ICT Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT

Transcription

1 ICT Cloud Computing, Internet of Services & Advanced Software Engineering, FP7-ICT Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets Deliverable OPENi Cloudlet Framework Design Document Workpackage: Authors: Status: WP3 Design Dónal McCarthy (WIT), Eric Robson (WIT), Gary McManus (WIT), Dylan Conway (WIT), Johannes Hange (FOKUS) Final Date: 23/09/2014 Version: 1.0 Classification: Public Disclaimer: The OPENi project is co-funded by the European Commission under the 7 th Framework Programme. This document reflects only authors views. EC is not liable for any use that may be done of the information contained therein.

2 OPENi Project Profile Contract No.: Acronym: Title: URL: FP7-ICT OPENi Open-Source, Web-Based, Framework for Integrating Applications with Social Media Services and Personal Cloudlets Start Date: 01/10/2012 Duration: 30 months Partners Waterford Institute of Technology Coordinator National Technical University of Athens (NTUA), Decision Support Systems Laboratory, DSSLab Ireland Greece Fraunhofer-Gesellschaft Zur Foerderung Der Angewandten Forschung E.V Germany INFORMATICA GESFOR SA (CGI) Spain AMBIESENSE LTD UK VELTI SA Greece BETAPOND LIMITED Ireland Document History 2

3 Version Date Author (Partner) Remarks /09/ /09/2013 Dónal McCarthy (WIT), Johannes Hange (FOKUS), Dylan Conway(WIT) Dónal McCarthy (WIT), Johannes Hange (FOKUS), Dylan Conway(WIT), Gary McManus(WIT), Robert Kleinfeld (FOKUS) First draft. Final draft. 3

4 Executive Summary As a research project OPENi s primary objective is to produce an innovative solution that integrates personal data storage and cloud-based services. To reach this goal we will develop a solution composed of two distinct, independent, but interrelated components 1) an API Platform to enhance access to cloud based services and 2) a Cloudlet framework to store users data. Applications can access cloudlet data independent of the API platform, likewise applications can utilise the API platform without accessing Cloudlets. There are many services available that offer personal data storage similar to OPENi s Cloudlet. We profile and analyse a number of these services to ascertain the De facto industry standards with regard to data privacy, data control, and interoperability with 3 rd party apps and services. Cognisant of existing solutions in OPENi we allow users store any type of data in any schema (or object type). This dynamic data approach makes the Platform more appealing to 3 rd party developers; however it complicates matters with regard to the key OPENi goal of seamless interoperability between applications. To address this complication the OPENi Cloudlet Framework will apply a schema to the data retrospectively through the use of folksonomies with usage metrics dictating the global schemata in the OPENi registry. The primary goal of OPENi is to give the user maximum control of their data. We address this through a number of technical solutions and privacy policies by: implementing non-intrusive logging, allowing users purge their data, enabling users realise the monetary value of their data, enabling them port their data to other platforms, and giving them control over 3 rd party access to their data through the use of intuitive GUIs. We aim to give insight into OPENi s research agenda by formulating a number of research questions which we will answer over the lifetime of the project. The questions cover a number of thematic areas such as: mobile application interoperability, meta-processing and data discovery, data monetisation, personal identity, and minimal exposure. Building on the research question and usecases we identified the components required to create an OPENi compliant cloudlet platform. The list of requirements can be split into two sections, one to deal with the management of the overall platform (monitoring, data aggregation, platform administration, provider GUI, and communications) and the other deals with the individual cloudlets (data access, management, authentication notification, and Cloudlet GUIs). The Cloudlet Framework will be implemented in the form of a distributed application. Distributed applications are composed of a number of software components called workers distributed across a number of hardware nodes; workers communicate with each other by passing messages. In OPENi we will create workers for each platform component. Each worker will have its own internal REST API (and some will have external REST APIs) and will communicate with other workers via a messaging framework. The software stack to implement the Cloudlet Framework includes: ZeroMQ as the distributed application enabling messaging library, node.js as the preferred programming language, CouchDB as the datastore, Mongrel2 as the webserver, nginx as the load balancer, and OpenStack as the cloud platform. 4

5 The platform will be developed using some agile software techniques including: SCRUM an iterative software development process, and test driven development. 5

6 Table of Contents 1 Preface OPENi High Level Architecture Overview Introduction Security framework API framework Cloudlet framework Mobile Client Library Internal Interaction and Interoperability Service Enablers Introduction Purpose and Objectives Methodological Approach Changes in Phase Document Structure Personal Data Storage Market Analysis Personal Data Storage Solutions CAYOVA FreedomBox Gigya Personal Mydex OwnCloud Pidder Privowny Qiy PAOGA SocialSafe openpds OPENi s Position Commercial Incentives for Deployment and Platform Bootstrapping OPENi s Personal Data Storage Research Research Questions Relevant Requirements and Use Cases OPENi Platform Integration

