PAM One night Stands

From Project VRM
Jump to: navigation, search

This VRM Workshop session covered the concept of the Personal Address Manager.

The scene setting points covered:

First Assumption - Privacy Differences from long running relationships - Mutual policy negotiation - pain-free - Default policy bucket - No identifier Easy to produce end of relationship artifacts Win-Win for customers and vendors - Removing barriers to exit is attractive. A use case was examined: Single Stop Online Shopping

With Address With Personal Delivery Service (eg. relationship wth UPS, Fedex etc.) With Vendor Delivery Service (eg. Vendors own delivery service that respects PAM token) With Address from Personal Address Manager

Is the "With Address" scenario a Personal Address Manager (PAM) case? However the PAM might be the place where user relationship policies are stored. "With Address" was eliminated as a policy statement by vendors.

The "with Delivery Service" was selected to analyze.

Roles: Shopper (S:) Merchant (M:)

'Assumption:'Bold text Policy Assurance and Warranty

Scenario: Step 1.

S: Shop at a compliant store

M: Offer VRM ("use VRM" button on the web page)

Step 2.

S: Click "Use VRM"

M: Endpoint Request

Step 3.

S: VRM Discovery End point - ie. PAM Address pointer

M: Push to provision

Step 4.

S: Provision vendor

S: Give Vendor token (with policy)

M: Policy agreement

M: Use token to get address

M: Use Address

M: Delete

M: Confirmation of End of use


Side notes:

Initiatives are underway to build a policy framework. (SAML and WS-Policy?)


This was a complex discussion to develop the scenario. Edits to refine this discussion can be made on the VRM Workshop Wiki in the Personal Address Manager page.

Also posted to EKIVE Blog