SlideShare a Scribd company logo

Identity Federation: Citizen Consent and the Internet of Things - October 2017

Guy Huntington
Guy Huntington

With nanotechnology, devices are shrinking down to an almost molecular level and have the ability to communicate wirelessly via the Internet. These devices are beginning to proliferate in almost all aspects of our lives be it medical, transportation, government, clothing, appliances, and so on. Since device owners have to access many different systems to manage their authorization consents, it becomes unwieldly. This paper addresses the simple question of “How do I manage all my consents across a wide variety of different devices, suppliers, and their systems in one place?”

Internet
1 of 11
Download to read offline
Identity Federation: Citizen Consent and the Internet of Things Author: Guy Huntington, President, Huntington Ventures Ltd. Date: October 2017
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 2 Table of Contents Executive Summary ..................................................................................................................................................3 Introduction................................................................................................................................................................4 Internet of Things Consent Principles .......................................................................................................................5 Governments and Consent .......................................................................................................................................8 User Managed Access - Privacy and Security ..........................................................................................................9 Summary .................................................................................................................................................................10 About the Author .....................................................................................................................................................11
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 3 Executive Summary With nanotechnology, devices are shrinking down to an almost molecular level and have the ability to communicate wirelessly via the Internet. These devices are beginning to proliferate in almost all aspects of our lives be it medical, transportation, government, clothing, appliances, and so on. Since device owners have to access many different systems to manage their authorization consents, it becomes unwieldy. This paper addresses the simple question of “How do I manage all my consents across a wide variety of different devices, suppliers, and their systems in one place?” The paper lays out Internet of Things Consent Principles, explaining each one in greater detail: • End user consent must be required to use the device except those cases where it is mandated by laws and regulations. • The chain of custody for consent must exist at all levels, i.e. from vendor through to final user or users based on risk and laws/regulations. • The device, the system that controls it, and/or the identity management system the device is a part of must be able to use “User Managed Access” and also “OpenID Connect” protocols. • Any individual, government, or enterprise offering a centralized user consent service must be mandated by laws and regulations. • Any consent management service must adhere to regulatory security best practices including identity and credential assurance, data storage and transmission as well as archival processes. • Based on risk, the identity assurance and the credential assurance must be applied to obtain and/or transfer consent between the user and various enterprises and/or other Internet of Things devices. • Secure, delegated access of consent should be part of the device’s consent management system. • The user of a centralized consent management service should have the ability to transfer this service to other enterprises offering this service in a secure manner. • When a user leaves a centralized consent management service, the service must securely store the data for a predetermined amount of time according to the timeframes set forth by laws and regulations. The paper then identifies areas where governments need to be involved with identity and credential assurance as well as laws and regulations pertaining to consent management. User Managed Access (UMA) is discussed from a privacy and security perspective. Users want to ensure their centrally managed consent service is secure. They won’t want unauthorized access and/or someone masquerading as them, learning about, and/or changing their consents. The paper then concludes by noting that identity federation is the heart of creating an interdependent world. The user should be securely in control of how this technology is deployed and used.
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 4 Introduction With the development of nanotechnology and wireless communication, the size of wireless computer chips is becoming almost molecular in level. Nanotechnology is being implemented in everything including automotive components, medical devices, buildings and process controls, appliances, and will even eventually be implemented in clothing. While most of the industry’s focus is on producing new ways of interacting with devices, not a lot of attention is focused on user consent. Why is this important? Come with me on a journey… 5 years into the future. You will likely be interacting daily with 20-100 or more different devices such as your fridge. Your fridge is now smart. It actually knows what is inside it, how much has been consumed, what groceries you are running low on, and the ages of the food. You are a busy person who does not have time to shop. So, you give authorization consent to a company like Amazon or Walmart so the fridge information is automatically sent to them with predefined ordering information. You come home and find the food you need to replenish your fridge on your doorstep, which was automatically drop shipped by Amazon or Walmart using a drone. Perhaps your fridge was automatically restocked for you (https://www.foodbeast.com/news/walmart-delivery-service- home-access). Now let’s say that while you shop at Amazon or Walmart, there are some specialty stores you also like to shop at. You give your consent to the fridge to send the specialty retailers information on only the products they supply. When the product level gets low, the fridge automatically sends out information to them and the specialty retailer ships it to you. As your food preferences, budgets, and retailers change, or when you sell your fridge, you change your consent. This is just your fridge. Imagine the complex world of consent management when you have 20-100 different Internet of Things! Since the device owners have to access many different systems to manage their consents, it becomes unwieldly. This paper addresses the simple question of “How do I manage all my consents across a wide variety of different devices, suppliers, and their systems in one place?” First, some underlying principles of consent management are required. These principles will provide a legislative, vendor, and user framework to operate within.
