HAVEN by Digipomps

Humanely Attuned Virtual Ecosystem Nexus

A global digital platform that will provide people who use free and free access to functionality that safeguards their digital rights and profile data. The Platform forms a foundation for an ecosystem that assumes the rights of users first and allows commercial interests to access data based on user consent. Commercial use ensures financing of operations and development. The platform maximizes value by facilitating the greatest potential for sharing data and by not tapping capital off the platform.

HAVENs aims to be a globally-present platform that manages authentication, authorization, anonymization and user data. By letting the manager of the platform not have direct commercial interest in the platform opens opportunities for a solution architecture that will have a greater value potential than the current situation with closed silos. This value increase comes made available to business by opening to build commercial solutions with HAVEN as the foundation. 

The EU introduced on 25 May 2018 a data protection regulation GDPR. This was a big step in protecting users ' rights and a powerful tool for European companies in the competition with major international platform companies. However, although users ' rights through this have been substantially strengthened, the management of users ' data is still up to the individual company. This leads both to a weaker security in the processing of user data, as well as the lower potential value of the data than what is possible to achieve with a manager whose primary task is to ensure users ' data. A trader will, or should, have a primary focus on the product or service they will sell and will therefore never have the primary focus on the solution to ensure the users ' data and rights. A company that provides assurance of user data as a product or service will still have a problem with the fragmentation of data and the tapping of values that when taking out dividends or using profit on things other than the solution. The individual companies ' focus on gathering user data with themselves leads to a data structure that restricts the value of users ' data. The GDPR addresses this point in the right to carry its data, but carrying data between the services is not optimal and also seems to be gaining business interests that truly see the value of that right. 

Another of the rights used by Rene in the GDPR is the right to be forgotten. This solves the HAVEN of using IDs that are associated with the profile and never the profile's ID directly. This allows users to leave an associated ID in the services they communicate with and whether they want to be forgotten by the service so they can even delete the link in HAVENS Gate service. This functionality is key for being able to have a platform with strong authentication while allowing users to act anonymously against external services if they wish. The uses for such functionality may be to ensure that you do not receive messages from users who have not been approved, or to ensure that the person behind a profile on a political discussion forum cannot be tracked or possibly to be forgotten by an ad network.

There are several initiatives aimed at solving all or part of this. Common to many of these is that they themselves have a commercial interest in their own solution. This means that, in addition to draining resources from the value of the platform, via, for example, dividends, will also be difficult to conduct a neutral cooperation between commercial operators using the solution. Platform fragmentation causes large resources to be used to solve the same tasks. Closed silos cause data sets to represent fragmented portions of the entire image, and overlapping data is represented in multiple datasets that lead to a lower value potential for the platform. 

HAVEN solves the weaknesses of today's solutions by building on the principles of the GDPR. HAVEN is a platform that takes the basis of securing users ' data and rights and then facilitating commercial services built on top of this. By allowing the platform to be managed by a non-profit organisation that has no direct commercial interest in the platform, an ecosystem with the same starting point for all commercial operators who want to use it is facilitated. The platform forms the infrastucture of a value network that itself generates value that will come in addition to any innovation. The Value network (Stabell & Fjellstad 1998-Configuring value for competitive advantage: on chains, shops, and networks) creates value by allowing the same data to be used for value creation several times. This is the idea behind one of GDPRs fundamental rights-the right to move their own data. Unlike the GDPR that relies on each service to implement its own handling of personal data and exports in order to move the data, HAVEN employs personal data banks-PDS Personal Data Stores-that can be used against any services Integrated against the platform but only if the user wants it. This maximizes the value potential of the platform. Moreover, it streamers resource usage by maintaining data maintenance in this one platform as opposed to each platform player maintaining their data and in many contexts is maintained by the user himself. Basic features and services are also developed and maintained in one place to minimize costs. 

By being part of the network, any service can create value from the data the user has accumulated from all other services too-as long as one asks the user in such a way that it sees the value in granting access to the data.

HAVENs ' long-term goal is to be the global platform for authenticating, authorizing, anonymizing and managing profile data that the entire digital world (Digisphere) uses. This is to be achieved by being the most cost-effective platform that delivers this while the platform will be the place where digital services will be able to access the most and richest user data, again of course on the user's terms. 

HAVEN description

HAVENs Architecture and technical solution must be made so that administration, maintenance and development can be made as easy as possible. The platform aims to be a globally available solution and to be able to scale up, the solution must be massively distributed. This entails some challenges but can also be used as an opportunity to strengthen security by deploying profile data sets over a large number of nodes. This can also be used to ensure maximum uptime by ensuring that data is deployed in such a way that, even if multiple nodes become inaccessible, a request can always obtain the data it requests. 

