Re: [projectvrm] IBM's Identity Mixer

["Phillip J. Windley Ph.D." < >]

Does anyone know the folks at IBM doing this? It would be nice to get them to IIW in April. 

--phil--

On Feb 4, 2015, at 2:56 PM, Adrian Gropper < " class=""> > wrote:

The link between Identity Mixer and UMA is through the digital wallet. My pre-UMA digital wallet is 1Password. I wish it were on-line and able to service some authorization requests autonomously in the sense that UMA allows some OAuth authorizations to be serviced while I'm asleep.

Here's the Venn diagram form http://openid.net/wg/heart/  showing three kinds of actors:
 

Notice that UMA is personal technology linked to an individual, whereas OAuth2 is linked to relying institutions, and OIDC is the federation actor.

My digital wallet will reference identity federations and provide attributes that inform both the UMA and the institutional actors. To the extent my digital wallet is also a personal data or attribute store Identity Mixer or uProve technology would be a huge benefit.

Adrian

On Sun, Feb 1, 2015 at 4:38 PM, Andy Jennings < " target="_blank" class=""> > wrote:

On Sun, Feb 1, 2015 at 10:13 AM, Adrian Gropper < " target="_blank" class=""> > wrote:

I'm having trouble getting clear on the architecture. It sounds like this is software that runs in a "wallet" as well as corresponding software running on the relying parties' servers. Is the wallet software open source? Does the wallet software presume a secure hardware element?

From the download page (http://www.zurich.ibm.com/idemix/downloads.html):

An open-source reference implementation of IBM Identity Mixer is freely available for commercial and non-commercial use. The Privacy-ABC Engine language framework acts as an abstraction layer on top of the cryptographic routines of IBM Identity Mixer and Microsoft U-Prove, allowing application developers to use the technology without needing to understand the cryptographic details. It is available from GitHub under an Apache 2.0 License. The core cryptographic routines are published separately under a proprietary license that allows commercial as well as non-commercial use.

Instructions on how to build the ABCE development environment are available on Github, as well as documentation on how to integrate Privacy-ABCs in existing applications using helper classes that encapsulate the most common operations for each of the entities.

We suggest that you first read the high-level concepts and features of Privacy-ABCs to get a better understanding of what the technology is capable of. To integrate the open-source implementation into your own projects, read the fully-documented programming interfaces (APIs) and XML protocol specifications to that you can create your own policies. For more information on the inner workings of the Privacy-ABC Engine, please refer to the architecture documentation and the description of the cryptographic architecture.

I'm not positive, but I'm guessing the architecture is flexible at this point.  It's just lower layers, ready for wallets, agents, browsers, datastores, etc. to be built on top of it.

I'm not exactly sure how it would fit with UMA.  Perhaps you can weigh in on that?

~ Andy

 

If this kind of personal technology catches on, it could be a big boost to UMA-standard Authorization Servers.

Adrian

On Sun, Feb 1, 2015 at 11:05 AM, Chasen, Les < " target="_blank" class=""> > wrote:

It would be ideal if this started from your own personally controlled database aka a personal cloud.  One of the many great use cases is the ability for a vendor (or any entity) to ask a question and for you, via your personal cloud, to respond with a validated answer.  For example, yes i am over 21years old or yes i have a history of paying my bills on time.

From: Andy Jennings < " target="_blank" class=""> >
Date: Sunday, February 1, 2015 at 3:34 AM
To: Kazue Sako < " target="_blank" class=""> >
Cc: Doc Searls < " target="_blank" class=""> >, Dan Miller < " target="_blank" class=""> >, ProjectVRM list < " target="_blank" class=""> >
Subject: Re: [projectvrm] IBM's Identity Mixer

I convened a session on this stuff at the last IIW (http://iiw.idcommons.net/The_State_of_Anonymous_Credentials_%28discussion%29)

Here is my take on Identity Mixer:  It is the real thing, not marketing fluff.  Real working code and real cryptography.  A great fit for the VRM community.

