- From: Kazue Sako <
>
- To: "Phillip J. Windley Ph.D." <
>
- Cc: Andy Jennings <
>, ProjectVRM list <
>
- Subject: RE: [projectvrm] IBM's Identity Mixer
- Date: Fri, 6 Feb 2015 07:06:26 +0000
- Accept-language: ja-JP, en-US
Dear Phil,
I know a group of people in IBM Zurich who are working on identity mixer. (I
don't know if they are working on UMA.)
=Kazue
-----Original Message-----
From: Phil Windley
[mailto:
]
On Behalf Of Phillip J. Windley Ph.D.
Sent: Thursday, February 05, 2015 7:09 AM
To: Adrian Gropper
Cc: Andy Jennings; lester chasen; Sako Kazue(佐古 和恵); Doc Searls; Dan Miller;
ProjectVRM list
Subject: Re: [projectvrm] IBM's Identity Mixer
Does anyone know the folks at IBM doing this? It would be nice to get them to
IIW in April.
--phil--
On Feb 4, 2015, at 2:56 PM, Adrian Gropper
<
>
wrote:
The link between Identity Mixer and UMA is through the digital
wallet. My pre-UMA digital wallet is 1Password. I wish it were on-line and
able to service some authorization requests autonomously in the sense that
UMA allows some OAuth authorizations to be serviced while I'm asleep.
Here's the Venn diagram form
http://openid.net/wg/heart/ showing
three kinds of actors:
HEART-venn<
http://openid.net/wordpress-content/uploads/2015/01/HEART-venn-300x278.png>
Notice that UMA is personal technology linked to an individual,
whereas OAuth2 is linked to relying institutions, and OIDC is the federation
actor.
My digital wallet will reference identity federations and provide
attributes that inform both the UMA and the institutional actors. To the
extent my digital wallet is also a personal data or attribute store Identity
Mixer or uProve technology would be a huge benefit.
Adrian
On Sun, Feb 1, 2015 at 4:38 PM, Andy Jennings
<
>
wrote:
On Sun, Feb 1, 2015 at 10:13 AM, Adrian Gropper
<
>
wrote:
I'm having trouble getting clear on the architecture.
It sounds like this is software that runs in a "wallet" as well as
corresponding software running on the relying parties' servers. Is the wallet
software open source? Does the wallet software presume a secure hardware
element?
From the download page
(
http://www.zurich.ibm.com/idemix/downloads.html):
An open-source reference implementation of IBM
Identity Mixer is freely available for commercial and non-commercial use. The
Privacy-ABC Engine language framework acts as an abstraction layer on top of
the cryptographic routines of IBM Identity Mixer and Microsoft U-Prove,
allowing application developers to use the technology without needing to
understand the cryptographic details. It is available from GitHub
<
https://github.com/p2abcengine/p2abcengine> under an Apache 2.0 License
<
https://github.com/p2abcengine/p2abcengine/blob/master/Code/LICENSE.txt> .
The core cryptographic routines are published separately under a proprietary
license <
https://prime.inf.tu-dresden.de/idemix/> that allows commercial as
well as non-commercial use.
Instructions on how to build the ABCE development
environment
<
https://github.com/p2abcengine/p2abcengine/wiki/How-to-Build-the-ABC-Engine>
are available on Github, as well as documentation on how to integrate
Privacy-ABCs in existing applications
<
https://github.com/p2abcengine/p2abcengine/wiki/Integrating%20the%20ABC-Engine>
using helper classes that encapsulate the most common operations for each
of the entities.
We suggest that you first read the high-level
concepts and features of Privacy-ABCs
<
https://github.com/p2abcengine/p2abcengine/wiki/Concepts-and-features> to
get a better understanding of what the technology is capable of. To integrate
the open-source implementation into your own projects, read the
fully-documented programming interfaces (APIs)
<
https://abc4trust.eu/index.php/pub/deliverables/175-h2-2> and XML protocol
specifications <
https://abc4trust.eu/index.php/pub/deliverables/175-h2-2> to
that you can create your own policies. For more information on the inner
workings of the Privacy-ABC Engine, please refer to the architecture
documentation <
https://github.com/p2abcengine/p2abcengine/wiki/Architecture>
and the description of the cryptographic architecture
<
https://abc4trust.eu/download/ABC4Trust-D2.1-Architecture-V1.2.pdf> .