7 6 Cloudlet Framework Components APIs Data Storage Management Monitoring Data Aggregation Administration Provider GUI Communications Cloudlet Management Data access Management Authentication, Authorisation, and Accounting Notification Cloudlet GUIs Component Interaction Research to Component Mapping Use Case to Component Mapping Data model Inheritance Interfaces Multiple types Duck typing Shadowing OPENi Types Objects Registry Architecture Software Stack Languages Messaging Framework Sample ZeroMQ Topology DataStore CouchBase Web Server

8 8.1.5 Load Balancer Cloud Platform OpenStack Orchestration Chef Ganglia Nagios Deployment Docker Cloudlet Framework Implementation Web Server API Endpoints DAO DataStore Search Logging & Auditing Aggregator Framework Management Mobile Client Native vs. Web Mobile Development Mobile Client Libraries jquery Mobile Titanium Mobile Xui APIs Authentication and Authorization API Cloudlet API Object API Attachment API Type API Auditing API Notification API Search API Subscription API Workflows Application Subscription

9 10.2 Alter or read cloudlet data Application creation User alter Cloudlet data automated rd party access data (aggregator) Development Techniques SCRUM Test Driven Development Vagrant Conclusions Acronyms References Appendix I Appendix II: Data Storage Relational Vs. NoSQL NoSQL Datastores Accumulo Cassandra CouchDB Couchbase HBase MongoDB Conclusion Appendix III: Cloud Framework Infrastructure as a Service (IaaS) CloudSpaces Eucalyptus mosaic Nimbus OpenNebula OpenStack Platform as a Service (PaaS) Cloud Foundry DotCloud Heroku OpenShift

10 Stackato Conclusion

11 List of Figures Figure 1 OPENi Platform Architecture Figure 6: Personal data storage services similar to OPENi s Figure 7 The Cloudlet Frameworkcomponents and external entities Figure 8 A visualization of the OPENi s components interconnection Figure 9 A single inheritance model with the ability to extend types Figure 10 A single and multi-inheritance model Figure 11 Structural relations between types Figure 12 JSON-LD used for duck typing Figure 13 A depiction of scopes Figure 14 Cloudlet and registry interaction Figure 15 Cloudlet and registry interaction Figure 16 Cloudlet Frameworkcomponents and the ZeroMQ topology.error! Bookmark not defined. Figure 17 Subscribing to Third Party Application Figure 18 Read/Update Cloudlet Data Figure 19 Registering Third Party Applications Figure 20 Automatic Cloudlet Data Update Figure 21 Third Party Data Access Figure 22 CAP theorem with real world examples Figure 23 Separation of Responsibilities [45] List of Tables Table 1 Summary of Data Storage Technologies

12 1 Preface OPENi High Level Architecture Overview 1.1 Introduction The OPENi platform is composed of four distinct but interrelated components: 1) a security framework that manages users' privacy by providing advanced authorisation and access control, 2) a Graph API Framework to enhance access to cloud-based services, 3) a Cloudlet framework to store users data, and 4) a mobile client library which enables developers to create OPENi enabled mobile applications. While a number of these components can be used in isolation, they are all presented to mobile developers as a single platform through a unified client library and single suite of REST endpoints. Internally within the platform the individual frameworks also communicate with each other through REST endpoints. Figure 1: High level view of the OPENi Platform's Architecture. The diagram presents the four major components that comprise the platform: 1) the security framework, 2) the API framework, 3) the Cloudlet framework, and 4) the mobile client library. Each component is developed using whatever languages and application stack best suited their functionality, yet all are presented to the mobile developers through a single unified suite of REST Endpoints. Internally the individual frameworks also interact with each other through their respective REST endpoints and SDK's. All interaction with external cloud-based services is performed by the API framework through its Cloud-based services (CBS) connectors. 12

