Tuesday, July 15, 2008

VRM and the Personal Address Manager

This VRM Workshop session covered the concept of the Personal Address Manager.

The scene setting points covered:

  • First Assumption - Privacy
  • Differences from long running relationships
  • - Mutual policy negotiation - pain-free
  • - Default policy bucket
  • - No identifier
  • Easy to produce end of relationship artifacts
  • Win-Win for customers and vendors
  • - Removing barriers to exit is attractive.

A use case was examined: Single Stop Online Shopping

  • With Address
  • With Personal Delivery Service (eg. relationship wth UPS, Fedex etc.)
  • With Vendor Delivery Service (eg. Vendors own delivery service that respects PAM token)
  • With Address from Personal Address Manager

Is the "With Address" scenario a Personal Address Manager (PAM) case? However the PAM might be the place where user relationship policies are stored. "With Address" was eliminated as a policy statement by vendors.

The "with Delivery Service" was selected to analyze.


  • Shopper (S:)
  • Merchant (M:)


  • Policy Assurance and Warranty


Step 1.

S: Shop at a compliant store

M: Offer VRM ("use VRM" button on the web page)

Step 2.

S: Click "Use VRM"

M: Endpoint Request

Step 3.

S: VRM Discovery End point - ie. PAM Address pointer

M: Push to provision

Step 4.

S: Provision vendor

S: Give Vendor token (with policy)

M: Policy agreement

M: Use token to get address

M: Use Address

M: Delete

M: Confirmation of End of use

Side notes:

Initiatives are underway to build a policy framework. (SAML and WS-Policy?)

This was a complex discussion to develop the scenario. Edits to refine this discussion can be made on the VRM Workshop Wiki in the Personal Address Manager page.

No comments:

Post a Comment