SlideShare ist ein Scribd-Unternehmen logo

Indirect Identity Control: delegation, guardianship, and controllership – Daniel Hardman

SSIMeetup
SSIMeetup

https://ssimeetup.org/indirect-identity-control-delegation-guardianship-controllership-daniel-hardman-webinar-33/ Daniel Hardman, Chief Architect, Evernym / Secretary, Technical Governance Board – Sovrin Foundation, will compare and contrast three forms of indirect identity control that have much in common and that should be explored together: delegation, guardianship, and controllership. Daniel will recommend mechanisms that allow identity technology to model each with flexibility, precision, and safety. These recommendations can be applied to many decentralized identity and credentialing ecosystems. Daniel has been a software engineer, architect, and dev leader for a quarter century–much of it intersecting with the fields of cybersecurity and digital identity. He developed the original specs for Hyperledger Indy’s SDK, and has contributed code or guidance to most of the Indy codebases. He writes regularly on identity topics. He’s also worked in machine learning/AI, supercomputers, public and private cloud, big data, SaaS, and enterprise software, and he’s founded and sold a dot com. He has graduate degrees in computational linguistics and business. He currently serves as the secretary for the Technical Governance Board of the Sovrin Foundation.

Internet
1 von 34
Downloaden Sie, um offline zu lesen
Indirect Identity Control delegation, guardianship, and controllership Daniel Hardman, July 2019 ssimeetup.org · CC BY-SA 4.0 International theme: Silvia, by SlidesCarnival.com
1. Empower global SSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org SSIMeetup objectives SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
Sources ● These slides: http://bit.ly/2YczZzP ● Indirect Identity Control RFC: http://bit.ly/aries-rfc-103 ● Appendix C of Sovrin Glossary: http://bit.ly/svrnglos-appC ● Sovrin Guardianship Task Force: http://bit.ly/svrn-guard-tf ssimeetup.org · CC BY-SA 4.0 International
See Appendix C of the Sovrin Glossary. Guardianship, delegation, controllership See Appendix C of the Sovrin Glossary: http://bit.ly/svrnglos-appC ssimeetup.org · CC BY-SA 4.0 International
ssimeetup.org · CC BY-SA 4.0 International
Delegation A corporation is governed by a Board of Directors, executives, and employees with multiple levels of delegated authority. The control relationships are dynamic and complex. ssimeetup.org · CC BY-SA 4.0 International
Guardianship Parents typically manage the identities of their young children. Adult children may need to exercise the identity of a parent with dementia, or of a parent who recently passed away. ssimeetup.org · CC BY-SA 4.0 International
Controllership A self-driving car may be capable of many independent actions, but behind such a smart device must be a human entity that takes legal responsibility. A pet needs a proxy because it can’t be self-sovereign. ssimeetup.org · CC BY-SA 4.0 International
◦ Mya (orphan girl in refugee camp) ◦ Patrick (father with family after hurricane destroys home; no digital access) ◦ Tom (homeless, mentally ill, drug addict) ◦ Gayle (elderly, has moderate autonomy, needs digital assistance) ◦ Sofia (trail runner disappears in the mountains) ◦ Rover (pet dog) ◦ Unprofitable, Inc (company in receivership) ◦ Hertz and Dave (rents car, gets delegated authority) See “Persona and User Stories” at http://bit.ly/2GnRtTq Formal Work on Use Cases ssimeetup.org · CC BY-SA 4.0 International
Guardianship: internal risk is pivotal In SSI, risk mostly comes from external attacks. But guardianship isn’t self-sovereign, by definition. Guardians are an internal risk to dependents who can’t manage keys or advocate/defend. Pure crypto and cybersecurity don’t prevent abuse. Protections must come from elsewhere. ssimeetup.org · CC BY-SA 4.0 International
Moments of risk ◦ When a transition happens ◦ Should it be happening now? ◦ Are the right people giving and getting the baton? ◦ Are the conditions, limits, and safeguards understood, evaluated, and honored? ◦ When a constraint needs to be enforced ◦ Is there a limit on the time, place, or circumstances of guardianship? ◦ When stakes are high Risk exists constantly; these are just hot spots. Small, incremental actions away from these hot spots can change the evaluation at key moments. ssimeetup.org · CC BY-SA 4.0 International
Who appoints a guardian 1. Dependent (“while I’m unconscious during surgery, Alice is my guardian”) 2. Legal authority (Court makes adult child a guardian for their parent with Alzheimers) 3. Self (girl wanders from jungle into refugee camp; lacking options, camp appoints itself) 4. Circumstances (parent or pet owner; implicit) These methods do not carry equal trust, and they are not equally formal. ssimeetup.org · CC BY-SA 4.0 International
Evaluating conflicting guardianship assertions Deciding who is the “proper” guardian requires human judgment. The process may use credentials, but that’s not all it will use. NGO: “I’m the guardian of Mya. Here’s my self-attested guardian cred.” Fim (dad?): “No, I’m the guardian of Mya. Here’s Mya’s birth cert with my name on it.” Ana (mom?): “No, I’m the guardian of Mya. Here’s Mya’s ration card with her photo.” Court: “No, Ana is the guardian of Mya. Fim’s parental rights were terminated.” Sometimes the proper guardian isn’t available, so we choose the best available alternative. ssimeetup.org · CC BY-SA 4.0 International
Limits on guardians 1. Time (for what period(s) guardian has that status) 2. Place (in what physical or virtual locations guardian is valid) 3. Function (legal vs. medical vs. educational) 4. Circumstances (for particular event(s)) 5. Biometrics (for dependent involvement) 6. Relationships (who guardian can connect to) 7. Attributes (data/credentials -- what guardian can prove) 8. Agents (what software/devices guardian can use) 9. Cooperation (with joint approval) 10. Oversight (audit trail, reporting) ssimeetup.org · CC BY-SA 4.0 International
“All of these forms of identity control share the issue of indirectness. All of them introduce risks beyond the ones that dominate in direct identity management. All of them complicate information flows and behavior. And they are inter-related; guardians and controllers often need to delegate, delegates may become controllers, and so forth. The solutions for each ought to have much in common, too ssimeetup.org · CC BY-SA 4.0 International
A proxy trust framework that specifies the rules and conventions in force for a particular class of indirect identity control use cases. A proxy credential that binds a controlled entity to its proxy and clarifies the nature and limits of the control for that specific relationship. A proxy challenge that evaluates the proxy credential in a particular context, proving or disproving the legitimacy of indirect control and creating opportunities for auditing and enforcement. Common Solution Elements ssimeetup.org · CC BY-SA 4.0 International
Questions a trust framework answers ◦ What is its formal name and version? ◦ In what geos and legal jurisdictions is it valid? ◦ What are required or recommended behaviors, and how are they enforced? ◦ On what bases are proxies appointed? kinship, court_order, self_assigned... ◦ What are possible permissions of a proxy? financial, medical, travel, relationships, admin... ◦ What are possible constraints on a proxy’s scope? geo_radius, jurisdiction, biometric_freshness... ◦ What auditing mechanisms are required or supported? ◦ What appeal mechanisms are required or supported? ◦ What proxy challenge procedures are best practice? ◦ What freshness rules are used for offline mode? ⇨ Example at http://bit.ly/2YsZ7b7 ssimeetup.org · CC BY-SA 4.0 International