13 1.2 Security framework The security framework is responsible for the overall security of the OPENi platform. Its access control functionality affords users more control over their personal data and the cloud-based service which they interact with; it ensures the user's privacy wishes are adhered to. As you would expect with a platform dealing with personal data, the security framework is tightly integrated with the other components of the platform. The client library has a number of permission dialogs that allow end users to interact with their privacy settings on the security framework. The cloudlet framework verifies all access requests for data within the cloudlets against the security framework, as is the case with the graph API framework's functionality. 1.3 API framework The OPENi API framework is an open framework that is capable of interoperating with a variety of cloud-based services, abstracting the integration challenges to a single open standard without losing any service features. It is a single framework that will promote innovation by offering application developers an advanced framework that will enable them to design and build complex applications involving the combinations of independent cloud-based services. Figure 2 depicts the OPENi API framework, the details of which are discussed in Deliverables D3.1 and Cloudlet framework The OPENi cloudlet framework will provide application consumers with a single location to store and control their personal data. The cloudlet, in conjunction with the security framework, will empower application consumers to remain in control of their data. The control mechanisms will be inherently secure and trustworthy. As an open technology, validated by the open source community, consumers will be assured their data is not being used without their consent. The OPENi Cloudlet framework Standard defines a number of key components that make up the Cloudlet framework. These components are described in detail in deliverables D3.2 and. The architecture for the cloudlet is defined using a design-by-contract methodology, with REST endpoints acting as a contract, defining features such as cloudlet creation, CRUD data, and search functionality that the framework must provide. A number of API clients accompany the REST endpoints, enabling interaction with other components, and allowing the Graph API to easily persist its data to the end users cloudlet on their behalf. 1.5 Mobile Client Library To provide convenient access to the API, security, and cloudlet storage frameworks, we provide a mobile client library. This library abstracts and simplifies access to the OPENi services across multiple mobile platforms. This library will be designed to promote rapid application development and easy developer on-boarding. In simple terms it aggregates the REST clients of the three frameworks, but it 13

14 also adds a significant number of enhancements including a number of security mechanisms and UI components. 1.6 Internal Interaction and Interoperability The combination of the open API and cloudlet concepts makes OPENi both powerful and beneficial for consumers, application developers, and service providers. The vision for OPENi is to provide a platform that could be deployed and operated by many different application hosting or service providers looking to add value to their proposition. These OPENi hosting providers will take advantage of various facets of the OPENi platform in ways that best suit their business model. From the normal consumers perspective we envisage that they will be largely unaware of the OPENi platform, with only the technology and data aware consumers cognisant of OPENi's existence. To that effect a scenario may arise where consumers could have many applications provided by many OPENihosting-providers. In practice we are planning for consumers to have a single cloudlet that can be connected to multiple API and security frameworks. To that end we designed an internal architecture where the three major on-platform feature-sets are decoupled into standalone frameworks (API, Security, and Cloudlet). Internally within the platform each framework exposes its services to the others through REST APIs and an accompanying client library. Internal to the platform, the API framework persists data to the cloudlet framework through its REST endpoints, and is treated identically to an API framework installed elsewhere, i.e. once the appropriate security framework verifies that the user consents to the action, then the interacting API framework can manipulate the Cloudlet data. In essence the API framework is treated like any other 3rd party application which can interact with user's Cloudlet data. However, it differs in the following regards: 1) most of the time it happens to be located on the same server, 2) it acts on behalf of 3rd party applications persisting data related to the applications interaction with cloud based services, and 3) while 3rd party app developers can implement Cloudlet data schemas of their own, the Graph API's schema will be the most widely used on the Cloudlet framework, it will form the core of the Cloudlets folksonomy driven data model. 1.7 Service Enablers An OPENi service enabler is a trusted agent running on the OPENi framework that allows (by providing it with adequate power, means, opportunity, or authority to function) a group of services be developed that otherwise could not. It has access to aggregated data from multiple Cloudlets, performs on-framework data processing, has access to its own datastore, and exposes its functionality through its own API. In essence, a Service Enabler simplifies the development of services saving mobile application developers time and money. 14

15 2 Introduction 2.1 Purpose and Objectives Deliverable 3.5 will specify the OPENi cloudlet framework that will be utilised by users to create and deploy their cloudlets but also by developers to enable their applications to access stored user data. It outlines necessary components for secure storage of cloudlet data, regulating the operation of the entire cloud platform, and enabling user interaction (create, deploy, update, delete) and application communication. Additionally all readily available components and technologies will be identified for integration with the Cloudlet framework. 2.2 Methodological Approach With the main objective to define and specify the OPENi cloudlet framework, the work carried out for the present report is based on the WP2 results and particularly bears the following steps: Baseline Analysis Identifying the existing state of art through market analysis of OPENi competitors. Evaluating suitable candidates from relevant technologies for the cloudlet framework in the context of its defined components. Elaborating on research questions. Preparatory Analysis Ascertaining the essential concerns required to fulfill user requirements. Discussing the implementation of the platform and exploring all choices. Identifying actors, components and use cases. Recognising key developments methods facilitating quality of components. Iterative Specifications Classifying the communication and connections between components. Defining the data storage mechanisms. Defining the cloudlet management tools. Specifying a suitable data model for persistence. Implementation Directions Charting the architecture of the OPENi cloudlet framework. Recommending the most appropriate technologies as a foundation for the cloudlet components. Defining potential API endpoints for interacting with cloudlet framwroek. Conclusions & Key Take-Aways Analysing the characteristics and features of the specified cloudlet framwork. 15

