermediary for trust (like you mention below), 
could be continually streamlined into a really good single directory by forms 
of multiple-factor enablement.   First, identity the identity concepts in the 
systems they use today (ldap, ad, crm, cookies) and register the best guesses 
and observations.    I think we have lots of good tools and people who have 
solved key parts of this, including the big vendors.

For a next phase (where it becomes VRM vs. Identity Cleansing), could allow 
them to register these components themselves and gaining access.   The 
analogy is "hooking up to the hub".   Then, for example, if a company 
self-asserts that it supports a specific agreement, and implementation of an 
information sharing framework, the data can flow through to that company from 
the person.   Different companies, and people can implement their own groups 
of rules to allow the filters to become standard, and/or information 
card-ish, by having templates.  If support the "health vendor info" filter.

For the game theorists among us, all sorts of fun could happen with a 
sequence like this:

Blue Cross supports X in terms of receipt of information it desires, and [the 
mine] supports Y in my giving of information.  Which things can we talk 
about?   What am I missing out on because I won't tell them my medical 
history?   Whether I smoke?  Whether I'm smoking right now?   What would they 
do to know the real data?

--Mike


________________________________________
From: Mark Lizar 
[
 ]
Sent: Friday, August 29, 2008 9:23 AM
To: Mike Kirkwood
Cc: ProjectVRM list
Subject: Re: [projectvrm] Data Ownership, VRM & Standards - Suggesting a 
Directory

Thanks Mike,

Your take on the multi-faceted use of directories has expanded my view on 
what a directory could do here.  At first I was approaching a directory as a 
way of displaying VRM and like standards.  This has led me think of a few 
more ways a Directory application could be useful and profitable.

For Instance:
Listing Enterprises with VRM functionality would also be a great way 
upselling VRM services that we are all so interested in deploying.

Came across this standard recently while re-acquainting with the broader 
standards bodies, and in particular, OASIS.
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ciq#overview


This standard is definitely a good place to start.  Does anyone know of any 
implementations?


Was thinking that in the conversation around making it standard and easy for 
enterprises, this might be a good thing to consider, since already the 
"relationships" to me in the enterprise are distinct across organizations and 
regions, and perhaps (like we might strive in T&C),

Maybe a T&C focused approach is a great place to transparently show functions 
of an enterprise that are ripe, and ready for VRM adoption and consulting?   
Perhaps a directory to directory service which can evolve to capture more and 
more of the detail that is so important to rights based issues surrounding 
trust(able) information use?

I was working on a project last year where we proposed a Trusted Intermediary 
directory service to audit proper utilization of policy.  The idea with this 
directory service is that it would lead to certification.   (Yet another 
possible source of income for the VRM community.)

- Mark