“ Answers to name: Mya Dependent Gender: Female Birthdate: 2014-01-01 Identifying marks: birthmark left shoulder, long scar above left wrist Answers to name: Zo Guardian 1 Gender: Female Birthdate: 1953-01-01 Identifying marks: arthritis, misshapen knuckles, both hands Preparing to issue a proxy credential ssimeetup.org · CC BY-SA 4.0 International
“ …(metadata not shown)… trustFramework auditURI appealURI credentialSubject holder basisURI role name birthDate gender identifyingMarks photo constraints boundaries circumstances proxied permissions photo name birthDate gender identifyingMarks http://unicef.org/tf/camptf/1.0 http://myanmar.gov/oversight http://myanmar.gov/arbitration http://unicef.org/tf/camptf/1.0/self camp UNICEF <blank> <blank> <blank> <blank> “Lotus” camp until resettled Mya 2014-01-01 F birthmark left shoulder, long scar above left wrist {“grant”: [“medical”, “school”, “food”], “when”: {“roles”: “kin”}}, {“grant”: [“school”, “food”, “delegate”], “when”: {“roles”: “camp”}}, {“grant”: [“unenroll”, “travel”], “when”: {"n”: 2, “roles”: [“kin”, camp”]}} UNICEF’s credential
“ {“let”: “kin”, “do”: [ “medical”, “school”, “food”]}, {“let”: “camp”, “do”: [ “school”, “food”, “delegate”]}, {“let”: {"n”: 2, “of”: [“kin”, “camp”]}, “do”: [ “unenroll”, “travel”]} …(metadata not shown)… trustFramework auditURI appealURI credentialSubject holder basisURI role name birthDate gender identifyingMarks photo constraints boundaries circumstances proxied permissions photo name birthDate gender identifyingMarks http://unicef.org/tf/camptf/1.0 http://myanmar.gov/oversight http://myanmar.gov/arbitration http://unicef.org/tf/camptf/1.0/grandparent kin Zo 1953-01-01 F arthritis, misshapen knuckles, both hands <blank> <blank> (same as UNICEF’s) Mya 2014-01-01 F birthmark left shoulder, long scar above left wrist Grandma’s credential
Answers to name: Mya Dependent Gender: Female Age: about 6 Looks like this? Answers to name: Zo Guardian Gender: Female ✔ ✔ ✔ ✔ Show more ways to check... ✔ ✔ ✔ Looks like this? Show more ways to check... ✔ Has ‘food’ permission for dependent ✔ No constraints Proxy Challenge (food tent)
Answers to name: Ri Dependent Gender: Female Age: about 6 Looks like this? Answers to name: Kapa Guardian Gender: Female ✔ ✔ ✔ ✔ Show more ways to check... ✔ ✔ ✔ Looks like this? Show more ways to check... ✘ Has ‘travel’ permission for dependent when acting jointly with another guardian with role “camp”: Add guardian... Proxy Challenge (travel)
Questions? ● These slides: http://bit.ly/2YczZzP ● Indirect Identity Control RFC: http://bit.ly/aries-rfc-103 ● Appendix C of Sovrin Glossary: http://bit.ly/svrnglos-appC ● Sovrin Guardianship Task Force: http://bit.ly/svrn-guard-tf ● daniel.hardman@evernym.com ● @danielhardman on chat.hyperledger.org ssimeetup.org · CC BY-SA 4.0 International
Appendix
Transparent vs. opaque guardians Transparent ◦ Guardian is obvious in all or most interactions. ◦ May be necessary to improve safety. ◦ Easy to audit. ◦ Less private for dependent and for guardian. Rover (pet). Unprofitable, Inc. Law firm resolving affairs of someone recently deceased. Talent agent for child pop star. Opaque ◦ Guardian impersonates dependent. ◦ May be necessary to prevent discrimination and hassle. ◦ Riskier to dependent and relying parties. Limited auditability. ◦ More private for dependent and for guardian. Gayle (digital assiantance). Parent gives adult child password, asks them to transfer funds on their death to avoid probate court. ssimeetup.org · CC BY-SA 4.0 International
Modes of Guardianship Holding-based Dependent doesn’t have DIDs or a link secret, but credentials about the dependent are held by the guardian. Guaranteed to be transparent because subject of credential is never the holder. Impersonation-based Dependent has a link secret that guardian knows. Credentials can be issued where dependent = subject, but creds are held by Guardian. DIDs and DID Docs can be created by guardian using dependent’s link secret. Opaque unless forced into transparency. Doc-based Guardianship declared in DIDDoc to force transparency. ssimeetup.org · CC BY-SA 4.0 International
Holding-Based Guardianship ◦ Exists implicitly (parent holding a birth certificate, owner holding pet license) ◦ Can be supplemented with an explicit guardianship credential ◦ Guardianship challenge can be answered with either explicit or implicit proof ◦ Diffuse trust may be partly forced (e.g., both parents must consent) ◦ Implicit creds as a basis introduce revocation problems ◦ Birth certificate may not be revoked if parental rights are terminated ◦ Pet license may not be revoked when dog is sold ssimeetup.org · CC BY-SA 4.0 International
◦ Can be supplemented with an explicit guardianship credential ◦ Age proofs can force a guardian to break impersonation and share this - improves safety! ◦ So can biometrics ◦ Not dangerous for controllership or delegation ◦ Adult dependents without biometrics have no real protections ◦ Revocation is a problem -- must be done in every relationship ◦ Use agent authz policy to prevent new relationships from forming? Easy and doable today. Dangerous. Safeguards may need to be much higher in trust framework (frequent challenges, biometrics required, etc.) Impersonation-based Guardianship ssimeetup.org · CC BY-SA 4.0 International
{ "authorization": [ {"let":"#1", "do":"cred"} ] } Doc-Based Guardianship Do a guardianship challenge to find out what they can do. DID Doc for dependent declares a key that belongs to guardian and says, “Do guardianship challenge to evaluate authorization.” Issue: must be done in every DID Doc (good and bad) DID Doc of Dependent ssimeetup.org · CC BY-SA 4.0 International
Guardians often need to delegate ◦ Red Cross delegates work, some decisions for Mya to 1+ aid workers ◦ Parent delegates to babysitter while they’re out of town ◦ Mom delegates digital assistance for grandma to teen Solution: delegatable credentials ssimeetup.org · CC BY-SA 4.0 International
Offline operation ◦ Cached versions of trust framework and well-known schemas, cred defs, issuers ◦ How fresh is guardianship challenge? ◦ Evaluate conflicting guardianship assertions without appeal or research ◦ Save up audit reports for batch upload later ◦ Freshness of DID Doc knowledge ssimeetup.org · CC BY-SA 4.0 International
Revoking guardianship Revoking guardianship cred can be done today, quickly and efficiently. Won’t be detected until next guardianship challenge. ssimeetup.org · CC BY-SA 4.0 International
Basis ◦ Basis for controllership could include: ◦ ownership ◦ delegation from owner ◦ court-appointed ◦ Basis for delegation is always someone who is in control ◦ Identity owner ◦ Controller ◦ Guardian ◦ Delegate ssimeetup.org · CC BY-SA 4.0 International
Delegatable Credentials Hertz, Inc owns a car and, on the basis of that car, is its controller. Delegates limited controllership to a local Hertz franchise. Fred rents the car and receives delegated credential to control in more limited fashion. Fred drives the car to a fancy restaurant and delegates even more limited controllership to valet parking. Hertz Inc ⇶ franchise ⇉ Fred → valet Each cred contains pre-proof of delegation. Validating requires checking revocation status for each link on ledger, but no coordination among delegates. ssimeetup.org · CC BY-SA 4.0 International

