Hello SOLID Champs,
Is there any way to store read-only or write-protected on the SOLID POD that user of POD cannot change?
So for example I want to store my bank account balance on the POD but obviously I don’t want user to temper it. This can be achieved by encryption, but user wont be able to see the original content then. The CRUD operation would be done by Banks Web Application but stored on the User’s POD.
Is there any related discussion regarding this ?
You don’t need to encrypt it, but the bank can still sign it. That way the user can see it but the bank can see when the user changed it, because the signature will be invalid.
Thanks for the reply, but then user has the control to change ? How reliable will be the app then ?
The user can change it, but the signature will be invalid, which is something that the bank can check. For example, the users changes his balance from 100 to 1000. The signature stored on the POD is only valid for the balance of 100, so the next time the user opens the app it will complain saying that the balance is incorrect, because it doesn’t correspond with the provided signature. Note that this signature can only be provided by the bank.
Interesting. So by using signatures we can guarantee that the provided information is valid. At least for a specific timeframe.
But in my humble opinion this solves only part of the initial question. I cannot modify any data, because the signature will no longer be valid. But I can delete data and make it appear as if it were never there.
Is there any way to prevent this, or do we need to look for other technologies like blockchain for this use-case?
@barry I think the bank would probably store a record on their server too, so a missing record would also be a mismatch
Thanks for the fast and clear answer, @tychi. Makes me wonder though - it implies that in a regulated context, the PODs will only contain a copy of data. In that case, many stakeholders (and surely not all) might prefer to get the data from the source instead, which makes the use-case less obvious. I will reflect on that a bit more. Thanks again!
I think the PODs can contain the only copy and the regulator can store a checksum of that data. It’ll depend on the implementation, but this would let the regulator validate data hasn’t been tampered with and not need to store the actual data.