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 5 Internet of Things Consent Principles • End user consent must be required to use the device except in those cases where consent is mandated by laws and regulations. • The chain of custody for consent must exist at all levels, i.e. from vendor through to final user or users based on risk and laws/regulations. • The device, the system that controls it, and/or the identity management system the device is part of, must be able to use “User Managed Access” and also “OpenID Connect” protocols. • Any individual, government, or enterprise offering a centralized user consent service must be mandated by laws and regulations. • Any consent management service must adhere to regulatory security best practices including identity and credential assurance, data storage and transmission as well as archival processes. • Based on risk, the identity assurance and the credential assurance must be applied to obtain and/or transfer consent between the user and various enterprises and/or other Internet of Things devices. • Secure, delegated access of consent should be part of the device’s consent management system. • The user of a centralized consent management service should have the ability to transfer this service to other enterprises offering this service in a secure manner. • When a user leaves a centralized consent management service, the service must securely store the data for a predetermined amount of time according to the timeframes set forth by laws and regulations.
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 6 End user consent must be required to use the device except those cases mandated by laws and regulations Consent to use and/or receive data or a service from a device should be required based on any applicable laws/regulations and/or risk. For example, a T-shirt you own that has a smart chip within it, will likely be low and require little or no consent, e.g. sending information to your washing machine. A driverless car owner may grant access to a driver of her vehicle. This is a higher risk and may or may not fall under certain legal laws and regulations about consent being obtained. The chain of custody for consent must exist at all levels, i.e. from vendor through to final user or users, based on risk and laws/regulations Chain of custody for consent, i.e. a historical record of who was granted authorizations, must exist for a device dependent upon risk and any laws or regulations applicable. Let’s take two devices as examples: a fridge and the pacemaker. The fridge consent chain of custody is not high risk. Therefore, the history of consents given for the fridge might not be held that long nor is required by law. Pacemakers are high risk with sensitive information. Therefore, the chain of custody of all consents given for this device, from the manufacturer onwards, needs to be kept for a specific period set forth by laws and regulations. The device, the system that controls it, and/or the identity management system the device is part of must be able to use “User Managed Access” and also “OpenID Connect” protocols “User Managed Access” (UMA) (https://kantarainitiative.org/confluence/display/uma/Home) is a vendor agnostic protocol designed to allow a user to centralize their authorization consents based on OAuth 2.0 (https://oauth.net/2/). It allows for one place for a user to go to view, change, or grant their authorizations for devices in different locations, networks, and enterprises. Devices should also be compatible with OpenID Connect (OIDC) (http://openid.net/connect/), which is a protocol built on top of OAuth to provide identity and credential assurance. As other principles state, based on risk, the consent obtained will use higher levels of identity and credential assurance where required. All devices and/or their control systems and/or identity management systems that control the device must be compliant with these protocols. Any individual, government, enterprise or individual offering a centralized user consent management service must be mandated by laws and regulations The potentially sensitive content of a user’s consent means that any government, enterprise, or third party offering a centralized user consent management service must be in compliance with laws and regulations pertaining to the service.
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 7 Any consent management service must adhere to regulatory security best practices including Identity and credential assurance, data storage and transmission as well as archival processes. Governments should have laws and regulations pertaining to consent management. This should include specifications for different identity and credential assurance levels, the way the consent data is stored, accessed, transmitted, and archived. Based on risk, identity and credential assurance must be applied to validate the identity before applying consent How the user provides their consent should be based upon risk. For low risk consent, low identity and credential assurances levels will be used. However, as the risk rises, higher identity and credential assurance levels should be required. Let’s use the fridge and pacemaker as examples. The fridge is a low risk device, thus requiring low levels of identity and credential assurance to ensure that you, the owner, are who you claim to be, when assigning consent. A username and password might be sufficient with no identity verification required. A pacemaker is a high-risk device. Any changes to the authorization consent for the information this device produces should require high levels of identity and credential assurance. Identity verification from a government identity verification service and also a biometric plus a password might be required to authenticate in order to apply or change consent. Secure, delegated access of consent should be part of the device’s consent management system A user should have the ability to delegate some or all their consent to another. Let’s use the fridge as an example. You, the fridge owner, are the principal consent manager. You choose to give your partner the same abilities to manage consent. However, you decide to restrict consent abilities to your children, only allowing them to manage a small portion of the food consent within the fridge. The user of a centralized consent management service should have the ability to transfer this service to other enterprises offering this service in a secure manner If a user wants to switch suppliers of their central consent management service, it should be done in compliance with laws and regulations in a secure manner. Let’s use the example of a user deciding to switch from Acme Inc. as the centralized consent management service to a bank offering the same service. Laws and regulations need to be in place prescribing standards by which the user notifies Acme Inc. of their intent to terminate the agreement and the transfer to the bank. The history of the authorization consents, the time limit that Acme Inc. retains the information, and how the information should be transferred, should be mandated by laws and regulations.