16 2.3 Changes in Phase 2 Minor changes since the previous version of the document (D3.2) can be found around the document. To facilitate the reader in identifying and focus on the content that has altered significantly we list them here: A new introduction to the high level architecture of the platform in Chapter 1. In Section 3.1 has been altered to take into account changes within the services offered over the 12 months since the last market analysis was completed. Included are three additional services PAOGA, SocialSafe, and openpds. We added a section 3.3 that outlines how the cloudlet bootstrapping issue is tackled and also describes scenarios in which the whole OPENi platform can be deployed in a commercial sense. Chapter 5 has been added to further describe how the component parts integrate to represent a single platform. Section 6.5 and the Appendix have been updated to reflect changes in the technologies that we selected to implement specific components. Docker containers as a deployment scenario have been added in section Subsection 8.2 describes how the Cloudlet framework components outlined in section 6 are implemented in relation to the technologies described in section Document Structure The report starts with an overview of the high level architecture of the OPENi concept. It introduces the main components: Security, API, Cloudlet frameworks, and Mobile Client and outlines their relationships. This overview; which is repeated in deliverable 3.4 and 3.6; contextualises the subsequent sections which describe the Cloudlet Framework in detail. Section 3 includes an analysis of existing personal data storage services and research initiatives. It also outlines how OPENi will be positioned amongst its peers. Section 4 reiterates our research position and identifies the use cases driving our research. Section 6 describes the components that compose a Cloudlet framework. The descriptions are kept generic so that they can fit a multitude of architectures. Section 7 details the OPENi data model. Section 8 compares technologies that can be utilised to realise an OPENi Platform. Section 9 and 10 communicate the cloudlet API and use case workflows respectively. Section 11 provides an illustration of the development techniques to be employed. 16

17 3 Personal Data Storage Market Analysis There are many services available that offer personal data storage similar to OPENi s Cloudlet. In this section we profile and analyse a number of these services to ascertain the De facto industry standards with regard to data privacy, data control, and interoperability with 3 rd party apps and services. We also gauge their accessibility and ease of use. The services that we analyse include: CAYOVA, FredomBox, Gigya, Personal, Mydex, OwnCloud, Pidder, Privowny, Qiy, PAOGA, openpds, and SocialSafe. Later we outline OPENi s position with regard to each of these standards. Additionally we outline OPENi s key innovations and discuss its key points of differentiation. 3.1 Personal Data Storage Solutions The following are high level descriptions and analyses of Personal Data Storage solutions in general terms. Security and privacy are mentioned, however for a more in depth security analysis please see section 5.1 in D CAYOVA Cayova, which was detailed in the first version of this deliverable, and was released as a beta service in April 2013 has since been discontinued as a service. However, as a replacement there is a Chrome plugin available, called CAYOVA box. This plugin blocks advertiser networks from seeing what you are looking at online. It does this by preventing the advertiser networks from placing cookies onto your computer and therefore preventing them from seeing which websites you are visiting or which items you are looking at. It also informs you of what services have requested access to your browsing history, and can from this information provide you with an overview of your online profile FreedomBox FreedomBox is a central, Debian-based system that can control messaging across different devices and services at home. It is a fully distributed software suite for privacy and control in the home which enables free communication among its users. It is a personal server that runs a free software operating system and free applications on top of this, with the focus being to preserve personal privacy by storing the personal data locally on the Freedombox instead of centrally in the bigger commercial services. FreedomBox has strict data access policies for third parties trying to gain access to the data that has been stored. The solution involves a peer-to-peer mesh networking of commodity boxes and by exploiting a distributed model over a centralised approach; users are given greater control and freedom when using the Internet. As a platform it is completely open source and free to use, modify, and redistribute. FreedomBox is a very privacy conscious and user-centric system where users own all the data and have complete control over it. It has very limited 3rd party accessibility and has very specific data domain. Since the last version of this document Freedombox has updated to version 0.2. In doing so it includes the ability to connect to OwnCloud (described below) and an XMPP chat server. This is done through its visual interface tool, Plinth. 17