Empfohlen

PAUTAS_DE_CRIANZA.ppt
PAUTAS_DE_CRIANZA.pptPAUTAS_DE_CRIANZA.ppt
PAUTAS_DE_CRIANZA.ppt
LidaPaolaMuozRojas
 
Parent Effectiveness Training
Parent Effectiveness TrainingParent Effectiveness Training
Parent Effectiveness Training
Jack Carney
 
instructional materialabout free fall
instructional materialabout free fallinstructional materialabout free fall
instructional materialabout free fall
Randy Baquiran
 
Building Resilience in Children
Building Resilience in ChildrenBuilding Resilience in Children
Building Resilience in Children
Dr. DawnElise Snipes ★AllCEUs★ Unlimited Counselor Training
 
Wilbanks Can We Simultaneously Support Both Privacy & Research?
Wilbanks Can We Simultaneously Support Both Privacy & Research?Wilbanks Can We Simultaneously Support Both Privacy & Research?
Wilbanks Can We Simultaneously Support Both Privacy & Research?
National Information Standards Organization (NISO)
 
Ivory Essay Uk. Online assignment writing service.
Ivory Essay Uk. Online assignment writing service.Ivory Essay Uk. Online assignment writing service.
Ivory Essay Uk. Online assignment writing service.
Tonya Jackson
 
012 Essay Example Describe Yourself In Words Unique
012 Essay Example Describe Yourself In Words Unique012 Essay Example Describe Yourself In Words Unique
012 Essay Example Describe Yourself In Words Unique
Carla Jardine
 
Security Operations Center
Security Operations CenterSecurity Operations Center
Security Operations Center
Amanda Garrett
 

Empfohlen

PAUTAS_DE_CRIANZA.ppt
PAUTAS_DE_CRIANZA.pptPAUTAS_DE_CRIANZA.ppt
PAUTAS_DE_CRIANZA.ppt
LidaPaolaMuozRojas
 