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 8 When a user leaves a centralized consent management service, the service must securely store the data for a predetermined amount of time according to the timeframes set forth by laws and regulations Laws and regulations should apply to how long a centralized consent management services retains their records after a user leaves the service. Governments and Consent From the above principles, it becomes apparent that governments need to be involved in creating a citizen consent system in the following areas: • Identity assurance • Credential assurance • Laws and regulations pertaining to consent management Identity and Credential Assurance What is identity and credential assurance? • Identity assurance is a rating scale of risk versus identity verification processes used • Credential assurance is a rating scale of risk versus the type of authentication used For low risk usage, whatever the vendor and user agree to will likely be sufficient. However, as the risk rises, higher levels of both identity and credential assurance are required. Governments are usually involved in determining identity assurance levels. Higher levels of identity assurance usually require biometrics. The same applies to credential assurance. The following paper illustrates how the old ways of doing this are no longer effective: Identity Federation: Biometrics and Governments (https://www.slideshare.net/ghuntington/identity-federation-biometrics-and-governments- sept-2017-80192336). Governments need to lay the foundational pieces for protecting a citizen’s biometrics. They also need to create a high-level identity verification assurance service upon which other levels of government and third parties use to verify and authenticate an identity. Laws and Regulations Governments should conduct a gap analysis illustrating where changes need to be made pertaining to citizen authorization consent. There are also cross-border authorization rights to consider. In Europe in 2018 the General Data Protection Regulation (GDPR) regulations come into effect. In this presentation by Eve Maler, Chair of the Consumer Identity World, Work Group she lays out how UMA will assist enterprise in meeting their compliance: https://kantarainitiative.org/confluence/download/attachments/17760302/CIWUSA%20Kantara%20wor kshop%20GDPR%20UMA%202017-09-11.pdf?api=v2. This is just the first of many similar requirements as governments all over the world create new identity protection laws.
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 9 User Managed Access - Privacy and Security The protocol for User Managed Access (UMA) is dependent upon OAuth 2.0 for authorization. It has been designed to work with OpenID Connect for authentication. What does this really mean? In the Federation Protocols section of Enterprise Identity Federation: Mitigating Risks and Liabilities (https://www.slideshare.net/ghuntington/identity-federation-mitigating-risks-and-liabilities-79942481), it describes the following: Imagine that you are constructing a strong structure using blocks. At the bottom of the structure you use six large blocks. This is the foundational piece. However, there are many different ways to assemble each of the foundational blocks, i.e. each of the large blocks is composed of smaller blocks that can be assembled differently to make the larger foundational one. On top of the large foundational blocks, you then assemble five mid-tier blocks. Like the foundational ones supporting them, they too have different ways for each of them to be configured, i.e. each mid-tier block is made up of smaller blocks. • The foundational blocks are JSON components and WebFinger • Mid-tier blocks are the OAuth components Depending upon how the blocks are configured, then the protocol that uses them, i.e. UMA, may or may not be secure. This paper by Jim Manico1 illustrates some of the OAuth token countermeasures that need to be addressed: https://handouts.secappdev.org/handouts/2017/Jim%20Manico/04a.%20OAUTH%20Security%20Introd uction%20MODULE%202-9-2017.pdf Regulators, vendors, identity system providers, and users need to realize that the security and privacy of their Internet of Things centralized consent is dependent on how UMA and OAuth are configured. Any enterprise embarking on a deployment of UMA centralized consent service must first consider both the legal and security implications to mitigate risk and potential liabilities. From an end user’s perspective, they will want to ensure that their centrally managed consent service is secure. They won’t want unauthorized access and/or someone masquerading as them, learning about and/or changing their consents. 1 https://manicode.com/
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 10 Summary The noted NY Times Columnist, Thomas Friedman, in a recent column stated2 : “We’re going through a change in the “climate” of globalization — going from an interconnected world to an interdependent one, from a world of walls where you build your wealth by hoarding the most resources to a world of webs where you build your wealth by having the most connections to the flow of ideas, networks, innovators and entrepreneurs. In this interdependent world, connectivity leads to prosperity and isolation leads to poverty. We got rich by being “America Connected” not “America First. Finally, we’re going through a change in the “climate” of technology and work. We’re moving into a world where computers and algorithms can analyze (reveal previously hidden patterns); optimize (tell a plane which altitude to fly each mile to get the best fuel efficiency); prophesize (tell you when your elevator will break or what your customer is likely to buy); customize (tailor any product or service for you alone); and digitize and automatize more and more products and services. Any company that doesn’t deploy all six elements will struggle, and this is changing every job and industry.” Identity federation is at the heart of this change. It is the “interdependent glue” allowing an enterprise, application, service, or a smart thing to trust one or more other entities and/or things. This occurs immediately, allowing secure authorized access from anywhere on the globe. Identities needs to control their privacy as well as their authorizations in a centralized fashion. This is achieved by establishing laws and regulations pertaining to authorization consent and adopting User Managed Access with OpenID Connect. A sweeping change is now upon us. The user should be securely in control of how this technology is deployed and used. 2 https://www.nytimes.com/2017/09/27/opinion/globalization-trump-american- progress.html?rref=collection%2Fcolumn%2Fthomas-l- friedman&action=click&contentCollection=opinion&region=stream&module=stream_unit&version=lat est&contentPlacement=1&pgtype=collection
Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 11 About the Author Guy Huntington is a veteran identity architect, program and project manager who’s lead as well as rescued many large identity projects with many of them involving identity federation. His past clients include Boeing, Capital One, Kaiser Permanente, WestJet, Government of Alberta’s Digital Citizen Identity and Authentication Program and Alberta Blue Cross. As one of his past clients said “He is a great find, because he is able to do high quality strategic work, but is also well-versed in project management and technical details, so he can traverse easily from wide to deep. With Guy, you get skills that would typically be encompassed in a small team of people.”

