In this concluding post on stuff we learnt during the eBrainPool workshop at the Chaos Communications Camp (CCC) 2011, I shall focus on discussions we had with regards trust models.
It is increasingly being felt that reputation is the sincerest currency. The social standing of an individual and the positive connections he has in his network i.e. his "reputation" will increasingly determine his "credit worthiness" as perceived by his peers. This is the basic premise of currency models such as Ripple.
One of the biggest challenges and questions posed to us by people with regards eBrainPool is that of security and privacy. In an untrusted group, how do we ensure that people who want to use the software from someone else can trust the validity of the software? How can both the people in turn also be protected with regards their data - neither party should have access to the others data?
Discussions with people at the camp who have more experience in this field strengthen our belief that the answer to these questions lie in part with technology /design and to a larger part lie towards the basic tenet of trust. Technology can go only a certain degree but just as in current business and other real world social decisions, it all boils down to the trust between the people engaged in a transaction.
We were privileged to be in the presence with a few people who have worked in this realm and they offered to share their experience and work in trust models.
Guus Sliepen made mention of his light-weight cryptographic authorisation framework found here. As I understand it this proof of concept library makes use of social connections to further strengthen authorisation.
Caori who has previously worked with Ripple also pointed out his own work in this field. He has an elgg library that can be found here.
In time we hope to have more from both Guus and Caori to speak about these libraries and to hear some more of their thoughts on this and hopefully help in the security and privacy concerns of a technology such as eBrainPool.