The basic functionality is divided into smaller services that are associated with loose links so that each service is optimized for the simple task it should resolve. The basic functionality is a collection of features that must be in place in order to be the foundation for a well-functioning digital ecosystem. 

The basic functionality of the platform is as follows:


Authentication is functionality to determine the identity of a client. There will be in different situations different requirements for how precisely one determines an identity. HAVEN will both possess the solution for absolute identification and identification with looser requirements where the convenience of usability is more important.


Authorization is functionality to determine whether an authenticated client should have access to functionality or data. Consent is a form of authorization which will be handled here.  


Contracts between profiles and or services are important in order to have a well-functioning ecosystem. Agree, for example, is a special case of an agreement that is unilateral, i.e. where one says that the other party can access something without it being a mutual responsibility. Double-sided contracts will also be important to deal with where is necessary that two or more parties have a responsibility towards each other.

Association of IDS

In order to be able to both have strong authentication and anonymity where desired, the platform needs to associate-or link-ID's so that any other service can use a linked ID that can be deleted from a later date. Aka be forgotten. 

Profile Data Management

Profile data stored in the user's Personal Data Store (PDS) HAVEN must have functionality to store, find, and query the user's profile Data. A major challenge is implementing this with adequate security. Personal data in the platform will represent large values and the platform's mission is to protect it from the user who owns them. Another challenge is scaling and distributing.  

Profile Data storage format

The profile data must be saved in a format that can only be accessed by the owner, being close to 100% available, even if errors occur, support fast lookups and potentially contain large amounts of data.

Saving normalized objects

In order for different external services to be able to know that they are talking about the same objects – e.g. products – needed functionality to determine if an object in a service is the same as an object in another service.

Secure journaling of performed functionality

In order to charge for various services or functionality, it will be necessary to securely store events in a blockchainbased book

Infrastucture for messages between profiles

Communication between profiles is a necessity and should be a General Service anyone can use. But here it should be facilitated that third can build services over a general infrastructure.

Rough Architecture Overview

In order to massively scale up and distribute the service, the functionalist in the GARDEN is divided into subservices that have their specific and limited responsibilities. Splitting into relatively specific services makes it easier to develop, maintain and optimise the services for the type of performance that is most important to each service.

Basic functionality is handled by the following services:


Authentication and ID Link


Authorization including consenting. Vault also contains all contracts profiles and or services included.


Profile Data Execution


Profile Data storage format


Communication between profiles


Functionality for normalization of objects, object metadata, and management of ownership.


Service to translate ID's between external and internal services to be able to safeguard anonymity.


Secure logging of events for use in cases where values are transmitted.

Implementation of the project

The aim of the HAVEN is globally and highly ambitious. Whether the project should be successful assumes the critical mass, or said in a different way; That the amount of users of the platform becomes so great that it drives growth in itself and the platform becomes any commercial services will lose the competitiveness of not participating in. Your road is far away, but HAVEN is designed to solve the requirements of the GDPR, with authentication, anonymization and consent handling solving challenges many businesses in Norway and the EU are struggling to solve in a good way. By allowing these services to be free to use and easy to integrate against, it will itself be a good argument to participate, especially for smaller companies or organisations that do not develop their own solutions.  This allows you to start with a limited version of the platform and gradually build profiles and user locations.  With the services that handle profile data, the platform will be able to provide access to data, whether the users themselves will, of course, who can provide a richer insight than large monolithic services. Since the profiles will contain data from several services users interact with, it will open opportunities to provide users with a better experience than what will be possible if one has a closed silo with customer data. These are services that provide the basis for an economy that can finance the operation and development of the services and ensure that users can use the platform for free. For the profile owners, i.e. users, it will in the first place revolve around convenience, they have one place to maintain their data, such as contact data so that one does not have to fill out contact forms every time one visits a new service or when one needs to Change data. This will also be the one service you need to have real confidence in. The platform will safeguard users ' data and ensures that profiles can take data to any services they want to share data with. The platform's use of associated IDs means that in many cases it is possible to be forgotten by users deleting the link themselves. Having such a solution also means that there is a solution for security-users do not have to rely on all the services they interact with solves security in an adequate manner. This is also why the name of the platform-HAVEN-This should be the place the end user can take refuge in a digital life that is characterized by ever more surveillance. A third very important value proposition-both for end-user and user sites is beneficial. This way of organizing data allows for a wide range of useful services that can bring people better lives, in a safe human way in our common global digital future.

How is this used?

A fully implemented platform opens up to many possibilities. However, you need some inspiration to start with so take a look at some use cases:

Use Cases