I'm not positive, but I'm guessing the architecture is
flexible at this point. It's just lower layers, ready for wallets, agents,
browsers, datastores, etc. to be built on top of it.
I'm not exactly sure how it would fit with UMA. Perhaps you
can weigh in on that?
~ Andy
If this kind of personal technology catches on, it
could be a big boost to UMA-standard Authorization Servers.
Adrian
On Sun, Feb 1, 2015 at 11:05 AM, Chasen, Les
<
>
wrote:
It would be ideal if this started from your
own personally controlled database aka a personal cloud. One of the many
great use cases is the ability for a vendor (or any entity) to ask a question
and for you, via your personal cloud, to respond with a validated answer.
For example, yes i am over 21years old or yes i have a history of paying my
bills on time.
From: Andy Jennings
<
>
Date: Sunday, February 1, 2015 at 3:34 AM
To: Kazue Sako
<
>
Cc: Doc Searls
<
>,
Dan Miller
<
>,
ProjectVRM list
<
>
Subject: Re: [projectvrm] IBM's Identity Mixer
I convened a session on this stuff at
the last IIW
(
http://iiw.idcommons.net/The_State_of_Anonymous_Credentials_%28discussion%29
<
https://urldefense.proofpoint.com/v2/url?u=http-3A__iiw.idcommons.net_The-5FState-5Fof-5FAnonymous-5FCredentials-5F-2528discussion-2529&d=AwMFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=JU5pwwEbXJz85yolZ3CNMpt3tuB5HtahVcLOVq5eEdE&s=9OcKXkn7p_uRIxldwmqXvxf2YTxt5_H_u3p7xm3NQEE&e=>
)
Here is my take on Identity Mixer:
It is the real thing, not marketing fluff. Real working code and real
cryptography. A great fit for the VRM community.
Suppose I want the ability to
interact with vendor A anonymously. Public-key cryptography can give me
that. I also want to interact with vendor B anonymously, but I don't want A
and B to be able to compare records and see that I'm the same person, so I
use a different key pair when I'm dealing with vendor B. Now I want to take
an attestation from vendor A that I pay my bills on time and show it to
vendor B (without A and B being able to compare records and see that I'm the
same person). This is impossible with vanilla PKP.
I could pass an attestation through
some trusted central authority to anonymize it. (I believe there are people
creating such central authorities in the VRM community already.)
Or I can use "pseudonymous
cryptography" to do it without a central authority. Brilliant!
Cryptographers like Kazue and Anna Lysyanskaya are working on the
cryptography for this. IBM's Identity Mixer and Microsoft's uProve are
frameworks to implement this cryptography.
The problem is that organizations
have no incentive to use pseudonymous cryptography. They know who all their
employees and their customers are. And if they need some interactions to be
anonymous, it's much easier to go the "anonymity through a trusted central
authority" route. Who is the central authority? They are, of course!
So Identity Mixer and uProve are not
getting much implementation. There's not much demand for them from
businesses.
To be useful, this stuff needs to be
put into software or hardware that is used by the masses (if it's not too
complicated for them). Web browsers? Ubikeys? Bitcoin wallets? VRM agents?
But I do think it is the future of
the VRM movement...
~ Andy
(Kazue, please correct me if I got
anything wrong. :) )
On Sat, Jan 31, 2015 at 4:46 PM,
Kazue Sako
<
>
wrote:
Doc, this is what I (as
cryptographer) had worked for many years and would be great if the idea is
enhanced here.
The cryptograpic algorithm is
developed to enpower individuals, but as we need to motivate industry we
often emphasize companies merits.
I'm happy to explain more in
detail from my computer perhaps tommorrow. Currently I only have a mobile
phone but I couldnot stop myself from speaking up!
=Kazue
Kazue Sako
Sent via Mobile Portal
>Here is the original:
>
>
<http://www.net-security.org/secworld.php?id=17881
<
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.net-2Dsecurity.org_secworld.php-3Fid-3D17881&d=AwMFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=JU5pwwEbXJz85yolZ3CNMpt3tuB5HtahVcLOVq5eEdE&s=2wl3NxZSCyiPfDMNEzZ4aWeKkMsPjQHDW1zq9dLYk-4&e=>
>
>
>Comments inline below...