Recommended

The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
 
Blockchain and government opportunities
Blockchain and government opportunitiesBlockchain and government opportunities
Blockchain and government opportunitiesSusan Dart
 
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...gallowayandcollens
 
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
 
Blockchain and Fintech in Melbourne Australia
Blockchain and Fintech in Melbourne AustraliaBlockchain and Fintech in Melbourne Australia
Blockchain and Fintech in Melbourne AustraliaSusan Dart
 
Cloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issuesCloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issuesLilian Edwards
 
Intelligent underwriting workbench
Intelligent underwriting workbenchIntelligent underwriting workbench
Intelligent underwriting workbenchArtivatic.ai
 
Blockchain and it’s importance on Insurance Industry
Blockchain and it’s importance on Insurance IndustryBlockchain and it’s importance on Insurance Industry
Blockchain and it’s importance on Insurance IndustryArtivatic.ai
 

Recommended

The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
 
Blockchain and government opportunities
Blockchain and government opportunitiesBlockchain and government opportunities
Blockchain and government opportunitiesSusan Dart
 
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...
The Fiduciary Access to Digital Assets Act in Michigan:Now That We Have it, W...gallowayandcollens
 
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...
The Fiduciary Access to Digital Assets Act in Michigan: Now That We Have it, ...gallowayandcollens
 
Blockchain and Fintech in Melbourne Australia
Blockchain and Fintech in Melbourne AustraliaBlockchain and Fintech in Melbourne Australia
Blockchain and Fintech in Melbourne AustraliaSusan Dart
 
Cloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issuesCloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issuesLilian Edwards
 
Intelligent underwriting workbench
Intelligent underwriting workbenchIntelligent underwriting workbench
Intelligent underwriting workbenchArtivatic.ai
 
Blockchain and it’s importance on Insurance Industry
Blockchain and it’s importance on Insurance IndustryBlockchain and it’s importance on Insurance Industry
Blockchain and it’s importance on Insurance IndustryArtivatic.ai
 
KYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryKYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryNitin Patidar
 
Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011Adv Prashant Mali
 
Blockchain - Hype or Reality
Blockchain - Hype or RealityBlockchain - Hype or Reality
Blockchain - Hype or Realitysnewell4
 
What is blockchain beyond cryptocurrencies - 16 use cases
What is blockchain beyond cryptocurrencies - 16 use casesWhat is blockchain beyond cryptocurrencies - 16 use cases
What is blockchain beyond cryptocurrencies - 16 use casesAppinventiv
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorBrian Miller, Solicitor
 
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...Jim Brashear
 
AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company Artivatic.ai
 
Tape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisTape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisThomas Bronack
 
Chatbots: The New Sales Agent in Insurance Industry
Chatbots: The New Sales Agent in Insurance IndustryChatbots: The New Sales Agent in Insurance Industry
Chatbots: The New Sales Agent in Insurance IndustryArtivatic.ai
 
Smart contract development company blockchain developments
Smart contract development company blockchain developmentsSmart contract development company blockchain developments
Smart contract development company blockchain developmentsBlockchain Developments
 
Demystifying Smart Contracts
Demystifying Smart ContractsDemystifying Smart Contracts
Demystifying Smart ContractsBernard Peh
 
Ppt presentation 1
Ppt presentation 1Ppt presentation 1
Ppt presentation 1Guntakatla PanduRangarao
 
Blockchaindev #1 - Ethereum Smart Contracts 101
Blockchaindev #1 - Ethereum Smart Contracts 101Blockchaindev #1 - Ethereum Smart Contracts 101
Blockchaindev #1 - Ethereum Smart Contracts 101Thiago Araujo
 
How Blockchain App Development is Paving the Way for the Future
How Blockchain App Development is Paving the Way for the FutureHow Blockchain App Development is Paving the Way for the Future
How Blockchain App Development is Paving the Way for the FutureDamco Solutions
 
When and why to use blockchain technology
When and why to use blockchain technology When and why to use blockchain technology
When and why to use blockchain technology Blockchain Council
 
BlockchainPaper
BlockchainPaperBlockchainPaper
BlockchainPaperSanjeev Verma, PhD
 
DATA Working Group - Consumer Best Practices
DATA Working Group - Consumer Best PracticesDATA Working Group - Consumer Best Practices
DATA Working Group - Consumer Best PracticesDataSecretariat
 
Automating trust with new technologies
Automating trust with new technologiesAutomating trust with new technologies
Automating trust with new technologiesStrategy&, a member of the PwC network
 
Ten Blockchain Applications
Ten Blockchain ApplicationsTen Blockchain Applications
Ten Blockchain ApplicationsAhmed Banafa
 
Requirements for Successful Enterprises in a Federated Economy - October 2017
Requirements for Successful Enterprises in a Federated Economy - October 2017Requirements for Successful Enterprises in a Federated Economy - October 2017
Requirements for Successful Enterprises in a Federated Economy - October 2017Guy Huntington
 
Real implementation Blockchain Best Use Cases Examples
Real implementation Blockchain Best Use Cases ExamplesReal implementation Blockchain Best Use Cases Examples
Real implementation Blockchain Best Use Cases ExamplesSandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Cloud and mobile computing for lawyers
Cloud and mobile computing for lawyersCloud and mobile computing for lawyers
Cloud and mobile computing for lawyersNicole Black
 

More Related Content

What's hot

KYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryKYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryNitin Patidar
 
Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011Adv Prashant Mali
 
Blockchain - Hype or Reality
Blockchain - Hype or RealityBlockchain - Hype or Reality
Blockchain - Hype or Realitysnewell4
 