Parent Effectiveness Training
Parent Effectiveness TrainingParent Effectiveness Training
Parent Effectiveness Training
Jack Carney
 
instructional materialabout free fall
instructional materialabout free fallinstructional materialabout free fall
instructional materialabout free fall
Randy Baquiran
 
Building Resilience in Children
Building Resilience in ChildrenBuilding Resilience in Children
Building Resilience in Children
Dr. DawnElise Snipes ★AllCEUs★ Unlimited Counselor Training
 
Wilbanks Can We Simultaneously Support Both Privacy & Research?
Wilbanks Can We Simultaneously Support Both Privacy & Research?Wilbanks Can We Simultaneously Support Both Privacy & Research?
Wilbanks Can We Simultaneously Support Both Privacy & Research?
National Information Standards Organization (NISO)
 
Ivory Essay Uk. Online assignment writing service.
Ivory Essay Uk. Online assignment writing service.Ivory Essay Uk. Online assignment writing service.
Ivory Essay Uk. Online assignment writing service.
Tonya Jackson
 
012 Essay Example Describe Yourself In Words Unique
012 Essay Example Describe Yourself In Words Unique012 Essay Example Describe Yourself In Words Unique
012 Essay Example Describe Yourself In Words Unique
Carla Jardine
 
Security Operations Center
Security Operations CenterSecurity Operations Center
Security Operations Center
Amanda Garrett
 
How to Not Destroy the World - the Ethics of Web Design
How to Not Destroy the World - the Ethics of Web DesignHow to Not Destroy the World - the Ethics of Web Design
How to Not Destroy the World - the Ethics of Web Design
Morten Rand-Hendriksen
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
Kindergarten Writing Lesson Plans - Lesson Plans Lear
Kindergarten Writing Lesson Plans - Lesson Plans LearKindergarten Writing Lesson Plans - Lesson Plans Lear
Kindergarten Writing Lesson Plans - Lesson Plans Lear
Laura Johnson
 
whistle blowing.
whistle blowing.whistle blowing.
whistle blowing.
st.thomas college of engineering and technology
 
Write My Apa Paper For Me For Free Write My Paper Fo
Write My Apa Paper For Me For Free Write My Paper FoWrite My Apa Paper For Me For Free Write My Paper Fo
Write My Apa Paper For Me For Free Write My Paper Fo
Courtney Esco
 
History Essay Observational Research Paper Examples. Online assignment writin...
History Essay Observational Research Paper Examples. Online assignment writin...History Essay Observational Research Paper Examples. Online assignment writin...
History Essay Observational Research Paper Examples. Online assignment writin...
Jennifer Slattery
 
DWeb for Good: Real-World Examples of Innovation
DWeb for Good: Real-World Examples of InnovationDWeb for Good: Real-World Examples of Innovation
DWeb for Good: Real-World Examples of Innovation
TechSoup
 
Essay On What Is ManS Best Invention So Far
Essay On What Is ManS Best Invention So FarEssay On What Is ManS Best Invention So Far
Essay On What Is ManS Best Invention So Far
Christine Love
 
How To Write A Essay Step By Ste
How To Write A Essay Step By SteHow To Write A Essay Step By Ste
How To Write A Essay Step By Ste
Alicia Stoddard
 
Barbara Holtmann Presentation Washington May 3 2011
Barbara Holtmann Presentation Washington May 3 2011Barbara Holtmann Presentation Washington May 3 2011
Barbara Holtmann Presentation Washington May 3 2011
bmholtmann
 
Research Paper Writing Service Cheap - College Homework Help A
Research Paper Writing Service Cheap - College Homework Help AResearch Paper Writing Service Cheap - College Homework Help A
Research Paper Writing Service Cheap - College Homework Help A
Susan White
 
Intro to windows identity foundation
Intro to windows identity foundationIntro to windows identity foundation
Intro to windows identity foundation
Claudio Sánchez
 
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docxBIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
moirarandell
 
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docxBIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
hartrobert670
 
The Code Of Ethics As Defined By The Council On...
The Code Of Ethics As Defined By The Council On...The Code Of Ethics As Defined By The Council On...
The Code Of Ethics As Defined By The Council On...
Sandra Arveseth
 
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docxCIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
mccormicknadine86
 
How Not to Destroy the World: Ethics in Design and Technology
How Not to Destroy the World: Ethics in Design and TechnologyHow Not to Destroy the World: Ethics in Design and Technology
How Not to Destroy the World: Ethics in Design and Technology
Morten Rand-Hendriksen
 
Big Data Ethics Cjbe july 2021
Big Data Ethics Cjbe july 2021Big Data Ethics Cjbe july 2021
Big Data Ethics Cjbe july 2021
andygustafson
 
Essay Passion Dance
Essay Passion DanceEssay Passion Dance
Essay Passion Dance
Michelle Zuelsdorff
 
Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)
Evernym
 
ZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSIZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSI
SSIMeetup
 
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
SSIMeetup
 

Weitere ähnliche Inhalte

Ähnlich wie Indirect Identity Control: delegation, guardianship, and controllership – Daniel Hardman

How to Not Destroy the World - the Ethics of Web Design
How to Not Destroy the World - the Ethics of Web DesignHow to Not Destroy the World - the Ethics of Web Design
How to Not Destroy the World - the Ethics of Web Design
Morten Rand-Hendriksen
 
DWeb for Good: Real-World Examples of Innovation
DWeb for Good: Real-World Examples of InnovationDWeb for Good: Real-World Examples of Innovation
DWeb for Good: Real-World Examples of Innovation
TechSoup
 
Barbara Holtmann Presentation Washington May 3 2011
Barbara Holtmann Presentation Washington May 3 2011Barbara Holtmann Presentation Washington May 3 2011
Barbara Holtmann Presentation Washington May 3 2011
bmholtmann
 