18 3.1.3 Gigya Gigya is a commercial entity, based in California, USA that provides business solutions for connected consumer management. Through their Connected Consumer Management Suite they offer business customers the ability to understand and connect more closely with today s mobile and socially connected users, and therefore offer these users a more targeted service. Gigya specialises in gathering, transfer and storage of user information and through their products Gigya is then able to provide their clients with the rich data, intelligence and tools to reach consumers with relevant messages. These technologies help businesses to access, consolidate and manage the permissionbased identity and behavioural data and in turn transform this data into targeted actions. Through this functionality Gigya has acquired a large list of multinational clients and partners. While Gigya follows industry practice with regards to data security such as firewalls, intrusion protection and encryption, they do state that data collected and stored is subject to the rules of their client and they merely offer a collection and storage facility. Since the last analysis Gigya has released a new tool, Consumer Insights, which aggregates the data from previous products and provides the customer with visual insights to user identities and their online behaviours. It allows marketers to query Gigya s Identity Storage database and ties identity information with internal indicators to understand what information are driving various behaviours such as purchasing, commenting or sharing Personal Personal is a web and mobile data vault that provides a private, cloud repository for users to store and share sensitive data, passwords and files, giving these users absolute, password protected control over their identities and data. The system is built on a privacy- and security- by-design platform and allows its users to leverage their data and to realize it to its maximum value. Third party developers only have access to the data that has been stored through their applications or has been specifically shared with them. The platform has a centralized approach for storing data in Rackspace, USA. Since our last version of Personal review they have released a new application on their platform called, Fill It, which is a 1-click form filling app for logins, checkouts and various types of forms to enable automated and secure form-filling. It offers a library of nearly 140,000 indexed online forms that are auto-filled on the applicable website from the users own pre-saved data. When filling out forms FillIt enables the user to save their data, their passwords or even payment information (if they want) when completing the forms to their user data vault, and this information can then be used again in future forms that require the same information, thus preventing the users from re-entering the same information again and again. Personal is a proprietary initiative, and is offered to users as monthly or annual based subscription service Mydex Mydex has an almost identical business model to Personal Inc. however it does offer partnerships with other organisations. Mydex offers an encrypted cloud based data store that uses a distributed mode of data storage where users store personal information, which can then be recalled by them on demand as required, or shared with external entities such as governments or e-shops. Encryption is 18

19 used across the system, with security access and control of the data store realized through a range of authentication options that vary from a simple username and password up to multifactor authentication methods that may even include biometrics. This means that the data store can only be accessed by the user and only they hold the key. It is similar to the Personal platform as described above, but it has no interface for developers to develop third party applications, and they can only create connectors to the platform in order to sync or retrieve information (e.g. profile information or user s address); there is no flexibility for expanding the platform s capabilities through applications, but only interfaces to the platform. Mydex explicitly states in a charter that there is no promise of data ownership, while Personal verbalise users do own their data. They do however commit to not allowing third parties access to your data without consent. Mydex is under a Creative Commons license and state that all technologies that they use are open source; however they do not make the software running on their cloud platform available publicly OwnCloud OwnCloud is a cloud storage platform for business enterprise that provides businesses with their own file sync and share facilities. It offers businesses the opportunity to provide their own cloud storage service, on their own internal infrastructures, to employees with a larger degree of control than existing public cloud service providers. owncloud uses a completely open source solution and as such is transparent and is extensible through the fact that it uses open standards to allow ease of integration to a company s existing services. OwnCloud provides services similar to Dropbox, except that it affords greater control for organisations concerned with the confidentiality of their information. Due to the open source nature of the project organisations can add, remove, and modify any features they want and the organisations are responsible for setting their own security and privacy policies. Each business is also responsible for the how the data is managed with the businesses being the owners of the data. owncloud incorporates a file firewall, SAML/Shibboleth authentication, full logging (for auditing), and support for a number of SQL databases. All of which can extend owncloud beyond the corporate DMZ and offer cloud-based file sync and share services to external or mobile users, which in effect allows those hosting an internal owncloud solution to transform that solution into a true cloud services offering. Since we introduced owncloud in D3.2 the owncloud company has released owncloud Documents, which is a collaborative editing tool for rich-text documents. These documents can be created from within the tool or existing documents can be uploaded and used. Privacy for the individual employee is low as their data is stored unencrypted, thus it is accessible by system administrators. However, with the Web Encryption Extension, which was released under GPL license to provide web applications with the facility to provide encryption to their users, owncloud users can now lock their files in the cloud Pidder Pidder is a donation based organisation with the development and provision of the service being dependent on the donations that it receives. The amount donated is up to the contributor, and through these donations Pidder has developed a private social network where the data is owned and controlled by the user and shared with only those who the user chooses. Their platform is a 19