Suppose I want the ability to interact with vendor A anonymously.  Public-key cryptography can give me that.  I also want to interact with vendor B anonymously, but I don't want A and B to be able to compare records and see that I'm the same person, so I use a different key pair when I'm dealing with vendor B.  Now I want to take an attestation from vendor A that I pay my bills on time and show it to vendor B (without A and B being able to compare records and see that I'm the same person).  This is impossible with vanilla PKP.

I could pass an attestation through some trusted central authority to anonymize it.  (I believe there are people creating such central authorities in the VRM community already.)

Or I can use "pseudonymous cryptography" to do it without a central authority.  Brilliant!  Cryptographers like Kazue and Anna Lysyanskaya are working on the cryptography for this.  IBM's Identity Mixer and Microsoft's uProve are frameworks to implement this cryptography.

The problem is that organizations have no incentive to use pseudonymous cryptography.  They know who all their employees and their customers are.  And if they need some interactions to be anonymous, it's much easier to go the "anonymity through a trusted central authority" route.  Who is the central authority?  They are, of course!

So Identity Mixer and uProve are not getting much implementation.  There's not much demand for them from businesses.

To be useful, this stuff needs to be put into software or hardware that is used by the masses (if it's not too complicated for them).  Web browsers?  Ubikeys?  Bitcoin wallets?  VRM agents?

But I do think it is the future of the VRM movement...

~ Andy

(Kazue, please correct me if I got anything wrong.  :)  )

On Sat, Jan 31, 2015 at 4:46 PM, Kazue Sako < " target="_blank" class=""> > wrote:

Doc, this is what I (as cryptographer) had worked for many years and would be great if the idea is enhanced here.

The cryptograpic algorithm is developed to enpower individuals, but as we need to motivate industry we often emphasize companies merits.

I'm happy to explain more in detail from my computer perhaps tommorrow. Currently I only have a mobile phone but I couldnot stop myself from speaking up!