Intro to windows identity foundation
Intro to windows identity foundationIntro to windows identity foundation
Intro to windows identity foundation
Claudio Sánchez
 
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docxBIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
moirarandell
 
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docxBIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
hartrobert670
 
The Code Of Ethics As Defined By The Council On...
The Code Of Ethics As Defined By The Council On...The Code Of Ethics As Defined By The Council On...
The Code Of Ethics As Defined By The Council On...
Sandra Arveseth
 
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docxCIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
mccormicknadine86
 
How Not to Destroy the World: Ethics in Design and Technology
How Not to Destroy the World: Ethics in Design and TechnologyHow Not to Destroy the World: Ethics in Design and Technology
How Not to Destroy the World: Ethics in Design and Technology
Morten Rand-Hendriksen
 

Ähnlich wie Indirect Identity Control: delegation, guardianship, and controllership – Daniel Hardman (20)

How to Not Destroy the World - the Ethics of Web Design
How to Not Destroy the World - the Ethics of Web DesignHow to Not Destroy the World - the Ethics of Web Design
How to Not Destroy the World - the Ethics of Web Design
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
Kindergarten Writing Lesson Plans - Lesson Plans Lear
Kindergarten Writing Lesson Plans - Lesson Plans LearKindergarten Writing Lesson Plans - Lesson Plans Lear
Kindergarten Writing Lesson Plans - Lesson Plans Lear
 
whistle blowing.
whistle blowing.whistle blowing.
whistle blowing.
 
Write My Apa Paper For Me For Free Write My Paper Fo
Write My Apa Paper For Me For Free Write My Paper FoWrite My Apa Paper For Me For Free Write My Paper Fo
Write My Apa Paper For Me For Free Write My Paper Fo
 
History Essay Observational Research Paper Examples. Online assignment writin...
History Essay Observational Research Paper Examples. Online assignment writin...History Essay Observational Research Paper Examples. Online assignment writin...
History Essay Observational Research Paper Examples. Online assignment writin...
 
DWeb for Good: Real-World Examples of Innovation
DWeb for Good: Real-World Examples of InnovationDWeb for Good: Real-World Examples of Innovation
DWeb for Good: Real-World Examples of Innovation
 
Essay On What Is ManS Best Invention So Far
Essay On What Is ManS Best Invention So FarEssay On What Is ManS Best Invention So Far
Essay On What Is ManS Best Invention So Far
 
How To Write A Essay Step By Ste
How To Write A Essay Step By SteHow To Write A Essay Step By Ste
How To Write A Essay Step By Ste
 
Barbara Holtmann Presentation Washington May 3 2011
Barbara Holtmann Presentation Washington May 3 2011Barbara Holtmann Presentation Washington May 3 2011
Barbara Holtmann Presentation Washington May 3 2011
 
Research Paper Writing Service Cheap - College Homework Help A
Research Paper Writing Service Cheap - College Homework Help AResearch Paper Writing Service Cheap - College Homework Help A
Research Paper Writing Service Cheap - College Homework Help A
 
Intro to windows identity foundation
Intro to windows identity foundationIntro to windows identity foundation
Intro to windows identity foundation
 
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docxBIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
 
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docxBIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
BIOMETRICS IN THE UNITED STATES BALANCING PRIVACY, SECURITY, .docx
 
The Code Of Ethics As Defined By The Council On...
The Code Of Ethics As Defined By The Council On...The Code Of Ethics As Defined By The Council On...
The Code Of Ethics As Defined By The Council On...
 
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docxCIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
CIS502 discussion post responses.Disaster RecoveryDisaster rec.docx
 
How Not to Destroy the World: Ethics in Design and Technology
How Not to Destroy the World: Ethics in Design and TechnologyHow Not to Destroy the World: Ethics in Design and Technology
How Not to Destroy the World: Ethics in Design and Technology
 
Big Data Ethics Cjbe july 2021
Big Data Ethics Cjbe july 2021Big Data Ethics Cjbe july 2021
Big Data Ethics Cjbe july 2021
 
Essay Passion Dance
Essay Passion DanceEssay Passion Dance
Essay Passion Dance
 
Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)Verifiable Credentials in Self-Sovereign Identity (SSI)
Verifiable Credentials in Self-Sovereign Identity (SSI)
 

Mehr von SSIMeetup

Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
SSIMeetup
 
Value proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign IdentityValue proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign Identity
SSIMeetup
 
Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...
SSIMeetup
 
PharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for HealthcarePharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for Healthcare
SSIMeetup
 
Building SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product ManagersBuilding SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product Managers
SSIMeetup
 
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
SSIMeetup
 
The Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSIThe Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSI
SSIMeetup
 
Identity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolIdentity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic Protocol
SSIMeetup
 
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloIntroducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
SSIMeetup
 
How to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenHow to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher Allen
SSIMeetup
 
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSelf-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
SSIMeetup
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
SSIMeetup
 
Explaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matterExplaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matter
SSIMeetup
 

Mehr von SSIMeetup (20)

ZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSIZKorum: Building the Next Generation eAgora powered by SSI
ZKorum: Building the Next Generation eAgora powered by SSI
 
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
Anonymous credentials with range proofs, verifiable encryption, ZKSNARKs, Cir...
 
Value proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign IdentityValue proposition of SSI tech providers - Self-Sovereign Identity
Value proposition of SSI tech providers - Self-Sovereign Identity
 
SSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley HughesSSI Adoption: What will it take? Riley Hughes
SSI Adoption: What will it take? Riley Hughes
 
Web5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBDWeb5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBD
 
Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...Portabl - The state of open banking, regulations, and the intersection of SSI...
Portabl - The state of open banking, regulations, and the intersection of SSI...
 
PharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for HealthcarePharmaLedger: A Digital Trust Ecosystem for Healthcare
PharmaLedger: A Digital Trust Ecosystem for Healthcare
 
Cheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials funCheqd: Making privacy-preserving digital credentials fun
Cheqd: Making privacy-preserving digital credentials fun
 
PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3PolygonID Zero-Knowledge Identity Web2 & Web3
PolygonID Zero-Knowledge Identity Web2 & Web3
 
Building SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product ManagersBuilding SSI Products: A Guide for Product Managers
Building SSI Products: A Guide for Product Managers
 
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...Solving compliance for crypto businesses using Decentralized Identity – Pelle...
Solving compliance for crypto businesses using Decentralized Identity – Pelle...
 
The Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSIThe Pan-Canadian Trust Framework (PCTF) for SSI
The Pan-Canadian Trust Framework (PCTF) for SSI
 
Identity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic ProtocolIdentity-centric interoperability with the Ceramic Protocol
Identity-centric interoperability with the Ceramic Protocol
 
The SSI Ecosystem in South Korea
The SSI Ecosystem in South KoreaThe SSI Ecosystem in South Korea
The SSI Ecosystem in South Korea
 
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio AlamilloIntroducing the SSI eIDAS Legal Report – Ignacio Alamillo
Introducing the SSI eIDAS Legal Report – Ignacio Alamillo
 
Learn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stackLearn about the Trust Over IP (ToIP) stack
Learn about the Trust Over IP (ToIP) stack
 
How to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher AllenHow to avoid another identity nightmare with SSI? Christopher Allen
How to avoid another identity nightmare with SSI? Christopher Allen
 
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher AllenSelf-Sovereign Identity: Ideology and Architecture with Christopher Allen
Self-Sovereign Identity: Ideology and Architecture with Christopher Allen
 
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systemseIDAS regulation: anchoring trust in Self-Sovereign Identity systems
eIDAS regulation: anchoring trust in Self-Sovereign Identity systems
 
Explaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matterExplaining SSI to C-suite executives, and anyone else for that matter
Explaining SSI to C-suite executives, and anyone else for that matter
 

Kürzlich hochgeladen

𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
Neha Pandey
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
kojalkojal131
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
soniya singh
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Delhi Call girls
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
soniya singh
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
imonikaupta
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Delhi Call girls
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
singhpriety023
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
SUHANI PANDEY
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Sheetaleventcompany
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Chandigarh Call girls 9053900678 Call girls in Chandigarh
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
SUHANI PANDEY
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
soniya singh
 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 

Kürzlich hochgeladen (20)

𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Rani Bagh Escort Service Delhi N.C.R.
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 

Indirect Identity Control: delegation, guardianship, and controllership – Daniel Hardman

