[foaf-protocols] ABC4Trust - another new project

Thu Jan 27 16:41:16 CET 2011

I think the term "privacy" has indeed evolved - in the time Ive seen it used in internet/crypto circles - about 20 years.

We discussed PEM the other day, which is privacy-enhaced mail. "Privacy enhanced" meant, in those days, what "commodity crypto" means today. Its private against the crypto attacks most folks mount (before and after taking the kids to school, each day), its a significant barrier against even major ciminal enterprise, but its not secure in the military/natsec sense. So, an email with wonderful crypto, keks, and teks, is no use in "security" if its not combined with a link encryptor focussed on transmission security (addressing information flow leakage, timing leaking, intel in general).

if you read older 1970s and 1980s american documents, you see the privacy vs security "doctrine" used very comprehensively and strategically. Most of the PEM vs PGP animosity was becuase PGP would not fit into the nice analytical bucket laid out for commodity crypto.

"privacy" these days has moved on - away from being that which not-secure and "not bad stuff" for you and me to use against our daily human foibles of nosiness, snoopiness, petty criminality etc. Now its associated with the consent and reuse permissions - the wider picture of information and its lifecycle. Its migrated, having taught people to worry about what the disclosure means in 40 year time (and who will have control over "your" *historical* factual information, then). Most folks associate with their identity their life story, and its various facts. So privacy in the identity space is very much about ownership and control over your life story facts, which plays into the semweb semantic security model. that model when I look at it is woefully thought out, having little substance than that derived from having borrowed some "communication security" theory.

> Date: Tthu, 27 Jan 2011 12:46:24 +0100
> From: jan.wildeboer at gmx.de
> To: foaf-protocols at lists.foaf-project.org
> Subject: [foaf-protocols] ABC4Trust - another new project
> 
> http://abc4trust.de/
> 
> { Attribute-based Credentials for Trust
> Concept and project objective(s)
> 
> 
> The goal of ABC4Trust is to address the federation and 
> interchangeability of technologies that support trustworthy yet 
> privacy-preserving Attribute-based Credentials (ABC). So far credentials 
> such as digitally signed pieces of personal information or other 
> information used to authenticate or identify a user where not designed 
> to respect the users privacy. They invariably reveal the identity of the 
> holder even though the application at hand often needs much less 
> information, for instance only confirmation that the holder is a 
> teenager or is eligible for social benefits. In contrast to that, 
> Attribute-based Credentials allow a holder to reveal just the minimal 
> information required by the application, without giving away full 
> identity information. These credentials thus facilitate the 
> implementation of a trustworthy and at the same time privacy-protecting 
> digital society.
> 
> The objectives of ABC4Trust are:
> 
> - to define a common, unified architecture for ABC systems to allow 
> comparing their respective features and combining them on common 
> platforms, and
> 
> - to deliver open reference implementations of selected ABC systems and 
> deploy them in actual production pilots allowing provably accredited 
> members of restricted communities to provide anonymous feedback on their 
> community or its members.
> 
> Jan
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20110127/1d30c0f2/attachment.htm 