A Universal Roaming Profile?

Arnaud Sahuguet asks: "I have a cell-phone with my phone book, a PDA with my calendar info and my address book. I have my home desktop bookmarks, my work desktop bookmarks, my laptop bookmarks, my PDA bookmarks, etc. They are all mine, but somehow they are not, because they live in different networks (or on the same network but with different operators).Everybody keeps talking about convergence, but I don't see any convergence on the user profile front (data that matters to me). Microsoft is pushing for .NET MyServices, Sun et al. are pushing for Liberty Alliance, Apple is pushing for .Mac. Is it the right way to go?" One of the large major issues surrounding such a system would be implementing it in a way where the user can control the flow of data: where it is stored, when a certain piece of data can be sent, and who is allowed to get it. Sounds like a fine idea to me, what do you all think?

"As a user:

• would you be willing to have your personal profile information stored on the network?
• who would you trust? Your bank, your ISP, your cell phone provider, your company, the EFF, no one but you?
• what kind of guarantees would you require?

I have been struggling with this idea for a while and the best solution I can see is to reuse the Napster paradigm for my generic user profile infrastructure (let's call it GUPster).

Napster is (I should say was) a community of users willing to share MP3 music files, administered by a central server managing meta-data about users and files. I don't know what the exact goal was, but I can see it as a way to free ourselves from the music industry monopoly.

GUPster would be a community of network entities (e.g. servers at Yahoo!, server at SprintPCS, servers at my university, my home machine, etc.) willing to share standardized user profile components, administered conceptually by a central server managing meta-data about entities and components. The goal is to create synergies between network components in order to deploy value added services for the user. (Since I am working for the telecom industry, the goal is to make network operators happy by making end users happier.)

Just like in Napster, my user profile information will be distributed but the meta-data will be centralized (at least from a logical point of view) at the GUPster server. This way, I can decide that my credit card information will be stored at my bank, my calendar information on my Yahoo! account, my game scores on the Sony web site, etc. Network components storing my profile information will have to support the right set of interfaces and protocol and will register to the server the pieces of my profile they are storing.

Note: I will be the one deciding who stores what. Think of it as like moving to a new place. You can choose your electricity, gas, phone, cable and Internet providers.

Applications willing to access any of this information will talk to the GUPster server. And just like Napster, the server will not return data, but referrals (i.e. where this information can be found).

Unlike Napster, the central server will also enforce some access control policies defined by the user (let's call them my 'privacy shield'). If the request for user profile information is not OK (e.g. nobody can access my presence information after 9pm), the returned referral is empty.

Does it sound crazy?"

Who would I trust?

Without considerable redefinition of privacy and substantial limitations on business re-use of such: nobody but me.

Take it with you!

[Trinition]

A co-worker and I just discussed this very thing yesterday! However, we defaulted to a hardware device that you would carry with you (quite possibly a PDA), then when you log into a machine, would have your preferences wirelessly available. Not just a desktop, but your cell phoen could wirelessly use teh address book for making calls, etc. I personally like the hardware solution best because then no one owns the cetral store of your personal data & preferences but you.

But, hardware or software, the only way this would be useful is if there was a standard for these major classes of data so multiple devices and applications could read, and in some case modify, the data. Your cell phone might not only want to use your existing numbers,but add a number when you receive a call from a never-before-seen number.

Who would make such standards? Surely Microsoft could give it a stab, and then extend it beyond usefulness. Maybe some of the existing standards are good enough, or could be extended (vCard, vCal, etc.).

Probably all just a pipe dream anyways.

netscape supported this

[BlueLines]

with netscape 4.x (dunno about mozilla), you could store a roaming profile in an ldap db. then you could log in with navigator from wherever and instantly have your addressbook / bookmarks / preferences / mail settings magically load up. i have seen it work, and it was pretty sweet.

-BlueLines

A better solution

[plover]

In order to achieve the service you're looking for, you're saying all programs and devices will need to implement some common "standard universal interface" to this kind of data, be it XML or whatever. Your proposal is for a Central Repository Server, which is the stated goal of Microsoft's Passport or .NET services.

A better solution than storing it on someone else's server would be to make the interface synchronizable between platforms.

I'd keep a copy on my work desktop. I'd sync my home PC and my work PC over the internet (using VPN or SSL, of course.) I'd HotSync it to my PalmOS device. My Palm could Bluetooth it to my phone. My phone could GPRS it to my car's phone. My wife could sync the "Family" category on her Palm to the "Family" category on my Visor.

PalmOS does this sort of thing now with the HotSync program, but only in the limited "Handheld -- Palm Desktop -- Outlook" chain. With a robust protocol (almost certainly XML) and a strong standards committee this should not be an insurmountable task.

