Solid: A New Web Standard Allowing People to Control Their Own Data

Rik Scarborough Development Technologies, Programming, Security Leave a Comment

The path to research can start in many different places, and my path to researching Solid started at a very interesting place indeed.

Recently, a friend shared an article on social media that made a bold statement: Sir Tim Berners-Lee was creating a new Internet. As you might imagine, I was intrigued.

Since you’re reading a tech blog, I assume you know who the Knighted Tim Berners-Lee is. If not, here’s the short answer. Tim Berners-Lee is the inventor of the World Wide Web. He was knighted by the Queen for his work in computer science – an accomplishment I can and do envy a great deal.

You can find out more about him on his Wikipedia page. Although I much prefer his bio on his company Inrupt’s website – it contains much less personal information that I don’t need to know.

Anyways, long story short, this post contains a recap of my research into the subject and an exploration of Sir Tim’s so-called new Internet – a technology called Solid. We’ll start by exploring what Solid is, and then we’ll talk about its purposes and how to use it. It’s a pretty cool technology!

So, let’s dive in. What exactly has Sir Tim Berners-Lee created?

What It’s Not.

So the article my friend shared promised a brand new Internet with privacy and control built right in. My first thought: if anyone would be ambitious enough to try to rewrite the Internet from the ground up, it would be a knight!

A quick read through the article told me that Sir Tim had not, in fact, created an Internet replacement. However, it was possible he had created a new WWW!

I will again make an assumption based on the fact that you are reading a tech blog. I’ll assume that you know the difference between the Internet and the World Wide Web (WWW). If not, please take a moment and do a web search for internet vs WWW.

Basically, the Internet includes many applications, protocols, and services outside of the web, including but not limited to, email, file transfer, telnet, and even the WWW.

Bottom line, Sir Tim had not created a new Internet, but he had created something else … and possibly it was a new WWW.

Is It a New WWW?

I took a deeper dive into the information to see if Sir Berners-Lee was replacing his creation with a new and improved WWW. And again, my research showed that this was not true.

Sir Tim’s solution is built fully on the foundations of the web, which is built on the foundations of the Internet. They are using existing Web standards to create a new standard where individuals can control their own data, maintain their privacy, and choose the applications they need to access the data they own.

So What Is It?

The best way to define it is to first discuss what issue the solution is attempting to solve.

The web began as a way to share documents with collaborators, especially those not located in the same place. As dynamic functionality was added to the pages, we discovered that applications could be written in the pages and shared across a wide area.

One issue with this system is data protection; how can we safely handle all the data, especially the users’ personal data? As developers, it’s our responsibility to solve this problem and protect our users’ data.

Most of the time, we just have to properly secure login data, like user id and/or password, but sometimes it’s more, like address, phone number, or even more important data like Social Security Number.

We could also possibly need to secure the data that our applications are creating. Take for instance an application that creates an image or text document. Does this data belong to the application owner or to the user?

For example, if we are creating some type of web store, the catalog of products, prices, and information about the company belong to the owner of the web-store. However, the login information, shipping address, payment information, and even the shopping cart itself should all belong to the user. In most cases, we offload this responsibility to the Big Cloud companies, but, truly, the data does not belong to them either.

And this is where our good Knight and company come in. Sir Berners-Lee has begun to develop a solution to give the user the ability to control and own the data that should already be theirs in the first place.

A Knightly Solution

So what has our honorable knight proposed? Sir Berners-Lee and team have created a new company called Inrupt (https://inrupt.com) to address the issues they have with how the World Wide Web handles items like user data by creating new W3C standards, API’s, and products.

The technology they are currently developing starts around a pod, also known as a Solid pod or a data pod. According to their specifications, a data pod is a place for storing documents, with mechanisms for controlling who can access what.

For those of you like me who have a background where TLAs (three-letter acronyms) are prominent, I spent a brief time searching the web for what pod stood for. From my search, it seems pods mean Personal Online Data Stores, although they seem to be dropping the (s) in their documentation.

A pod is where you are going to store your data. You are responsible for setting it up, and you can add data and control access to that data. Applications you allow to access your pod can also read and add data to it.

This resource has information on how to set up a pod. They even have instructions on how to self-host a pod. The self-hosting instructions, at the time I am writing this, assume you are running and knowledgeable of Linux (Debian 8 to be specific). You will also have to expose the ports the server uses.

I set up a Solid pod on solidcommunity.net and another on inrupt.net to test things out and to see the difference between the providers. You can have only one or many pods across providers that you allow your applications to access. I’m sure that as the technology matures, it will make sense where and when to use a centralized pod and when to use a site-specific pod.