  • 1. Indirect Identity Control delegation, guardianship, and controllership Daniel Hardman, July 2019 ssimeetup.org · CC BY-SA 4.0 International theme: Silvia, by SlidesCarnival.com
  • 2. 1. Empower global SSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org SSIMeetup objectives SSIMeetup.orgssimeetup.org · CC BY-SA 4.0 International
  • 3. Sources ● These slides: http://bit.ly/2YczZzP ● Indirect Identity Control RFC: http://bit.ly/aries-rfc-103 ● Appendix C of Sovrin Glossary: http://bit.ly/svrnglos-appC ● Sovrin Guardianship Task Force: http://bit.ly/svrn-guard-tf ssimeetup.org · CC BY-SA 4.0 International
  • 4. See Appendix C of the Sovrin Glossary. Guardianship, delegation, controllership See Appendix C of the Sovrin Glossary: http://bit.ly/svrnglos-appC ssimeetup.org · CC BY-SA 4.0 International
  • 5. ssimeetup.org · CC BY-SA 4.0 International
  • 6. Delegation A corporation is governed by a Board of Directors, executives, and employees with multiple levels of delegated authority. The control relationships are dynamic and complex. ssimeetup.org · CC BY-SA 4.0 International
  • 7. Guardianship Parents typically manage the identities of their young children. Adult children may need to exercise the identity of a parent with dementia, or of a parent who recently passed away. ssimeetup.org · CC BY-SA 4.0 International
  • 8. Controllership A self-driving car may be capable of many independent actions, but behind such a smart device must be a human entity that takes legal responsibility. A pet needs a proxy because it can’t be self-sovereign. ssimeetup.org · CC BY-SA 4.0 International
  • 9. ◦ Mya (orphan girl in refugee camp) ◦ Patrick (father with family after hurricane destroys home; no digital access) ◦ Tom (homeless, mentally ill, drug addict) ◦ Gayle (elderly, has moderate autonomy, needs digital assistance) ◦ Sofia (trail runner disappears in the mountains) ◦ Rover (pet dog) ◦ Unprofitable, Inc (company in receivership) ◦ Hertz and Dave (rents car, gets delegated authority) See “Persona and User Stories” at http://bit.ly/2GnRtTq Formal Work on Use Cases ssimeetup.org · CC BY-SA 4.0 International
  • 10. Guardianship: internal risk is pivotal In SSI, risk mostly comes from external attacks. But guardianship isn’t self-sovereign, by definition. Guardians are an internal risk to dependents who can’t manage keys or advocate/defend. Pure crypto and cybersecurity don’t prevent abuse. Protections must come from elsewhere. ssimeetup.org · CC BY-SA 4.0 International
  • 11. Moments of risk ◦ When a transition happens ◦ Should it be happening now? ◦ Are the right people giving and getting the baton? ◦ Are the conditions, limits, and safeguards understood, evaluated, and honored? ◦ When a constraint needs to be enforced ◦ Is there a limit on the time, place, or circumstances of guardianship? ◦ When stakes are high Risk exists constantly; these are just hot spots. Small, incremental actions away from these hot spots can change the evaluation at key moments. ssimeetup.org · CC BY-SA 4.0 International
  • 12. Who appoints a guardian 1. Dependent (“while I’m unconscious during surgery, Alice is my guardian”) 2. Legal authority (Court makes adult child a guardian for their parent with Alzheimers) 3. Self (girl wanders from jungle into refugee camp; lacking options, camp appoints itself) 4. Circumstances (parent or pet owner; implicit) These methods do not carry equal trust, and they are not equally formal. ssimeetup.org · CC BY-SA 4.0 International
  • 13. Evaluating conflicting guardianship assertions Deciding who is the “proper” guardian requires human judgment. The process may use credentials, but that’s not all it will use. NGO: “I’m the guardian of Mya. Here’s my self-attested guardian cred.” Fim (dad?): “No, I’m the guardian of Mya. Here’s Mya’s birth cert with my name on it.” Ana (mom?): “No, I’m the guardian of Mya. Here’s Mya’s ration card with her photo.” Court: “No, Ana is the guardian of Mya. Fim’s parental rights were terminated.” Sometimes the proper guardian isn’t available, so we choose the best available alternative. ssimeetup.org · CC BY-SA 4.0 International
  • 14. Limits on guardians 1. Time (for what period(s) guardian has that status) 2. Place (in what physical or virtual locations guardian is valid) 3. Function (legal vs. medical vs. educational) 4. Circumstances (for particular event(s)) 5. Biometrics (for dependent involvement) 6. Relationships (who guardian can connect to) 7. Attributes (data/credentials -- what guardian can prove) 8. Agents (what software/devices guardian can use) 9. Cooperation (with joint approval) 10. Oversight (audit trail, reporting) ssimeetup.org · CC BY-SA 4.0 International
  • 15. “All of these forms of identity control share the issue of indirectness. All of them introduce risks beyond the ones that dominate in direct identity management. All of them complicate information flows and behavior. And they are inter-related; guardians and controllers often need to delegate, delegates may become controllers, and so forth. The solutions for each ought to have much in common, too ssimeetup.org · CC BY-SA 4.0 International
  • 16. A proxy trust framework that specifies the rules and conventions in force for a particular class of indirect identity control use cases. A proxy credential that binds a controlled entity to its proxy and clarifies the nature and limits of the control for that specific relationship. A proxy challenge that evaluates the proxy credential in a particular context, proving or disproving the legitimacy of indirect control and creating opportunities for auditing and enforcement. Common Solution Elements ssimeetup.org · CC BY-SA 4.0 International
  • 17. Questions a trust framework answers ◦ What is its formal name and version? ◦ In what geos and legal jurisdictions is it valid? ◦ What are required or recommended behaviors, and how are they enforced? ◦ On what bases are proxies appointed? kinship, court_order, self_assigned... ◦ What are possible permissions of a proxy? financial, medical, travel, relationships, admin... ◦ What are possible constraints on a proxy’s scope? geo_radius, jurisdiction, biometric_freshness... ◦ What auditing mechanisms are required or supported? ◦ What appeal mechanisms are required or supported? ◦ What proxy challenge procedures are best practice? ◦ What freshness rules are used for offline mode? ⇨ Example at http://bit.ly/2YsZ7b7 ssimeetup.org · CC BY-SA 4.0 International
  • 18. “ Answers to name: Mya Dependent Gender: Female Birthdate: 2014-01-01 Identifying marks: birthmark left shoulder, long scar above left wrist Answers to name: Zo Guardian 1 Gender: Female Birthdate: 1953-01-01 Identifying marks: arthritis, misshapen knuckles, both hands Preparing to issue a proxy credential ssimeetup.org · CC BY-SA 4.0 International