>
>> IBM's sophisticated
cryptographic algorithm protects your identity
>> Posted on 28 January 2015.
>>
>> IBM researchers revealed
plans for a cloud-based technology,
>
>Speaking personally, I don't
want my identity in anybody's cloud other than my own. I don't mind companies
authenticating me, or attesting to some of my credentials. But from the start
I've had a problem with the notion that somebody other than me is an
"identity provider," aka IDP. Just saying.
>
>> called Identity Mixer,
that uses a cryptographic algorithm to encrypt the certified identity
attributes of a user, such as their age, nationality, address and credit card
number in a way that allows the user to reveal only selected pieces to third
parties.
>
>Selective disclosure has
always been good.
>
>> Identity Mixer can be used
within a digital wallet, which contains credentials certified by a trusted
third party, such as a government-issued electronic identity card. It’s
important to note that the issuer of the credentials has no knowledge of how
and when they are being used.
>
>That's good, but wallets
should be personal. We haven't seen a personal wallet yet. And we need one.
More on that, in reverse chron order:
>
>
<http://blogs.law.harvard.edu/doc/2015/01/27/maybe-wallets-cant-be-apps/
<
https://urldefense.proofpoint.com/v2/url?u=http-3A__blogs.law.harvard.edu_doc_2015_01_27_maybe-2Dwallets-2Dcant-2Dbe-2Dapps_&d=AwMFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=JU5pwwEbXJz85yolZ3CNMpt3tuB5HtahVcLOVq5eEdE&s=KecwPMmSUfKQWOljL_aFGt6CHaUt7sMfzeHNFpjcHNE&e=>
>
>
<http://blogs.law.harvard.edu/vrm/2011/08/28/circling-around-your-wallet/
<
https://urldefense.proofpoint.com/v2/url?u=http-3A__blogs.law.harvard.edu_vrm_2011_08_28_circling-2Daround-2Dyour-2Dwallet_&d=AwMFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=JU5pwwEbXJz85yolZ3CNMpt3tuB5HtahVcLOVq5eEdE&s=aaqiwbA9fTNxt6stAvpe1h9nHmdYSpTKRYWtHbn78bo&e=>
>
>
<http://blogs.law.harvard.edu/vrm/2011/05/27/googles-wallet-and-vrm/
<
https://urldefense.proofpoint.com/v2/url?u=http-3A__blogs.law.harvard.edu_vrm_2011_05_27_googles-2Dwallet-2Dand-2Dvrm_&d=AwMFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=JU5pwwEbXJz85yolZ3CNMpt3tuB5HtahVcLOVq5eEdE&s=aRkNmfb-WlZW-Vnq4-wA-646bycCJSvSmXiDWPR1ICU&e=>
>
>
>> “Identity Mixer enables
users to choose precisely which data to share, and with whom”, said Christina
Peters, IBM’s Chief Privacy Officer. “Now web service providers can improve
their risk profile and enhance trust with customers, and it’s all in the
cloud, making it easy for developers to program.”
>
>Note that this is about
service providers, rather than individuals. So it still sounds like it's on
the administrative side of the administrative/sovereign divide.
>
>But ... could be it's not. I
do believe there are identity services that do not require storing one's
personal stuff, or credentials, outside one's zone of control.
>
>> According to comScore, the
average person spends nearly 25 hours per month using the Internet, accessing
dozens of different Internet services, including banking, shopping and social
networks. For virtually every service, users have to create a personal
profile with a username and password — or for stronger security —
cryptographic certificates. Although such tools can offer sufficient security
for many purposes, they do not typically provide any level of privacy for the
users, causing them to reveal more personal data than is necessary, which can
be costly if it falls into the wrong hands.
>
>That's one problem. Another
is that the individual has no one way to deal with all of those different
service providers. There are as many different systems as providers, and one
cannot scale across all of them in a single way.
>
>> “We wanted individuals to
have control over what they reveal about themselves,”said, Dr. Anna
Lysyanskaya, a co-inventor of Identity Mixer, who is currently a professor of
computer science at Brown University. “With Identity Mixer now in the cloud,
developers have a very strong cryptographic tool that makes privacy
practical; it is a piece of software that you can incorporate into any
identity management service enabling the service to verify that an individual
is an authorized user without revealing any other personal information."
