Hub/Agent Cloud Stuff Project/Company Intro’s/Explainers

From IIW

Hub/Agent Cloud Stuff Project/Company Intro’s/Explainers (Part 2): Continuation from Day 2 Session 7I (Mapping Working Groups)


Thursday 11F

Convener: Kaliya Young

Notes-taker(s): Kaliya Young


Tags for the session - technology discussed/ideas considered:



Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


1. Notes received from Kaliya Young:

Common amongst all of them are these things


DID Communication

- Base Encryption (Wallet People Port Civic)

- Message Typing

- outing

- Alignment w/ crypto key types (secret management)


Increase compatibility in future w/o hair pulling in the future.



Agents

based on ARIES at Hyperledger

* Key Management
* Credentials
* Protocol Support

https://wiki.hyperledger.org/display/ARIES/Hyperledger+AriesIM


Projects/Companies based on Aries

- IDRamp - https://idramp.com

- Mattr (SparkNZ) - http://www.sparknz.co.nz/

- StreetCred

- connect.me http://www.connect.me

- T-Mobile (Axel)

- Germen Credentials @University

- NL Bank Consortium

- BlockPass - https://blockpass.org

- Some Banks are folding into existing applications

- IBM - https://www.ibm.com/blockchain/solutions/identity

- ATT


British Columbia super Agent in its own category




HUBS

Personal Data Stores

* Can store encrypted things at Rest

* Actions -> Meta Protocol

* Synchronization between Hubs

MSFT and WorkDay



Other Projects

Transmute - Workflows approach - https://www.transmute.industries

digi.me waiting for the - https://digi.me

LifeScope - SOLID - https://lifescope.io - https://solid.inrupt.com

3Box [Ethereum] - https://medium.com/uport/announcing-3box-and-ethereum-profiles-dba9841e0952

Privony - Michael Becker’s Company - https://privowny.com

HIEofOne -http://hieofone.org

Wault for Health - https://wault.wymsical.com

Blockstack - https://blockstack.org



- PICO Labs aligned with ARIES - https://picolabs.atlassian.net


WALLETS

* narrowly defined around holding credentials

uPort - https://www.uport.me

Civic - https://www.civic.com

JoloCom - https://jolocom.io

BlockchainCommons key recovery airgap- https://www.blockchaincommons.com

Sphere - https://www.sphereidentity.com

VeresOne Web Profile - https://veres.one


Just Crypto

- electron

- Pillar http://www.pillar.io


Things in play in decentralized web land include the

Fediverse https://fediverse.party

Activity Streams - https://www.w3.org/TR/activitystreams-core/





Here is a Community Calendar of Calls related to Decentralized Identity & the Market


MONDAY


Identifiers Names and Discovery
Decentralized Identity Foundation
11-12 PST Bi-Weekly
Chairs: Markus Sabodello, Jude Nelson


TUESDAY


Sovrin Crypto Meeting
Sovrin
7am Pacific Weekly
Chairs: Mike Lodder, Nathan George



VCWG - Verifiable Credentials Working Group

:W3C Working Group must be W3C Member

8-9 Pacific Weekly
Chairs: Dan B



Credentials Community Group

:W3C Community Group Open to anyone

9-10 Pacific Weekly
Chairs: Kim Hamilton, Christopher Allen, Joe Andrew


Semantics Working Group
Hyperledger Indy - AREIS?
10-11:15 Bi-Weekly (Next May 14)



WEDNESDAY


URSA Crypto meeting
Hyperledgeer
7am Pacific Bi weekly
Chair: Mike Lodder & Dave Huseby



DIF All Members Call
Decentralized Identity Foundation
8-9 Pacific Bi-Weekly



Interop Project
Decentralized Identity Foundation
8am Pacific Bi-Weekly (opposite weeks of Member call)
Chair: Rouven Heck



Me2Be Community Call
Werethinking Foundation
8-9 on 2nd Wednesday's Monthly (changing to different day)
Chair: Lisa LaVassuer



Consent Management

:Kantara + ISO

7AM PT/10:00 AM ET Bi-Weekly
Chairs: Jim from digi.me and Andrew Hughes



ARIES Developer Call

:Hyperledger (Formerly Indy Agent)

