One important news item this week from the IoT space is the support by Atmel of Intel’s EPID technology. Enhanced Privacy ID (EPID) grew from the work of Ernie Brickell and Jiangtao Li based on previous work on Direct Anonymous Attestations (DAA). DAA is very relevant because it is built-in into the TPM1.2 chip (of which there are several hundred million Read More
This is terrific news: a couple of students want to give all undergrads $100 worth of Bitcoin. Here is the news in MIT’s The Tech. Some highlights: “While the specific properties of bitcoin have some real problems, getting everyone at MIT to start playing with bitcoin … will prompt the MIT community to begin thinking Read More
(NB. I love it when people get it. Hal Hodson definitely gets it. Many folks at the MIT-KIT conference this week got it.) Private data gatekeeper stands between you and the NSA 03 October 2013 by Hal Hodson Magazine issue 2937. Software like openPDS acts as a bodyguard for your personal data when apps Read More
So its only 2 weeks away to annual conference. Its beefing-up to be a solid conference, with some stellar speakers. Really excited about it!
Ray Campbell hits the ball out of the park again with his awesome suggestion in his blog: we need a HIPAA-like regime for the privacy of personal data. As a mental exercise, Ray has gone through the HIPAA document and substituted “individually identifiable health information” to “individually identifiable personal information“. The red-lined doc can also be Read More
People ask me all the time about the vision of the IDESG. The following provides a very useful summary (from the original NPO document): “Individuals and organizations utilize secure, efficient, easy-to-use, and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation.” Identity Solutions will be: Privacy-enhancing Read More
Today at the 3rd Plenary of the IDESG, the Chair of the IDESG (Bob Blakley) presented a high level vision slide of what the IDESG should be working on. Its a very good slide for the purposes of uniting the work of the IDESG. Each industry area (or stakeholder group) would end-up with its own Read More
MIT Media Lab – 2013 Legal Hack-a-thon on Identity Today we had the privilege of hearing a presentation by Loius Wingers and Stefan Treatman-Clark on a couple of lightweight ciphers from the NSA. These are called SIMON and SPECK. The algorithms are not yet published, but they have a paper (pdf copy here) that shows some Read More
MIT Media Lab – 2013 Legal Hack-a-thon on Identity Ray Campbell argues quite elegantly and convincingly that the “data ownership” paradigm is not the correct paradigm for achieving privacy and control over personal data. The notion that “I own my data” can be impractical especially in the light of 2-party transactions, where the other party Read More
I believe the OAuth 2.0 definition of the “client” is too restrictive, and by doing so it has effectively closed-off any possibility of OAuth 2.0 entertaining true third party access on the Internet. Although OAuth speaks in terms Alice-to-Bob sharing of resources, in reality it caters only as far as Alice-to-client sharing (where the “client” is Read More