=Kazue
Kazue Sako
Sent via Mobile Portal

>Here is the original:
>
><http://www.net-security.org/secworld.php?id=17881>
>
>Comments inline below...
>
>> IBM's sophisticated cryptographic algorithm protects your identity
>> Posted on 28 January 2015.
>>
>> IBM researchers revealed plans for a cloud-based technology,
>
>Speaking personally, I don't want my identity in anybody's cloud other than my own. I don't mind companies authenticating me, or attesting to some of my credentials. But from the start I've had a problem with the notion that somebody other than me is an "identity provider," aka IDP. Just saying.
>
>> called Identity Mixer, that uses a cryptographic algorithm to encrypt the certified identity attributes of a user, such as their age, nationality, address and credit card number in a way that allows the user to reveal only selected pieces to third parties.
>
>Selective disclosure has always been good.
>
>> Identity Mixer can be used within a digital wallet, which contains credentials certified by a trusted third party, such as a government-issued electronic identity card. It’s important to note that the issuer of the credentials has no knowledge of how and when they are being used.
>
>That's good, but wallets should be personal. We haven't seen a personal wallet yet. And we need one. More on that, in reverse chron order:
>
><http://blogs.law.harvard.edu/doc/2015/01/27/maybe-wallets-cant-be-apps/>
><http://blogs.law.harvard.edu/vrm/2011/08/28/circling-around-your-wallet/>
><http://blogs.law.harvard.edu/vrm/2011/05/27/googles-wallet-and-vrm/>
>
>> “Identity Mixer enables users to choose precisely which data to share, and with whom”, said Christina Peters, IBM’s Chief Privacy Officer. “Now web service providers can improve their risk profile and enhance trust with customers, and it’s all in the cloud, making it easy for developers to program.”
>
>Note that this is about service providers, rather than individuals. So it still sounds like it's on the administrative side of the administrative/sovereign divide.
>
>But ... could be it's not. I do believe there are identity services that do not require storing one's personal stuff, or credentials, outside one's zone of control.
>
>> According to comScore, the average person spends nearly 25 hours per month using the Internet, accessing dozens of different Internet services, including banking, shopping and social networks. For virtually every service, users have to create a personal profile with a username and password — or for stronger security — cryptographic certificates. Although such tools can offer sufficient security for many purposes, they do not typically provide any level of privacy for the users, causing them to reveal more personal data than is necessary, which can be costly if it falls into the wrong hands.
>
>That's one problem. Another is that the individual has no one way to deal with all of those different service providers. There are as many different systems as providers, and one cannot scale across all of them in a single way.
>
>> “We wanted individuals to have control over what they reveal about themselves,”said, Dr. Anna Lysyanskaya, a co-inventor of Identity Mixer, who is currently a professor of computer science at Brown University. “With Identity Mixer now in the cloud, developers have a very strong cryptographic tool that makes privacy practical; it is a piece of software that you can incorporate into any identity management service enabling the service to verify that an individual is an authorized user without revealing any other personal information."
>
>Again, meat for from vendors, with some gravy for the individual. Do I have that right?
>
>> European and Australian pilot programs demonstrate Identity Mixer potential
>>
>> To demonstrate the new cloud version of Identity Mixer, IBM scientists are collaborating with academic and industrial partners in Europe and Australia in a new pilot project called Authentication and Authorization for Entrusted Unions (AU2EU). In a two-year, 8.6-million euro pilot, scientists will test Identity Mixer in two scenarios: in Germany with the Deutsches Rotes Kreuz (DRK, or the German Red Cross), and with the Commonwealth Scientific and Industrial Research Organisation (CSIRO), Australia’s national science agency.
>>
>> As a major provider for regional home emergency call and social services in Germany, the DRK delivers tailored social care services to their customers 24/7, including emergency services, assisted mobility, housekeeping and nursing assistance. The organization has four million volunteers and professional staff, 52 hospitals and more than 500 nursing homes operated worldwide.
>>
>> In the AU2EU pilot, 20 DRK test participants in the southwest of Germany will be equipped with sensors for in-home activity and status monitoring. The data gathered from these sensors will be transferred to a dedicated cloud server, where the data will be analyzed to determine the type of assistance required. In addition, DRK field representatives will be provided with a mobile device to collect and register sensitive customer data, such as medical records, medication and family contacts, to establish a service contract. Identity Mixer will be used to keep all of this data confidential and private. The technology will be implemented by NEC Europe and Tunstall Healthcare.
>>
>> A second pilot will support one of the keys to Australia’s agricultural productivity and related export trade: its freedom from exotic diseases, particularly in animals. To maintain the nation’s disease-free status, the Australian government, along with key partners, has developed an emergency rapid response plan to take action quickly before an outbreak spreads. This plan involves swiftly bringing together government, academic and other research organizations, along with industry partners into a secure, trustworthy online collaborative environment that facilitates evidence-based decision making. Using Identity Mixer, the pilot will help facilitate the secure sharing of sensitive information in a timely matter across several remote locations and among collaborating partners.
>
>Why not try to partner with startups (or mature companies) here? Would anybody here be interested in that?
>
>Doc
>
>
>> On Jan 30, 2015, at 2:44 PM, Dan Miller < " target="_blank" class=""> > wrote:
>>
>> https://www.evernote.com/shard/s52/sh/b5f6c04e-dcb8-4dc3-afa4-99f6844751a9/d975dc8e83de6c2430be9b02282de65e
>>
>> I'm not sure what to make of this. It's all geek to me, but IBM's research is using a "cryptographic algorithm" to make it possible for me to protect my privacy.
>>
>> To wit:
>>
>> “We wanted individuals to have control over what they reveal about themselves,”said, Dr. Anna Lysyanskaya, a co-inventor of Identity Mixer, who is currently a professor of computer science at Brown University. “With Identity Mixer now in the cloud, developers have a very strong cryptographic tool that makes privacy practical; it is a piece of software that you can incorporate into any identity management service enabling the service to verify that an individual is an authorized user without revealing any other personal information."

--

Adrian Gropper MD
Ensure Health Information Privacy. Support Patient Privacy Rights.
http://patientprivacyrights.org/donate-2/ 

--

Adrian Gropper MD
Ensure Health Information Privacy. Support Patient Privacy Rights.
http://patientprivacyrights.org/donate-2/