12-1:30 Pacific
Chairs: Sam Curren & Stephan Curran



THURSDAY


Storage and Compute Working Group
Decentralized Identity Foundation
8-9am pacific Bi-Weekly
Chairs: Daniel Buchner, Sam Curren



CIS Consent Information Sharing Working Group

:Kantara

10:30-11:30 ET (7:30-8:30 PT) Weekly
Chairs: Jim Pasquale, John Wunderlich, Andrew Hughes



ARIES Developer Call
HyperLedger
8am PT
Chairs: Sean Bohan, Nathan George I



UserManaged Access
Kantara * 6am pacific time/9am Eastern
Chair: Eve Maler
Twitter: @umawg


DID Spec and DID Resolution
W3C Part of Credentials Community Group
13:00-14:30 PT


FRIDAY


******************* ***************** ****************** *************


2. Notes received from Kaliya Young - Part 1 (Session 7I):


We started out brainstorming all the groups we could think of and clustering them.


DIF


Identifiers Names and Discovery

https://identity.foundation/working-groups/identifiers-names-discovery.html

-> SideTree protocol

-> Universal Resolver

Members of the Working Group are engaged in development of protocols and systems that enable creation, resolution, and discovery of decentralized identifiers and names across underlying decentralized systems, like blockchains and distributed ledgers.


DIF Storage and Compute

https://identity.foundation/working-groups/storage-compute.html

Secure, encrypted, privacy-preserving storage and computation of data is a critical component of decentralized identity systems. As with identifiers and names must be self-sovereign to the owning entity, a user's identity data must remain private, only accessible to the entities they allow. DIF members are actively developing specs and reference implementations for provider-agnostic, run-anywhere solutions that provides these features.


DIF Claims and Credentials

BiWeekly on Thursday

https://identity.foundation/working-groups/claims-credentials.html

Join this group to contribute to the standards and technology that create, exchange, and verify claims and credentials in a decentralized identity ecosystem. For example, a cryptographically verifiable credential that proves an individual has a college degree or is of a certain age. Our members focus on specs that are vendor agnostic and based on industry standards.


DIF Security <- New



DIDAuth

Thursday Bi-Weekly



Interop Project



Indy

https://github.com/hyperledger/indy-node#about-indy-node

Hyperledger Indy is a distributed ledger, purpose-built for decentralized identity. It provides tools, libraries, and reusable components for creating and using independent digital identities rooted on blockchains or other distributed ledgers so that they are interoperable across administrative domains, applications, and any other “silo.”


AREIS (Indy Agent) -

https://github.com/hyperledger/indy-agent

Agents come in all varieties. Some are simple and static; these might be appropriate for IoT use cases that are hard-wired for a single connection. Others are complex and cloud-based, suitable for enterprise use. Still others run on mobile devices for individual users.

Wednesday Noon Pacific


Indy SDK

Wednesday 7am



Peer/Pariwise



W3C


Credentials Community Group

https://www.w3.org/community/credentials/

The mission of the W3C Credentials Community Group is to explore the creation, storage, presentation, verification, and user control of credentials. We focus on a verifiable credential (a set of claims) created by an issuer about a subject—a person, group, or thing—and seek solutions inclusive of approaches such as: self-sovereign identity; presentation of proofs by the bearer; data minimization; and centralized, federated, and decentralized registry and identity systems. Our tasks include drafting and incubating Internet specifications for further standardization and prototyping and testing reference implementations.



Part of this Group meets in

DID Spec and DID Resolution Spec

Weekly Meetings

https://docs.google.com/document/d/1qYBaXQMUoB86Alquu7WBtWOxsS8SMhp1fioYKEGCabE/edit#


Will become the DID Working Group

Verifiable Credentials Working Group

https://www.w3.org/TR/verifiable-claims-data-model/

Credentials are a part of our daily lives; driver's licenses are used to assert that we are capable of operating a motor vehicle, university degrees can be used to assert our level of education, and government-issued passports enable us to travel between countries. This specification provides a mechanism to express these sorts of credentials on the Web in a way that is cryptographically secure, privacy respecting, and machine-verifiable.