What is blockchain beyond cryptocurrencies - 16 use cases
What is blockchain beyond cryptocurrencies - 16 use casesWhat is blockchain beyond cryptocurrencies - 16 use cases
What is blockchain beyond cryptocurrencies - 16 use casesAppinventiv
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorBrian Miller, Solicitor
 
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...Jim Brashear
 
AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company Artivatic.ai
 
Tape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisTape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisThomas Bronack
 
Chatbots: The New Sales Agent in Insurance Industry
Chatbots: The New Sales Agent in Insurance IndustryChatbots: The New Sales Agent in Insurance Industry
Chatbots: The New Sales Agent in Insurance IndustryArtivatic.ai
 
Smart contract development company blockchain developments
Smart contract development company blockchain developmentsSmart contract development company blockchain developments
Smart contract development company blockchain developmentsBlockchain Developments
 
Demystifying Smart Contracts
Demystifying Smart ContractsDemystifying Smart Contracts
Demystifying Smart ContractsBernard Peh
 
Blockchaindev #1 - Ethereum Smart Contracts 101
Blockchaindev #1 - Ethereum Smart Contracts 101Blockchaindev #1 - Ethereum Smart Contracts 101
Blockchaindev #1 - Ethereum Smart Contracts 101Thiago Araujo
 
How Blockchain App Development is Paving the Way for the Future
How Blockchain App Development is Paving the Way for the FutureHow Blockchain App Development is Paving the Way for the Future
How Blockchain App Development is Paving the Way for the FutureDamco Solutions
 
When and why to use blockchain technology
When and why to use blockchain technology When and why to use blockchain technology
When and why to use blockchain technology Blockchain Council
 

What's hot (16)

KYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryKYC Blockchain in Insurance Industry
KYC Blockchain in Insurance Industry
 
Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011Cloud computing and law-India legal summit 2011
Cloud computing and law-India legal summit 2011
 
Blockchain - Hype or Reality
Blockchain - Hype or RealityBlockchain - Hype or Reality
Blockchain - Hype or Reality
 
What is blockchain beyond cryptocurrencies - 16 use cases
What is blockchain beyond cryptocurrencies - 16 use casesWhat is blockchain beyond cryptocurrencies - 16 use cases
What is blockchain beyond cryptocurrencies - 16 use cases
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
 
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...
Raising the Bar for Email Security: Confidentiality and Privacy Standards tha...
 
AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company AI Underwriting Case Study for Life Insurance company
AI Underwriting Case Study for Life Insurance company
 
Tape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysisTape vaulting audit and encryption usage analysis
Tape vaulting audit and encryption usage analysis
 
Chatbots: The New Sales Agent in Insurance Industry
Chatbots: The New Sales Agent in Insurance IndustryChatbots: The New Sales Agent in Insurance Industry
Chatbots: The New Sales Agent in Insurance Industry
 
Smart contract development company blockchain developments
Smart contract development company blockchain developmentsSmart contract development company blockchain developments
Smart contract development company blockchain developments
 
Demystifying Smart Contracts
Demystifying Smart ContractsDemystifying Smart Contracts
Demystifying Smart Contracts
 
Ppt presentation 1
Ppt presentation 1Ppt presentation 1
Ppt presentation 1
 
Blockchaindev #1 - Ethereum Smart Contracts 101
Blockchaindev #1 - Ethereum Smart Contracts 101Blockchaindev #1 - Ethereum Smart Contracts 101
Blockchaindev #1 - Ethereum Smart Contracts 101
 
How Blockchain App Development is Paving the Way for the Future
How Blockchain App Development is Paving the Way for the FutureHow Blockchain App Development is Paving the Way for the Future
How Blockchain App Development is Paving the Way for the Future
 
When and why to use blockchain technology
When and why to use blockchain technology When and why to use blockchain technology
When and why to use blockchain technology
 
BlockchainPaper
BlockchainPaperBlockchainPaper
BlockchainPaper
 

Similar to Identity Federation: Citizen Consent and the Internet of Things - October 2017

DATA Working Group - Consumer Best Practices
DATA Working Group - Consumer Best PracticesDATA Working Group - Consumer Best Practices
DATA Working Group - Consumer Best PracticesDataSecretariat
 
Ten Blockchain Applications
Ten Blockchain ApplicationsTen Blockchain Applications
Ten Blockchain ApplicationsAhmed Banafa
 