>
>Again, meat for from
vendors, with some gravy for the individual. Do I have that right?
>
>> European and Australian
pilot programs demonstrate Identity Mixer potential
>>
>> To demonstrate the new
cloud version of Identity Mixer, IBM scientists are collaborating with
academic and industrial partners in Europe and Australia in a new pilot
project called Authentication and Authorization for Entrusted Unions (AU2EU).
In a two-year, 8.6-million euro pilot, scientists will test Identity Mixer in
two scenarios: in Germany with the Deutsches Rotes Kreuz (DRK, or the German
Red Cross), and with the Commonwealth Scientific and Industrial Research
Organisation (CSIRO), Australia’s national science agency.
>>
>> As a major provider for
regional home emergency call and social services in Germany, the DRK delivers
tailored social care services to their customers 24/7, including emergency
services, assisted mobility, housekeeping and nursing assistance. The
organization has four million volunteers and professional staff, 52 hospitals
and more than 500 nursing homes operated worldwide.
>>
>> In the AU2EU pilot, 20 DRK
test participants in the southwest of Germany will be equipped with sensors
for in-home activity and status monitoring. The data gathered from these
sensors will be transferred to a dedicated cloud server, where the data will
be analyzed to determine the type of assistance required. In addition, DRK
field representatives will be provided with a mobile device to collect and
register sensitive customer data, such as medical records, medication and
family contacts, to establish a service contract. Identity Mixer will be used
to keep all of this data confidential and private. The technology will be
implemented by NEC Europe and Tunstall Healthcare.
>>
>> A second pilot will
support one of the keys to Australia’s agricultural productivity and related
export trade: its freedom from exotic diseases, particularly in animals. To
maintain the nation’s disease-free status, the Australian government, along
with key partners, has developed an emergency rapid response plan to take
action quickly before an outbreak spreads. This plan involves swiftly
bringing together government, academic and other research organizations,
along with industry partners into a secure, trustworthy online collaborative
environment that facilitates evidence-based decision making. Using Identity
Mixer, the pilot will help facilitate the secure sharing of sensitive
information in a timely matter across several remote locations and among
collaborating partners.
>
>Why not try to partner with
startups (or mature companies) here? Would anybody here be interested in that?
>
>Doc
>
>
>> On Jan 30, 2015, at 2:44
PM, Dan Miller
<
>
wrote:
>>
>>
https://www.evernote.com/shard/s52/sh/b5f6c04e-dcb8-4dc3-afa4-99f6844751a9/d975dc8e83de6c2430be9b02282de65e
<
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.evernote.com_shard_s52_sh_b5f6c04e-2Ddcb8-2D4dc3-2Dafa4-2D99f6844751a9_d975dc8e83de6c2430be9b02282de65e&d=AwMFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=JU5pwwEbXJz85yolZ3CNMpt3tuB5HtahVcLOVq5eEdE&s=739_KJoVIFCbLvjObbKrdmLm-KwbDecjK9y6IgteqdQ&e=>
>>
>> I'm not sure what to make
of this. It's all geek to me, but IBM's research is using a "cryptographic
algorithm" to make it possible for me to protect my privacy.
>>
>> To wit:
>>
>> “We wanted individuals to
have control over what they reveal about themselves,”said, Dr. Anna
Lysyanskaya, a co-inventor of Identity Mixer, who is currently a professor of
computer science at Brown University. “With Identity Mixer now in the cloud,
developers have a very strong cryptographic tool that makes privacy
practical; it is a piece of software that you can incorporate into any
identity management service enabling the service to verify that an individual
is an authorized user without revealing any other personal information."
--
Adrian Gropper MD
Ensure Health Information Privacy. Support Patient
Privacy Rights.
http://patientprivacyrights.org/donate-2/
<
http://patientprivacyrights.org/donate-2/>
--
Adrian Gropper MD
Ensure Health Information Privacy. Support Patient Privacy Rights.
http://patientprivacyrights.org/donate-2/
<
http://patientprivacyrights.org/donate-2/>
Archive powered by MHonArc 2.6.19.
