How can we citizens maximize the benefits of the new right to data portability, which is now rapidly being recognized globally? Personal Data Store is a technology that will receive all “My Data” from hundreds of services. It aggregates and integrates them, and at times discloses a portion of them to others under user’s control for creating new values. This talk will introduce an open-source Personal Data Store (PDS) server “Personium”, providing details on its technical implementation, the underpinning business models, and the actual implemented and future use cases.

1. Open Source PDS envisioning
the Web of MyData
Akio Shimono
Project Lead - Personium Project
Member – Open Knowledge Japan
Manager – Service Technology Unit, Fujitsu Ltd.
MyData 2018 – Tools for Data Portability
2018-08-29

2. “Data Portability” encouraging MyData
2
 With “Data Portability”, MyData is now out from enclosure,
in a machine readable way.
 Now, Question is
 Who / What Entity, What kind of Machine should
receive these ported data.
 Where is the best place to put the ported data.

3. Imagine
3
 Invisible ball floating above your head
 You can put whatever your data into that ball.
 All your data is there.
I know all my data
is there
Whatever data
about me can be
stored
 Invisible Concierge.
 Perfectly “Yours”
 Helps your life in all aspects
 Never betrays you.
Your Personium
Just like your Car augments
your ability of mobility.
augments your ability of
information processing
such as:
- reception,
- recognition,
- memory,
- integration,
- analysis
- expression
Create such an Information TechnologyOur Project Goal #1

4. PDS – “MyData” Storage
4
“ Where is the best place for MyData, now getting available by data portability ?”
Question
Our Answer
Why Server ?
 24 hrs / 365 days Up,
 Accessible from any device / service
 Easy to put Intelligence (computing power)
Why a choice of entities trusted ?
 It varies depending on your belief.
 We like democracy rather that despotism
“My Own Server operated by a choice of entities I trust.”

5. World Wide Web of interconnected PDS’s
 Various PDS Providers (Information Bank) can co-exist and co-prosper
Bank
Energy
Provider
Railway
Local Govt.
Shopping Mall
Interoperable among PDS providers using Personium or compatible software
Various PDS Providers
Similar usability,
regardless of PDS
Providers
Can use Same Apps
Can communicate and
share data with
People who use a
PDS from other provider
 Consumers can choose a provider
 Interoperability among providers should be there
Provide it in the form that many players can co-exist and co-prosperOur Project Goal #2

6. Open source: Anyone can be a PDS Provider
6
https://personium.io/
Currently developed by our team in Fujitsu.
Aiming for open and neutral project management
 Available on github
 Apache License version 2.0.
 Tools, samples are also available
https://github.com/personium/
Anyone can set up a PDS server, and become a PDS provider.
Business entity, national / local government, individual, etc.
Free, Secure, Public
Aiming to be an “Apache” in MyData Domain

7. Tech Overview
1.Accessibility from variety of Apps
 All functions provided in the form of Web API
 Each Personium PDS has a unique URL
 Any platform (OS, language) can speak with Personium
 All API’s are protected with user authentication and access control.
 Well known standards used for data access
 WebDAV for directory tree file system model data
 OData for relational model data
 Per-App spaces
 Decently isolated to avoid unintentional mix-up
 app authentication for protection against phishing apps
 Packaged data model including ACL, Roles, relational data
schema, etc.. can be provided from app and installed onto
Personium upon first use
7
https://akio.some-provider.example/
HTTPS
Apps Per-App spaces
HTTPS
HTTPS
HTTPS
Web API standards
WebDAV
For Relational Data
For Files
Unique URL

8. Tech Overview
2.Linking for sharing MyData
 Sharing MyData by pointing target PDS URL
 Disclosing or sharing your data to the others (e.g. wife, family doctor, work
place, etc.) are done by specifying the other party's PDS URL.
 PDS access uses digital signature technology, therefore, the other party's
PDS can be resided on another server.
 Passive Data Subject
 Full privilege delegation enables Passive Data Subject
 By granting all privileges on all resources to someone else, full delegation
can also be configured in the continuum of Personium access control model.
 Data from / of infants, pets, cars, communities, organizations can be handled
using Personium (MyData can be disclosed to organizations or apps)
8
My doctor My patient
I will show my diet
log and exercise log
only to my doctor
Active Data Subject Passive Data Subject
Allow parents all data
all operation
My son My dad
I will manage it until
he grows up
8
Active Passive