WebAuthN

Standard: https://www.w3.org/TR/webauthn/

Working Group Page: https://www.w3.org/Webauthn/

The Web Authentication Working Group published Web Authentication: An API for accessing Public Key Credentials Level 1 (WebAuthn) as a W3C Recommendation on March 4, 2019. This specification defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. As a core component of the FIDO Alliance’s FIDO2 set of specifications,


Activity Streams 2.0

https://www.w3.org/TR/activitystreams-core/

This specification details a model for representing potential and completed activities using the JSON format. It is intended to be used with vocabularies that detail the structure of activities, and define specific types of activities.


OpenID

OpenIDConnect Self-Issued

https://openid.net/specs/openid-connect-core-1_0.html#SelfIssued

OpenID Connect supports Self-Issued OpenID Providers - personal, self-hosted OPs that issue self-signed ID Tokens. Self-Issued OPs use the special Issuer Identifier https://self-issued.me.

The messages used to communicate with Self-Issued OPs are mostly the same as those used to communicate with other OPs. Specifications for the few additional parameters used and for the values of some parameters in the Self-Issued case are defined in this section.


Kantara


Consent & Information Sharing Work Group

https://kantarainitiative.org/groups/ciswg/

Project VRM and other related parties wish to build a framework around which a new type of personal information can be enabled to flow, and in doing so improve the relationship between demand and supply. Our contention is that when individuals are forced to sign organization-centric privacy policies/ terms of use then this places limitations on the information that will be shared. If such constraints were removed, and capabilities built on the side of the individual, then new, rich information will flow – including actual demand data (as opposed to derived/ predicted demand). The goal of this working group is to identify and document the use cases and scenarios that illustrate the various sub-sets of user driven information, the benefits therein, and specify the policy and technology enablers that should be put in place to enable this information to flow.




Consent Management

https://kantarainitiative.org/confluence/display/consentmanagement/WG+-+Consent+Management+Solutions+Home

Consent Management Solutions are used to manage the full lifecycle of an individual’s consent for the processing of their personal data. That consent needs to be: freely given, specific, informed and unambiguous.


Consent Receipt Standard

https://kantarainitiative.org/confluence/display/infosharing/Consent+Receipt+Specification

A Consent Receipt is record of authority granted by a Personally Identifiable Information (PII) Principal to a PII Controller for processing of the Principal's PII. The record of consent is human-readable and can be represented as standard JSON. This specification defines the requirements for the creation of a consent record and the provision of a human-readable receipt. The standard includes requirements for links to existing privacy notices & policies as well as a description of what information has been or will be collected, the purposes for that collection as well as relevant information about how that information will be used or disclosed. This specification is based on current privacy and data protection principles as set out in various data protection laws, regulations and international standards.



IEEE

Blockchain for Healthcare

https://transmitter.ieee.org/blockchain-in-healthcare/




IEEE Data Governance 7000 series

P7002 Data Privacy Process

https://standards.ieee.org/project/7002.html

This standard defines requirements for a systems/software engineering process for privacy oriented considerations regarding products, services, and systems utilizing employee, customer or other external user's personal data. It extends across the life cycle from policy through development, quality assurance, and value realization. It includes a use case and data model (including metadata). It applies to organizations and projects that are developing and deploying products, systems, processes, and applications that involve personal information. By providing specific procedures, diagrams, and checklists, users of this standard will be able to perform a conformity assessment on their specific privacy practices. Privacy impact assessments (PIAs) are described as a tool for both identifying where privacy controls and measures are needed and for confirming they are in place.



P7004 Child and Student Data Governance

https://standards.ieee.org/project/7004.html

The standard defines specific methodologies to help users certify how they approach accessing, collecting, storing, utilizing, sharing, and destroying child and student data. The standard provides specific metrics and conformance criteria regarding these types of uses from trusted global partners and how vendors and educational institutions can meet them.

Page Break


P7005 Employment

https://standards.ieee.org/project/7005.html

The standard defines specific methodologies to help employers to certify how they approach accessing, collecting, storing, utilizing, sharing, and destroying employee data. The standard provides specific metrics and conformance criteria regarding these types of uses from trusted global partners and how vendors and employers can meet them.



