Difference between revisions of "Identity Lifecycle – Getting the Genie Back in the Bottle (M4E) URL:"

From IIW
Jump to: navigation, search
(Undo revision 3170 by Igiwydijok (Talk))
 
Line 1: Line 1:
=[http://obibohococ.co.cc Under Construction! Please Visit Reserve Page. Page Will Be Available Shortly]=
 
 
Convener: Jeff Stollman
 
Convener: Jeff Stollman
 
Notes-taker(s): William Mills
 
Notes-taker(s): William Mills
Line 17: Line 16:
 
     Vanish is an example of a product here.
 
     Vanish is an example of a product here.
  
Is there another level here which is "Assured destruction"
+
Is there another level here which is "Assured destruction"
 
     Disappearing Ink was a company in this space.
 
     Disappearing Ink was a company in this space.
  
Line 34: Line 33:
 
Can a trusted 3rd party help ensure te dustruction/privacy/revocation.
 
Can a trusted 3rd party help ensure te dustruction/privacy/revocation.
  
A key question, "what is the incentive for people to be good actors?" or what's the penalty for not obeying privacy restrictions?
+
A key question, "what is the incentive for people to be good actors?" or what's the penalty for not obeying privacy restrictions?
  
 
Another interestion question of information lifecycle:  when the data changes context you may really care.  It can be a big problem.  The privacy boundaries here are significant and the user needs to be in control.
 
Another interestion question of information lifecycle:  when the data changes context you may really care.  It can be a big problem.  The privacy boundaries here are significant and the user needs to be in control.

Latest revision as of 14:18, 2 February 2011

Convener: Jeff Stollman Notes-taker(s): William Mills

Tags for the session - technology discussed/ideas considered:


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


We have several classes of data:

Uncontrollably exposed

   Here we are throwing up our hands.  

Controllably exposed (for example by contract) retrievable/withdraw able/erasable

   Vanish is an example of a product here.

Is there another level here which is "Assured destruction"

   Disappearing Ink was a company in this space.

Data security becomes very much like a DRM system.

How do we apply this to Identity Information?

Another taxonomy: - Permanent data that we might want to withdraw. - Transient data that should have a limited life.

What controls do we have here? - Contract - Legal obligation

Can a trusted 3rd party help ensure te dustruction/privacy/revocation.

A key question, "what is the incentive for people to be good actors?" or what's the penalty for not obeying privacy restrictions?

Another interestion question of information lifecycle: when the data changes context you may really care. It can be a big problem. The privacy boundaries here are significant and the user needs to be in control.