9. Unit
Architecture:
Web of 3-layer structure over HTTP (REST APIs)
9
UnitBox
Cell
Box
BoxCell
Cell
Cell
Name Description Typical URL
Unit The server to host Cells. What you get by software installation. https://pds.example/
Cell “Personium” Data Store for “everything” https://akio-shimono.pds.example/
Box Per- App space inside a cell. https://akio-shimono.pds.example/schedule/
Cell
Cell
Cell
■ Cells can be networked beyond units.
■ A Box provides a separate space dedicated to each application.

10. Unit
Architecture:
Closer Look
 Security : All SSL, Authn/ Authz, Access Control
 3 types of clients call corresponding level of APIs
10
Box
BoxCell
Box
pictures
2016-09-01.jpg
2016-08-31.jpg
Thumb-svc
shared
Trip-log
settings.json
Unit Ctl
Cell Ctl
Unit Mgt Client
Service Provider
Application ClientCell Mgt Client
Super-user access
Create/ delete
Cells
Various apps
storing and utilizing
my data
Access Control
Consent Mgmt
Access Control
External /
existing
IdP /
Authn
IdP /
Authn
User
RESTful API standards
WebDAV
For Files
For Relational Data

11. Other features of Personium Cell
 Messaging
 Between cells to send request each other (Relation building, Data
disclosure, etc.. )
 Event Bus
 Rule based event handler + Pub-sub WebSocket interface
 Engine
 Sandboxed custom logic execution environment to implement “intelligence”
 Extensibility of User Authentication Methods
 Open ID Connect / SAML / Card …
11

12. Our final goal
Web of “MyData”
 Every active / passive data subject’s MyData store connected with each other
 World Wide Web of PDS’s can be formed if everybody is happy to use one.
Our logo represents our dream of
World Wide Personium (MyData) Web
Notice:
Cyber Physical System will be formed

13. Key: App Ecosystem
 User Satisfaction parameters
 Richness of Data providing Apps, which sync ported data to the PDS
 Richness of Data consuming Apps, which utilize the data in PDS and provide new values.
Calendar
Wearable
Health Sensor
Event
recommendations
Job
huntingUser
Finance
Asset management
Electronic
health record
Health
advices
Trip
planner
Data
Data
Data
Data
Recommend an event tailored to your
preference during the free time of your
schedule
Expert advices based on your daily
health data
Proposal of travel tailored to your
financial status, preferences and
schedule
Job offering according to your skills,
qualifications, practical experiences etc.
Control
Data Consuming AppsData Providing Apps
(including adapters
existing service)
DataPortability
IndividualConsent
As data grow,
app ecosystem and user base grow.
As app ecosystem grows,
user base and data grow

14. Personium
Data Portability Demo
using our sample GUI + Calendar App
1. Calendar Data synced near-real-time to Personium
from multiple major source services
2. Merged and integrated
3. Shared with others upon user’s control
14
You can freely modify and customize them for your
needs. (e.g. Put your logo and redistribute under
you brand.)

15. Business Model
 PDS Provider (Information Bank)
 Several projects under development. Many big companies interested.
 Financial Institution, public sector, energy company, Media, etc.
 They all have individual ”paid” accounts and have strong interest in adding extra
value on them.
 They do not have to earn immediate money with this, rather engagement.
 ICT Provider
 Cloud Service, System Integration, etc.
15

16. Last Words: Join Us !
 Visit our web page and join our slack community
 About 100 members in the community.
 Current majority is Fujitsu Group Employees in Japan
 We want more diversity !!
 App Developers
 We want more apps.
 Server Operators
 We want more servers.
 Server Development
 Our software is still far from maturity.
16
https://personium.io