P7006 Personal Data AI Agent

https://standards.ieee.org/project/7006.html

This standard describes the technical elements required to create and grant access to a personalized Artificial Intelligence (AI) that will comprise inputs, learning, ethics, rules and values controlled by individuals.


P7012 Machine Readable Privacy Terms

https://standards.ieee.org/project/7012.html

The standard identifies/addresses the manner in which personal privacy terms are proffered and how they can be read and agreed to by machines.



ISO

TC 307 Blockchain Process Policy

- Blockchain and distributed ledger technologies -- Terminology

- Blockchain and distributed ledger technologies -- Privacy and personally identifiable information protection considerations

- Blockchain and distributed ledger technologies -- Security risks, threats and vulnerabilities

- Blockchain and distributed ledger technologies -- Overview of identity management using blockchain and distributed ledger technologies



Other Things


JLINC (JSON-LD Link Contracts) for Data Sharing Governance

https://jlinc.org

The protocol is open (anyone can use it) but it is not at a standards body.

JLINC is an open protocol for sharing data protected by an agreement on the terms under which the data is being shared.

The agreement is known as an Information Sharing Agreement, and can be a reference to a standardized agreement (a Standard Information Sharing Agreement or SISA) or a one-off specialized contract.

The base profile is HTTP-based, but any protocol that affords methods for initiating and responding to data transactions, along with metadata (headers) accompanying those interactions could be adapted.


NIST 800-63-3



ERC 725


FIDO


Then we organized it into a map of where the different groups and their work fit in a map of the ecosystem.


TH11F.jpg


Events:

Interop-a-thon proposed

Internet Identity Workshop

MyData

Rebooting Web of Trust

Page Break


We also named many companies in the space.


Transmute

Veres One

Trusted Key

Ockam

Consensus

Sovrin

Jolocom

Civic

Bloom

Yubico

digi.me

Inonyom

Sphere Identity

SelfKey

CULedger

BCGov

Blockstack

Inrupt

Lifescope

Evernym


Map of the Agents and Hubs


Common amongst all of them are these things


DID Communication

- Base Encryption (Wallet People Port Civic)

- Message Typing

- Routing

- Alignment w/ crypto key types (secret management)


Increase compatibility in future w/o hair pulling in the future.


Things in play in decentralized web land include the

Fediverse https://fediverse.party

Activity Streams - https://www.w3.org/TR/activitystreams-core/ Page Break


Agents

based on ARIES at Hyperledger

  • Key Management
  • Credentials
  • Protocol Support

https://wiki.hyperledger.org/display/ARIES/Hyperledger+AriesIM


Projects/Companies based on Aries

- IDRamp - https://idramp.com

- Mattr (SparkNZ) - http://www.sparknz.co.nz/

- StreetCred

- connect.me http://www.connect.me

- T-Mobile (Axel)

- Germen Credentials @University

- NL Bank Consortium

- BlockPass - https://blockpass.org

- Some Banks are folding into existing applications

- IBM - https://www.ibm.com/blockchain/solutions/identity

- ATT


HUBS

Personal Data Stores

  • Can store encrypted things at Rest
  • Actions -> Meta Protocol
  • Synchronization between Hubs

MSFT and WorkDay



Other Projects

Transmute - Workflows approach - https://www.transmute.industries

digi.me waiting for the - https://digi.me

LifeScope - SOLID - https://lifescope.io - https://solid.inrupt.com

3Box [Ethereum] - https://medium.com/uport/announcing-3box-and-ethereum-profiles-dba9841e0952

Privony - Michael Becker’s Company - https://privowny.com

HIEofOne -http://hieofone.org

Wault for Health - https://wault.wymsical.com

Blockstack - https://blockstack.org



- PICO Labs aligned with ARIES - https://picolabs.atlassian.net



WALLETS

  • narrowly defined around holding credentials

uPort - https://www.uport.me

Civic - https://www.civic.com

JoloCom - https://jolocom.io

BlockchainCommons key recovery airgap- https://www.blockchaincommons.com

Sphere - https://www.sphereidentity.com

VeresOne Web Profile - https://veres.one


Just Crypto

- electron

- Pillare