I want ubiquitous storage with strong encryption

[thepoolguy]

I want ubiquitous storage with strong encryption. By ubiquitous storage, I mean that I want the storage accessible by all of my devices; my various computers, PDAs, cell phones, set top boxes, TiVo units and everything else.

I want each of the above devices to be able to read/write a common format so I can share my various profiles phonebooks and calendars and they are all different views into the same large database.

I also want each of these devices to be able to use the same strong encryption algorithm. The encryption is performed at the application level within the device. That is, when a device writes a record, the record is encrypted, then sent to the central repository where it is stored in its encrypted form.

I believe that in this way, I can have ubiquitous access to my data, shares across multiple devices without requiring me to hand over my data to a trusted third party. All I need is a ubiquitous third party. I provide the trust using strong encryption and good keys.

-tpg

Universal desktop

[PhotoGuy]

Exciting concept, the universal desktop. Sun had something called the WebTop they were pitching at one point (iPlanet, I think), which *looked* pretty exciting. Supposedly all Sun employees could just go to any SSL enabled browser, use their little handheld key generator thingy, authenticate themselves, and have access to a full virtual desktop with all the apps they could need, their intranet access, and so on and so forth.

Sounded good. I tried a demo of iPlanet a year or so ago, I couldn't get it working; *way* to complicated and fragmented. And I haven't heard much of Sun employees using it.

I have dreamed of a portable virtual desktop for years. Unfortunately, it doesn't exist yet; but for each specific application, there are some solutions (and some general solutinos). The best I have come up with is the following arrangement:

• Use IMAP for mail. This lets you get at the same set of folders, no matter where you are. If you're on a different laptop, desktop, or PDA, banging in the server name and username/password is pretty quick, for getting at your email stored centrally.
  
  
• For web browsing, you really don't need to do much specially, since it's fairly stateless to start with. I have on my own personal web server, a list of links of stuff I use frequently, which is a good common jumping off point that I can access from anywhere, authenticated via SSL. There may be automated tools for this type of thing, I don't know.
  
  
• For general central application access, use VNC VNC for remote desktop access; there are clients available for a wide variety of platforms, and source available. Sort of portable PC-Anywhere; not quite as efficient, but pretty good.
  

A little rough around the edges, but 90% of what I do (and probably 98% of what typical users do) revolves around email, the web, and a couple of specific applications, it goes a long way towards the ultimate solution, which hopefully will be available some day.

The true solution to this is a unversal open *protocol* for applications. IMAP lets universal email be *very* portable. There is no equivalent for calendaring. This is no equivalent for TODO lists. There is no equivalent for most other important applications. If there were, then mutliple vendors could implement it on different platforms, giving true portability.

Until this happens, there will be fragmented proprietary solutions, which by definition, will not be the universal solution. Sigh.

Shameless Plug

[mcrbids]

If you look at our website you'll find a web-based Contact Manager software accessable from (virtually) all the devices you mentioned above.

It's tested with Konqueror, IE, and Mozilla, and is known to work with a number of Palm-based devices, including the Handspring Treo cellular phone. /Shameless Plug

I've already solved this...

[tthomas48]

The easiest way to do this is to run a website on your how server. Slap on SSL and you're pretty much good to go. I have:

Centralized Webmail

Centralized Calendaring that I can share with my wife and theater company

Steaming Music that is granted by music profile, so I only share my music with people whom I would normally loan CDs to.

Centralized bookmarks with a convienant javascript link in my toolbar to add sites at home and at work.

The question is why did I have to develop this myself. I think this is the future. Why not take the idea of one of those router/webserver/firewalls a step further and make an all in one information box. You plug it into the network. You patch it. Why doesn't this exist?

Re:Honestly...

[whereiswaldo]

Yup... no way in hell will I ever go for Liberty or Passport. They're _reducing_ your security. Having more than one signon is of higher security, even if many people have the same passwords for each site. Why? Because the bad person trying to get your data has to know what sites you have data on, and what aliases you go by, which might not be that easy to figure out. Throw in at least a few different passwords, and it would be quite difficult to gather all of someone's information.

With a single signon service, you're throwing all your eggs in one basket (didn't your mother tell you that was bad?). If someone knows your username/password, they've got access to _everything_. No thanks, and pass the potatoes would ya?

Besides, ever get on bad terms with a merchant and want to cut all ties with them? What if they required access to your single signon area? Good luck cutting them off. I've had my share of loser companies charge me many months after terminating service after repeated attempts by me to fix the problem. Imagine if they had all that info, too. Scoundrels.