<aside> đź“Ł Design the system configuration for decentralized self sovereign data
</aside>
In this architecture, your app only needs to read/write into the app’s own namespace with no access to other namespaces. Data is written and read from the app folder only (as a tenant of the data account) and nowhere else. This design has no analytics or data being processed.
This solution pattern can also function as an ”identity-blind” pattern where no data, even those within the PDA, contain any personally identifying information at all
The app records user information into the PDA. The information in the app namespace goes to your app's back-end, or product server in the diagram, to be analysed and the analysis returns new data to the PDA.
The app records user information into the PDA and the tools compute the information to return something e.g a health score or credit rating back into the app namespace. The information in the app namespace goes to a back-end process to be analysed and the analysis returns new data to the PDA. No personally identifiable information (PII) is in the namespace.
Your app writes sensitive PII data into a PDA that is regulated and needs permission from a guardian PDA (guardian/trustee) in order to accept the data contract. PDAs and apps will feed information into the back-end process that will show product analytics utilising information from the PDAs and app itself. Benefits of this solution include but are not limited to: guardians, trustees not able to monitor PDA content but can approve the contract; ability to optionally include a back-end process that will produce analytics using multiple PDAs and app data without identifying users.
Example use case: Organisations using PDAs for employee or student records
The app writes information into contracted PDAs which simply means the PDA owner cannot cancel the data debit or contract without the organisation's permission. The PDA owner also cannot delete the PDA. The app back-end, described as the "Product Server" in the diagram, is able to access the contracted namespace and produce analytics or simply read and merge information as needed.
In this design, businesses have control of information pertaining to them and the PDA owner together e.g building access control logs that need to be retained. The business is allowed to read and produce analytics regarding the data stored in the PDA and ship to the required enterprise systems.
PDA owners are still private across all other folders in the PDA