There is a lot of functionality on the pod itself, like the ability to create contacts, bookmarks, notes, etc. that can be used directly from the pod. The two different providers seem to have slightly different tools that can be used.

I played with the tools in the pod for creating different data documents, and I can see its potential. It is very usable, but it’s not currently going to replace the Big Cloud offerings.

Inrupt also has a PodBrowser that can be used to view and maintain your pod. It works well with either provider. I did use it to fix an issue I created with my pod that the pod itself could not fix.

So What About Development?

Now that I’ve explained it from a high level, let’s dive into the development.

Inrupt has developed the Solid project to provide developers with libraries for creating Solid projects. From the Inrupt website, Solid is a technology for organizing data, applications, and identities on the web. Their specification defines a Solid app as an application that reads or writes data from one or more data pods.

Access to data in pods can be done through the Solid Protocol. They have developed Javascript libraries to create Solid applications. Furthermore, they have created a React SDK to quickly create Solid applications.

This resource gives you a start on these development tools.

I don’t want to recreate the tutorials here for fear that if you are reading this in the future, they will be invalid. If the links below are no longer valid by the time you read this, hopefully, the one above will be.

Documentation is always the best place to start. The documentation for the Inrupt JavaScript Client Libraries can be found here. It includes information on getting started, installation, and use.

The Solid React API documentation can be found here.

The Solid Project contains a lot of information and a tutorial for writing a Solid application. I found it to be pretty helpful.

Although the Libraries are Javascript, the project is accessible via the Solid protocol. Any language that can call a web service should be able to interact with the pods Server.

What about other languages?

So we’ve talked about Javascript libraries to access data pods, but what about other languages? I’ve been a java programmer for a very long time, and a great deal of my experience has been in backend systems. We can do backend stuff in Solid with javascript, but what about in other languages?

A web search does turn up the possibility of other languages, but I haven’t located anything in Java or C# yet. I did, however, notice that the specification uses standard web technology – a good sign.

So for a test, I created some data in my public space in a pod, as you can see in the image below.

Because this is a public note, I found that I can access this from another browser that I’m not logged in on. But what about non-browser access?

I would expect to be able to access it through a simple web call, so I tried curl.

curl https://riksca.solidcommunity.net/public/New%20Pad/index.ttl#this


Honestly, I had no idea what I’d get, it was just out of curiosity, so I was pretty excited to receive the following.

@prefix : <#>.
@prefix XML: <http://www.w3.org/2001/XMLSchema#>.
@prefix c: </profile/card#>.
@prefix n: <http://rdfs.org/sioc/ns#>.
@prefix p: <http://www.w3.org/ns/pim/pad#>.
@prefix n1: <http://purl.org/dc/elements/1.1/>.
@prefix ic: <http://www.w3.org/2002/12/cal/ical#>.
@prefix flow: <http://www.w3.org/2005/01/wf/flow#>.
@prefix ui: <http://www.w3.org/ns/ui#>.

:id1611697074495
    ic:dtstart "2021-01-26T21:37:54Z"^^XML:dateTime;
    flow:participant c:me;
    ui:backgroundColor "#e8c3e5".
:id1612126370549 n1:author c:me; n:content "My test"; p:next :this.

:this
    a p:Notepad;
    n1:author c:me;
    n1:created "2021-01-26T21:37:38Z"^^XML:dateTime;
    n1:title "Shared Notes";
    flow:participation :id1611697074495;
    p:next :this_line0.
:this_line0
n1:author c:me; n:content "A New Public Note"; p:next :id1612126370549.

As you can see, all the data (and more), from the above screenshot is there. Knowing we can do this means that we can make calls to the data from any modern programming language.

I’m nerdy enough to admit that this is exciting stuff.

Conclusion

Here’s my final opinion, I think Solid has a lot of room for growth in this space. Although this is neither a replacement for the Internet or the World Wide Web, this could be a huge doppler shift in how Web Applications are written and how data is used and owned in them.

Much has been written about the political and privacy aspects of this new technology. As a user, I have a different opinion about this project than I do as a developer. I am excited that we may have a way to better control data that should belong to us. The ramifications for social media alone are inspiring.

As a developer, my priorities are focused on providing a valuable experience to my users while protecting the data to the best of my ability. I also want to be careful about the resources I have, including storage space and the liability of maintaining data.

I think this is a great solution for allowing the user to make their best decision on where their personal data will be stored.

Going forward, I plan on doing some more deep dives into Solid and possibly moving some applications over to it. We’ll see what the future holds!

[Editor’s Note: Never miss a post by subscribing to receive new blogs by email. No spam, opt-out anytime.]
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments