Group: GNU Social P2P/Design

From LibrePlanet
Jump to: navigation, search
(Created page with '== Overview == === Design Objectives === * Separation between the Core component and UI component * Define two APIs - Core to Core and [[User:M…')
 
(Design Objectives)
 
(15 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== Overview ==
+
== Design Overview ==
  
=== Design Objectives ===
+
The Social P2P system is a ''platform for social application''.  Standardized environment and protocols allows the creation of diverse applications, user interfaces and integration with legacy systems.
  
* Separation between the Core component and UI component
+
A user's node is composed of three main components: the UI, the Agent and the Core
* Define two APIs - [[User:Miron2/Social_Core2Core|Core to Core]] and [[User:Miron2/Social_UI2Core|UI to Core]]
+
 
 +
The Core implements a federated key/value storage abstraction.  <ref>I will use the term "path" instead of "key" to differentiate from cryptographic keys.</ref> All content is stored in a tree of path / value pairs ("Store").
 +
 
 +
The Store layout is standardized to allow end-user applications to inter-operate and replaced with alternative implementations.
 +
 
 +
The Core has no plaintext access to content or the social graph and therefore can be located at a less trusted location while maintaining a constant presence.  The Agent is fully trusted and has access to the user's identity - their private key.  For security sensitive individuals and corporations, the Agent would run on user controlled hardware.
 +
 
 +
Cryptographic methods are used to implement granular permissions and to protect content in the Core.  Values in the Store are encrypted. The encryption key is further encrypted to one or more friend keys to allow for granular permissions.
 +
 
 +
Translators (integration plugins) to legacy systems can be co-located with the Core for public information, such as microblogging, or with Agent for privacy sensitive data.
 +
 
 +
== Design Objectives ==
 +
 
 +
* Separation between the Core component and Agent component
 +
* Define two APIs - [[Group:GNU_Social_P2P/Design/Agent2LocalCore|Agent to Local Core]] and [[Group:GNU_Social_P2P/Design/Agent2RemoteCore|Agent to Remote Core]]
 
* Implement APIs on top of multiple low level transports
 
* Implement APIs on top of multiple low level transports
 
* Core does not have access to any plaintext content
 
* Core does not have access to any plaintext content
* UI has a public key which defines the owner's identity
+
* Agent has a private key which defines the owner's identity
* Once content is permitted to a friend, that content can be retrieved from the Core even if the UI is currently down.
+
* Core has access to Agent public key only
 +
* Once content is permitted to a friend, that content can be retrieved from the Core even if the Agent is currently down.
 
* Granular permission system
 
* Granular permission system
  
=== Design Overview ===
+
== Design Details ==
  
The design features a federated key/value storage abstraction.  <ref>I will use the term "path" instead of "key" to differentiate from cryptographic keys.</ref> All content is stored in a tree of path / value pairs ("Store").  A remote Store can be mounted read-only at a path.  Remote nodes can be notified of new content at a path.
+
=== Sample Usage ===
  
Cryptographic methods are used to implement granular permissions.  Values in the Store are encrypted, and the encryption key is further encrypted.  The encryption key can be decrypted through control points through the Store.  A control point can be represented to the end user as a tag or as a friend.  Permission is "additive" - content can be decrypted if it can be accessed through any of the control points.
+
Some [[Group:GNU_Social_P2P/Design/End2End|end to end examples]] could be a good starting point.
  
 
=== Core ===
 
=== Core ===
Line 27: Line 42:
 
** Send the value at a path
 
** Send the value at a path
  
=== UI ===
+
=== Agent ===
  
* Display Interface
+
* Agent to Local Core Protocol
 +
** Get/Put/Delete (manipulate the Store)
 +
** Set permission keys (define which friends have access to a path)
 +
** Listen to events (such as notifications from a remote Agent)
 +
* Agent to Remote Core Protocol
 +
** Get (retrieve contents of a path)
 +
** Enqueue (send data to the remote agent associated with the Core)
  
* UI to Core Protocol
+
=== UI ===
** Get/Put/Delete
 
** Mount/Unmount
 
** Set control key
 
** Send to remote
 
** Request from remote
 
** Listen to events
 
 
 
=== Display ===
 
  
 
Targets:
 
Targets:

Latest revision as of 23:02, 20 November 2010

Design Overview

The Social P2P system is a platform for social application. Standardized environment and protocols allows the creation of diverse applications, user interfaces and integration with legacy systems.

A user's node is composed of three main components: the UI, the Agent and the Core

The Core implements a federated key/value storage abstraction. [1] All content is stored in a tree of path / value pairs ("Store").

The Store layout is standardized to allow end-user applications to inter-operate and replaced with alternative implementations.

The Core has no plaintext access to content or the social graph and therefore can be located at a less trusted location while maintaining a constant presence. The Agent is fully trusted and has access to the user's identity - their private key. For security sensitive individuals and corporations, the Agent would run on user controlled hardware.

Cryptographic methods are used to implement granular permissions and to protect content in the Core. Values in the Store are encrypted. The encryption key is further encrypted to one or more friend keys to allow for granular permissions.

Translators (integration plugins) to legacy systems can be co-located with the Core for public information, such as microblogging, or with Agent for privacy sensitive data.

Design Objectives

  • Separation between the Core component and Agent component
  • Define two APIs - Agent to Local Core and Agent to Remote Core
  • Implement APIs on top of multiple low level transports
  • Core does not have access to any plaintext content
  • Agent has a private key which defines the owner's identity
  • Core has access to Agent public key only
  • Once content is permitted to a friend, that content can be retrieved from the Core even if the Agent is currently down.
  • Granular permission system

Design Details

Sample Usage

Some end to end examples could be a good starting point.

Core

  • Storage
    • Path/value store
    • Remote stores can be mounted at specific path
  • Core to Core Protocol
    • Request the value at a path
    • Send the value at a path

Agent

  • Agent to Local Core Protocol
    • Get/Put/Delete (manipulate the Store)
    • Set permission keys (define which friends have access to a path)
    • Listen to events (such as notifications from a remote Agent)
  • Agent to Remote Core Protocol
    • Get (retrieve contents of a path)
    • Enqueue (send data to the remote agent associated with the Core)

UI

Targets:

  • Browser
  • IM Client (XMPP)
  • Desktop
  • ... etc.

Notes:

  1. I will use the term "path" instead of "key" to differentiate from cryptographic keys.