20 centralised privacy-by-design platform with all data stored an encrypted form in relational databases on the Pidder servers, with the default status being access only being granted to the user as a default, and the user then opens up their data according to their preferences. Pidder locks themselves out of the data by encrypting the data on the client side, and for additional privacy they do not log IP addresses of those accessing the service. This client side encryption helps prevent unauthorised access to data internally from within Pidder. There have been no major updates to this service since our introduction of this service, however, the service has moved from a.com domain to a.de domain following revelations in the past that the USA is claiming jurisdiction over all.com domains, regardless of the server location Privowny Privowny is a browser plug-in to control cookies and spam, manage your passwords and auto-login details with state of the art client-side encryption, and securing all data that you leave on websites. It is a way of capturing your digital footprint, in your own PrivownySphere, that includes data submitted in web forms, preferences you set on websites and data from companies cookies, and then allows you to manage this information and market it in a way that suits you. Privowny is a commercial digital privacy company based in the US whose goal is to empower users by providing a digital memory of all information gathered about them. The system creates a record of all data given; knowingly or not; to third parties while browsing and allows users to discover companies that have shared their data through their Privowny account. Privowny is a deployed on centralised platform and Amazon's Web Services is used to store the digital footprints. The crux of their privacy policy is that you own your data and third parties will not be given access to your data. The browser plugin which gathers the data can be accessed from a built-in web interface with all interactions with the web interface and plug-in utilising HTTPS. Future developments in Privowny include the development of a number of APIs that will allow read/write access to the data based on permissions provided by the user. APIs will also be developed to allow companies to push data they already have gathered about you into you PrivownySphere Qiy Qiy (pronounced key ) is a privately funded, non-profit foundation, whose stated goal is to return control of personal data to the individual. The user s independence is fostered through a technical solution of strong encryption across all communications and data storage as well as a series of legal and policy implementations. The focus of QIY is to aggregate a user's personal data and allow them greater control over who has access to it. The QIY privacy policy states user ownership of the data, and commit to not sharing information with third parties without permission. Your data is encrypted, thus preventing Qiy staff access to your data, and then stored across a number of certified datacenters across the Netherlands, which are protected by access controls and firewalls, thus preventing unauthorised access. There have been no major changes to the Qiy service since the release of D3.2 where Qiy was introduced; however there have been bug fixing and minor feature releases. 20

21 PAOGA Since the last analysis that was carried out for D3.2 the Personal Information Management Services sector is accelerating with new services being released on a regular basis. Therefore, we briefly introduce another player that is coming on strong and gaining a lot of traction in this space. PAOGA (People Are Our Greatest Asset) is a UK company that have been developing a platform to provide individuals or organisations with a secure repository to enter personal information and data, documents and files to access, update, store and share under their control for their own benefit. They are providing an individual with their own secure digital safe deposit box, which means that they can impose their own rules as a condition of sharing their personal information with a company with whom they want to have a relationship. This system is now in the final stages of beta testing. Once you have registered with PAOGA and downloaded their app you are provided with your PAOGA Personal Cloud as well as unique certificate (key) which is stored on your computer and will be required for you to access this Personal Cloud as well as all the personal and private data, documents and files that you are protecting. PAOGA does not have a copy of your key, nor access to your cloud and therefore data. Within PAOGA all of the private information, data, documents and messages are uniquely and strongly encrypted in PAOGA Containers to the highest level automatically when stored, shared and transmitted. The user does not store their data with PAOGA, but chooses an alternative cloud storage platform such as Microsoft Azure, Amazon S3 or Dropbox, etc. and PAOGA provides individuals with an audit trail which includes when data changes were made. All of the individual s information and documents are encrypted with the 'key' which is held by an independent Trusted Third Party and only accessible with the permission of the individual SocialSafe SocialSafe, released in November 2010, aims to help users unite their Social Networks and safeguard their data from partial or total loss. SocialSafe allows their users to create a searchable offline journal populated by their online social media accounts. It is a program that resides on one or more devices, and directly accesses and downloads a user s distributed cloud data to their own personal library on their device or on their personal cloud (Dropbox, Google Drive, MS SkyDrive, NAS, etc). The user can select which aspects of each service that they would like to backup from the cloud, and aggregate all of them into one place that can be browsed or search through. This library is 100% private and is an aggregated, cross-referenced library of all the user s data. With appropriate security interfaces provided by SocialSafe, a user may provide access permissions to their library for web services, web apps and local apps. This ensures that these apps and services are using accurate data, once the user agrees the permissions access. There is also the ability to export your data to a CSV file, which then provides the mechanism to analyse trends within your social media accounts. The application is built on Adobe Air to ensure seamless integration with PCs and Macs. 21