  • 19. “ …(metadata not shown)… trustFramework auditURI appealURI credentialSubject holder basisURI role name birthDate gender identifyingMarks photo constraints boundaries circumstances proxied permissions photo name birthDate gender identifyingMarks http://unicef.org/tf/camptf/1.0 http://myanmar.gov/oversight http://myanmar.gov/arbitration http://unicef.org/tf/camptf/1.0/self camp UNICEF <blank> <blank> <blank> <blank> “Lotus” camp until resettled Mya 2014-01-01 F birthmark left shoulder, long scar above left wrist {“grant”: [“medical”, “school”, “food”], “when”: {“roles”: “kin”}}, {“grant”: [“school”, “food”, “delegate”], “when”: {“roles”: “camp”}}, {“grant”: [“unenroll”, “travel”], “when”: {"n”: 2, “roles”: [“kin”, camp”]}} UNICEF’s credential
  • 20. “ {“let”: “kin”, “do”: [ “medical”, “school”, “food”]}, {“let”: “camp”, “do”: [ “school”, “food”, “delegate”]}, {“let”: {"n”: 2, “of”: [“kin”, “camp”]}, “do”: [ “unenroll”, “travel”]} …(metadata not shown)… trustFramework auditURI appealURI credentialSubject holder basisURI role name birthDate gender identifyingMarks photo constraints boundaries circumstances proxied permissions photo name birthDate gender identifyingMarks http://unicef.org/tf/camptf/1.0 http://myanmar.gov/oversight http://myanmar.gov/arbitration http://unicef.org/tf/camptf/1.0/grandparent kin Zo 1953-01-01 F arthritis, misshapen knuckles, both hands <blank> <blank> (same as UNICEF’s) Mya 2014-01-01 F birthmark left shoulder, long scar above left wrist Grandma’s credential
  • 21. Answers to name: Mya Dependent Gender: Female Age: about 6 Looks like this? Answers to name: Zo Guardian Gender: Female ✔ ✔ ✔ ✔ Show more ways to check... ✔ ✔ ✔ Looks like this? Show more ways to check... ✔ Has ‘food’ permission for dependent ✔ No constraints Proxy Challenge (food tent)
  • 22. Answers to name: Ri Dependent Gender: Female Age: about 6 Looks like this? Answers to name: Kapa Guardian Gender: Female ✔ ✔ ✔ ✔ Show more ways to check... ✔ ✔ ✔ Looks like this? Show more ways to check... ✘ Has ‘travel’ permission for dependent when acting jointly with another guardian with role “camp”: Add guardian... Proxy Challenge (travel)
  • 23. Questions? ● These slides: http://bit.ly/2YczZzP ● Indirect Identity Control RFC: http://bit.ly/aries-rfc-103 ● Appendix C of Sovrin Glossary: http://bit.ly/svrnglos-appC ● Sovrin Guardianship Task Force: http://bit.ly/svrn-guard-tf ● daniel.hardman@evernym.com ● @danielhardman on chat.hyperledger.org ssimeetup.org · CC BY-SA 4.0 International
  • 25. Transparent vs. opaque guardians Transparent ◦ Guardian is obvious in all or most interactions. ◦ May be necessary to improve safety. ◦ Easy to audit. ◦ Less private for dependent and for guardian. Rover (pet). Unprofitable, Inc. Law firm resolving affairs of someone recently deceased. Talent agent for child pop star. Opaque ◦ Guardian impersonates dependent. ◦ May be necessary to prevent discrimination and hassle. ◦ Riskier to dependent and relying parties. Limited auditability. ◦ More private for dependent and for guardian. Gayle (digital assiantance). Parent gives adult child password, asks them to transfer funds on their death to avoid probate court. ssimeetup.org · CC BY-SA 4.0 International
  • 26. Modes of Guardianship Holding-based Dependent doesn’t have DIDs or a link secret, but credentials about the dependent are held by the guardian. Guaranteed to be transparent because subject of credential is never the holder. Impersonation-based Dependent has a link secret that guardian knows. Credentials can be issued where dependent = subject, but creds are held by Guardian. DIDs and DID Docs can be created by guardian using dependent’s link secret. Opaque unless forced into transparency. Doc-based Guardianship declared in DIDDoc to force transparency. ssimeetup.org · CC BY-SA 4.0 International
  • 27. Holding-Based Guardianship ◦ Exists implicitly (parent holding a birth certificate, owner holding pet license) ◦ Can be supplemented with an explicit guardianship credential ◦ Guardianship challenge can be answered with either explicit or implicit proof ◦ Diffuse trust may be partly forced (e.g., both parents must consent) ◦ Implicit creds as a basis introduce revocation problems ◦ Birth certificate may not be revoked if parental rights are terminated ◦ Pet license may not be revoked when dog is sold ssimeetup.org · CC BY-SA 4.0 International
  • 28. ◦ Can be supplemented with an explicit guardianship credential ◦ Age proofs can force a guardian to break impersonation and share this - improves safety! ◦ So can biometrics ◦ Not dangerous for controllership or delegation ◦ Adult dependents without biometrics have no real protections ◦ Revocation is a problem -- must be done in every relationship ◦ Use agent authz policy to prevent new relationships from forming? Easy and doable today. Dangerous. Safeguards may need to be much higher in trust framework (frequent challenges, biometrics required, etc.) Impersonation-based Guardianship ssimeetup.org · CC BY-SA 4.0 International
  • 29. { "authorization": [ {"let":"#1", "do":"cred"} ] } Doc-Based Guardianship Do a guardianship challenge to find out what they can do. DID Doc for dependent declares a key that belongs to guardian and says, “Do guardianship challenge to evaluate authorization.” Issue: must be done in every DID Doc (good and bad) DID Doc of Dependent ssimeetup.org · CC BY-SA 4.0 International
  • 30. Guardians often need to delegate ◦ Red Cross delegates work, some decisions for Mya to 1+ aid workers ◦ Parent delegates to babysitter while they’re out of town ◦ Mom delegates digital assistance for grandma to teen Solution: delegatable credentials ssimeetup.org · CC BY-SA 4.0 International
  • 31. Offline operation ◦ Cached versions of trust framework and well-known schemas, cred defs, issuers ◦ How fresh is guardianship challenge? ◦ Evaluate conflicting guardianship assertions without appeal or research ◦ Save up audit reports for batch upload later ◦ Freshness of DID Doc knowledge ssimeetup.org · CC BY-SA 4.0 International
  • 32. Revoking guardianship Revoking guardianship cred can be done today, quickly and efficiently. Won’t be detected until next guardianship challenge. ssimeetup.org · CC BY-SA 4.0 International
  • 33. Basis ◦ Basis for controllership could include: ◦ ownership ◦ delegation from owner ◦ court-appointed ◦ Basis for delegation is always someone who is in control ◦ Identity owner ◦ Controller ◦ Guardian ◦ Delegate ssimeetup.org · CC BY-SA 4.0 International
  • 34. Delegatable Credentials Hertz, Inc owns a car and, on the basis of that car, is its controller. Delegates limited controllership to a local Hertz franchise. Fred rents the car and receives delegated credential to control in more limited fashion. Fred drives the car to a fancy restaurant and delegates even more limited controllership to valet parking. Hertz Inc ⇶ franchise ⇉ Fred → valet Each cred contains pre-proof of delegation. Validating requires checking revocation status for each link on ledger, but no coordination among delegates. ssimeetup.org · CC BY-SA 4.0 International