A curated list of personal data stores and associated technology.
- Atomic and Atomic Data Server : a lightweight, yet powerful CMS / Graph Database
- Data Spaces :
- Ceramic and Compose DB:A graph database to build social networks, collaboration tools, identity and reputation systems, knowledge graphs, and more :
- Decentralized Web Nodes : A mesh-like datastore construction that enable an entity to operate multiple nodes that sync to the same state across one another, enabling the owning entity to secure, manage, and transact their data with others without reliance on location or provider-specific infrastructure, interfaces, or routing mechanisms.
- Peergos : Peergos secures your files with quantum-resistant end-to-end encryption and ensures all data about your files, including who you share them with, remains private.
- Encrypted Data Vaults : A specification that describes a privacy-respecting mechanism for storing, indexing, and retrieving encrypted data at a storage provider
- MyDex : The MyDex Personal Data Store is a secure data vault residing in the cloud and hosted by MyDex Community Interest Company. An individual’s data is encrypted at rest using the individual’s key. MyDex does not have access to any key for decryption.
- The Hub of All Things : The HAT is a decentralised, person-owned and controlled “microserver” for personal data storage, processing, AI and exchange.
- Solid Pods : Solid is a specification that lets individuals and groups store their data securely in decentralized data stores called Pods. Pods are like secure web servers for data. HTTP Based.
- UBOS : Core to UBOS is UBOS Gears, which automates many of the otherwise complex and laborious tasks of systems administrators administering peer computing applicationsa.
- Verida : Verida is a layer zero DePIN ecosystem that combines the performance and privacy of traditional databases with user controlled keys for complex DApps
- WebNative Filesystem : The Web Native File System (WNFS) is a distributed file system. It is versioned, logged, programmable, has strong-yet-flexible security, and is fully controlled by the end user. Service providers can validate writes without reading the contents of the file system, and minimal metadata is leaked.
- Apache Avro : Data serialization system that provides rich data structures and a compact, fast binary data format.
- CBOR : he Concise Binary Object Representation (CBOR) is a data format whose design goals include the possibility of extremely small code size, fairly small message size, and extensibility without the need for version negotiation.
- DID Documents : A set of data describing the DID subject, including mechanisms, such as cryptographic public keys, that the DID subject or a DID delegate can use to authenticate itself and prove its association with the DID.
- IPLD : Data model for content addressable web. It allows us to treat all hash-linked data structures as subsets of a unified information space, unifying all data models that link data with hashes as instances of IPLD.
- MessagePack : : It’s a binary serialization format that's more compact than JSON. Like JSON, it supports a wide range of data types and structures, and it's useful for applications where bandwidth is a concern.
- Cap’n Prot : Fast data interchange format and capability-based RPC system
- Protobuf : Protocol Buffers are language-neutral, platform-neutral extensible mechanisms for serializing structured data.
- JSON-LD : JSON-LD is a lightweight Linked Data format. It is easy for humans to read and write. It is based on the already successful JSON format and provides a way to help JSON data interoperate at Web-scale.
- Verifiable Credentials Model : Specification describing a claim, credential, and presentation data model
- ABAC : ABAC uses policies that combine attributes of the user, the resource, and the environment to make decisions. This allows for fine-grained control and can dynamically adjust permissions based on any attribute of the user or resource.
- ACL : ACLs are used to list who can access a particular resource and what operations they can perform on it. Each entry in an ACL specifies a subject and an operation (e.g., read, write).
- Capability Based Security : This model uses tokens (capabilities) that provide the holder with the authority to access a resource. Capabilities must be granted explicitly and can be passed around between users.
- DAC : This model allows the owner of the data to decide who can access it. DAC is often used in file systems where users can set permissions on their own files and directories.
- GBAC : A declarative way to define access rights, task assignments, recipients and content in information systems. Access rights are granted to objects like files or documents, but also business objects such as an account. GBAC can also be used for the assignment of agents to tasks in workflow environments
- GNAP : GNAP (Grant Negotiation and Authorization Protocol) is an in-progress effort to develop a next-generation authorization protocol.
- JWT : JWTs are a compact, URL-safe means of representing claims to be transferred between two parties. While not an authorization protocol itself, JWT is often used in conjunction with OAuth 2.0 and OIDC for secure token issuance.
- oAuth : Although typically used for API authorization, OAuth can be adapted for personal data stores to allow third-party applications secure delegated access without revealing credentials.
- OIDC : OpenID Connect (OIDC) is an identity authentication protocol that is an extension of open authorization (OAuth) 2.0 to standardize the process for authenticating and authorizing users when they sign in to access digital services.
- RBAC : In this model, permissions are assigned to roles, and users are assigned to these roles. This means that a user's access is determined by the roles they have, simplifying the management of permissions as users or their roles change
- IPFS : The InterPlanetary File System (IPFS) is a set of composable, peer-to-peer protocols for addressing, routing, and transferring content-addressed data in a decentralized file system.
- GUN : An open source cybersecurity protocol for syncing decentralized graph data.
- Web5 : Implements Decentralized Web Nodes
Contributions welcome! Read the contribution guidelines first.