22 openpds OpenPDS is a platform that is being developed at the MIT Media Lab through the Human Dynamics group and it provides users with a Personal Data Store (PDS) that gives the ability to collect, store, and provide fine-grain access to various parts of their data while still protecting their privacy. It can be used to consolidate user data to a single location, that can be on their computer or in the cloud with a 3rd party service provider, and allows you to decide what is shared, with whom and where. OpenPDS deals specifically with metadata, which can be used to describe a person s location, phone use or Web searches. OpenPDS sits between the application looking for data and your information, and the application must query your data store directly for what it is looking for instead of providing the app direct access to all your raw data. For example, a mobile app, Web site or research firm looking for information protected by an openpds must query the data store directly to check, for instance, whether your shipping address has changed or to confirm your present location. OpenPDS responds specifically to that query with answers that the openpds owner approves for release. It also provides users with the ability to inspect their data at any stage, and monitor the usage of their data. 3.2 OPENi s Position As a research project OPENi s primary objective is to produce an innovative solution that integrates personal data storage and cloud-based services. Similar to FredomBox and OwnCloud OPENi s output will be released as open-source, however as outlined in the DOW, commercial adoption of the project is also important. Consequently a commercialisation friendly licence will be used for OPENi itself and only 3 rd party open-source tools and technologies with commercialisation friendly licences will be integrated into the platform. 22

23 Figure 2: This diagram compares personal data storage services similar to OPENi s under a number of categories. Based on our perception, each company is placed along a scale from least to most in each category. The diagram shows that OPENi is grouped with the companies that allow their users the most control, it is the most interoperable, and it has the most support for dynamic data. However to lead in these areas some privacy features are sacrificed; consequently other services overtake OPENi in this regards. The services that we analysed took a varied approach to the type of data that they allow users store on their system. Some are restrictive and only store data from a single domain or data in predefined schemas/structures. Examples are: FreedomBox and Pidder primarily concerned with communications and social networking data, CAYOVA and Privowny concentrating on web browsing data, OwnCloud on enterprise data like contacts, calendar and documents. Other services give their users more control over the type and structure of data that is stored. Included in this group are Mydex and Personal which allow their users define custom data structures, and Gigya which integrates with many 3 rd party services. In OPENi we allow users store any type of data in any schema (or object type). This dynamic data approach makes the Platform more appealing to 3 rd party developers; however it complicates matters with regard to the key OPENi goal of seamless interoperability between applications. To address this complication the OPENi Cloudlet Framework will apply a schema to the data retrospectively through the use of folksonomies with usage metrics dictating the global schemata (See section 6). Of the competitors FreedomBox, Pidder, and Privowny are quite insular; they operate in isolation and do not integrate with 3 rd parties applications or services. Others do integrate with 3 rd parties to varying degrees, with: OwnCloud utilising plugins frameworks, and CAYOVA, mydex, and Personal 23

24 directly integrating with mobile applications. However OPENi is the most accessible to 3 rd parties as it allows users share their data across applications and cloud-based services. This presents a wealth of data that application developers can tap into and enhance their service with. In addition OPENi also boasts an aggregation feature (that allows users monetise their data in a privacy preserving way (see sub-section 5.3.2)) which gives 3 rd parties access to information composed of data from many cloudlets. The primary goal of OPENi is to give the user maximum control of their data. We address this through a number of technical solutions and privacy policies. Similar to Personal and Pidder OPENi will implement non-intrusive logging. It will allow a user purge their data from the system as do CAYOVA, Personal, Pidder and FreedomBox. Similar to CAYOVA we will allow a user to realise the monetary value of their data by rewarding them for sharing it with 3 rd parties. Uniquely it will allow users port their data to other platforms, and give them control over 3 rd party access to their data through the use of intuitive GUIs. All the services that we analysed heavily emphasised their security and privacy features. FreedomBox s view is that centralised systems are a privacy concern as the platform owners can access all user data. To counter this perceived risk they implemented a distributed system where each user installs their software on a personal server in their home. FreedomBox was unique in this view, the rest opting for a traditional centralised platform. However their attitude to data protection and privacy differed. Privowny, Pidder, Personal, and Mydex utilise client side encryption to encrypt data before it is sent to their platform; consequently only the user can decrypt their data. In OPENi we cannot take this approach as it would restrict mobile application interoperability. However we do understand that there will be instances where users will want to protect some data so we will allow users to encrypt their data on a per data-point basis. As a result this data will not be intelligible to the platform rendering it unusable to the application interoperability, and data aggregation features. To further address users privacy concerns we ll implement non-intrusive logging and provide a detailed privacy policy. This approach is similar to CAYOVA s. In OPENi we re going to implement the Cloudlet Framework on a centralised cloud based platform; however we took care when selecting technologies to choose lightweight options so that more tech savvy and privacy concerned users can install the platform on a personal server. 3.3 Commercial Incentives for Deployment and Platform Bootstrapping OPENi provides a valuable platform that is designed for use in commercial entities. The following section describes how organizations can deploy and extend the capabilities of the OPENi Platform. We also outline how the OPENi platform is useful to both users and developers even in the early stages when the cloudlets have little or no data. The OPENi platform is designed with a number of deployment scenarios in mind: 1) within a large enterprise where an instance of OPENi would operate 24

25 a Backend as a Service (BaaS) for the enterprises suite of mobile applications. 2) A similar setup where a software house deploys an instance of OPENi as a BaaS for their many clients and 3) a single web scale deployment that any app developers or end user can sign up to. Regardless of the deployment scenario there are two user groups, the developers (either in-house or freelance) and the end users (either enterprise or public), that the platform must deliver consistent value across the disparate environments. For the developers OPENi provides a scalable user centric datastore, a group of advanced APIs and a cross-platform client library. By opting for OPENi the app developer can outsource many complexities around data transporting, storage, and regulations and concentrate right away on their applications logic. The OPENi platform reduces development time significantly. For the end users the OPENi framework provides a location for them to safely store their data and secure mechanisms that afford them full control over how they share their data. As with any platform that relies on data to provide certain services - bootstrapping is an issue for a number of the platform s features. The initial platform strives to find a balance between features that can be used out-of-the box with features that make intelligent use of end user s data. For example the interaction with the Graph API is highly valuable from the initial deployment with some of the features in the cloudlet framework becoming more prevalent as users add more OPENi enabled apps and increasingly interact with their cloudlet. Through extended use the cloudlet is populated with more and more data it makes it easier for both the end user and app developers to reuse it. In the case of the aggregator feature it is only be useful when the platform is sufficiently full enough with cloudlets and cloudlet data that valuable generic results can be provided that mask the specifics of the user s digital identity. Additionally as the user base grows each deployment scenario can take advantage of it in a different way. For the large enterprise the rollout of a new service or app can be streamlined and targeted based on data their existing users provide to them. In the software house scenario there is the additional benefit of being able to point to an existing user base when trying to attract new clients. 25

26 4 OPENi s Personal Data Storage Research In this section we aim to give insight into OPENi s research agenda by formulating a number of research questions which we will answer over the lifetime of the project. The questions cover a number of thematic areas such as: mobile application interoperability, meta-processing and data discovery, data monetisation, personal identity, and minimal exposure; the questions are closely aligned with the research agendas outlined in D3.4 and D3.6. Later in this section we identify the requirements and use cases that will help answer these research questions. 4.1 Research Questions The key overall research question for the OPENi Cloudlet Framework is as follows: How should a scalable, extensible, secure Cloudlet Framework be developed in order to provide the ability to store users data for mobile Apps, social media add-ons, and enterprise level applications? In order to address the overall research question (RQ) we need to carefully investigate various aspects of storing users data: user data unification and monetization, personal user space instantiation on the cloud, digital user-identity formation. The specific research questions that address these issues are as follows: 1. How should an open source Cloudlet Framework enable the instantiation of user spaces in the cloud, with capabilities such as storage, discoverability, addressability, access, and security of users data across applications and devices? 2. How should potential differences in data representation by the 3rd party applications be negotiated in order to facilitate data re-use and interoperability? 3. How should the Cloudlet Framework present data to enable convenient meta-processing; both indexing and searching; to facilitate the user in monetising their data in a privacy preserving way? 4. How should the Cloudlet Framework for each individual user encompass and manage their data (e.g. health, finance, legal data) in order to build their personal identity? 5. How should the Cloudlets as a user centric data store further the currently observed state of the art HTTP based data access to promote privacy and enable a minimal exposure concept? 4.2 Relevant Requirements and Use Cases Each of the research questions can be linked with the use cases of the OPENi project in a manner that reinforces the concepts outline in both the use cases and the research questions. Research question one has distinct links with the scenarios of the MyLife and Personalised in-store shopping use cases. These use cases require a system that enables users to sign up to the service in an easy manner and for the system to create these accounts with all the accompanying configurations and features (storage, security, ect.). The MyLife, Personalised in-store shopping and Personalised Advertising use cases help address research question two. Each of these use cases produces user supplied data for storage in the OPENi 26