Requirements for Successful Enterprises in a Federated Economy - October 2017
Requirements for Successful Enterprises in a Federated Economy - October 2017Requirements for Successful Enterprises in a Federated Economy - October 2017
Requirements for Successful Enterprises in a Federated Economy - October 2017Guy Huntington
 
Cloud and mobile computing for lawyers
Cloud and mobile computing for lawyersCloud and mobile computing for lawyers
Cloud and mobile computing for lawyersNicole Black
 
Blockchain supply chains v0.4
Blockchain supply chains v0.4Blockchain supply chains v0.4
Blockchain supply chains v0.4Luca Mauri
 
Blockchain For Enhancing Enterprise Cybersecurity.pdf
Blockchain For Enhancing Enterprise Cybersecurity.pdfBlockchain For Enhancing Enterprise Cybersecurity.pdf
Blockchain For Enhancing Enterprise Cybersecurity.pdfaNumak & Company
 
"Does blockchain hold the key to a new age of supply chain transparency and t...
"Does blockchain hold the key to a new age of supply chain transparency and t..."Does blockchain hold the key to a new age of supply chain transparency and t...
"Does blockchain hold the key to a new age of supply chain transparency and t...eraser Juan José Calderón
 
Digital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdoxDigital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdoxChristopher Wynder
 
How could Smart Contracts affect the Insurance Industry?
How could Smart Contracts affect the Insurance Industry?How could Smart Contracts affect the Insurance Industry?
How could Smart Contracts affect the Insurance Industry?George Theofilis
 
Blockchain Technology in Insurance Vertical
Blockchain Technology in Insurance Vertical Blockchain Technology in Insurance Vertical
Blockchain Technology in Insurance Vertical Sandeepk316
 
How Does Blockchain Technology Help In Health Insurance
How Does Blockchain Technology Help In Health Insurance How Does Blockchain Technology Help In Health Insurance
How Does Blockchain Technology Help In Health Insurance Blockchain Council
 
Blockchain and Supply Chain
Blockchain and Supply ChainBlockchain and Supply Chain
Blockchain and Supply ChainFinancial Poise
 
Blockchain and Supply Chain
Blockchain and Supply ChainBlockchain and Supply Chain
Blockchain and Supply ChainFinancial Poise
 
Blockchain and IoT For Supply Chain Traceability
Blockchain and IoT For Supply Chain TraceabilityBlockchain and IoT For Supply Chain Traceability
Blockchain and IoT For Supply Chain TraceabilityAccubits Technologies
 
Blockchain: A Potential Game-Changer for Life Insurance
Blockchain: A Potential Game-Changer for Life InsuranceBlockchain: A Potential Game-Changer for Life Insurance
Blockchain: A Potential Game-Changer for Life InsuranceCognizant
 
Mis assignment 2013
Mis assignment 2013Mis assignment 2013
Mis assignment 2013Rhoda Arthur
 
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...IRJET Journal
 

Similar to Identity Federation: Citizen Consent and the Internet of Things - October 2017 (20)

DATA Working Group - Consumer Best Practices
DATA Working Group - Consumer Best PracticesDATA Working Group - Consumer Best Practices
DATA Working Group - Consumer Best Practices
 
Automating trust with new technologies
Automating trust with new technologiesAutomating trust with new technologies
Automating trust with new technologies
 
Ten Blockchain Applications
Ten Blockchain ApplicationsTen Blockchain Applications
Ten Blockchain Applications
 
Requirements for Successful Enterprises in a Federated Economy - October 2017
Requirements for Successful Enterprises in a Federated Economy - October 2017Requirements for Successful Enterprises in a Federated Economy - October 2017
Requirements for Successful Enterprises in a Federated Economy - October 2017
 
Real implementation Blockchain Best Use Cases Examples
Real implementation Blockchain Best Use Cases ExamplesReal implementation Blockchain Best Use Cases Examples
Real implementation Blockchain Best Use Cases Examples
 
Cloud and mobile computing for lawyers
Cloud and mobile computing for lawyersCloud and mobile computing for lawyers
Cloud and mobile computing for lawyers
 
Blockchain supply chains v0.4
Blockchain supply chains v0.4Blockchain supply chains v0.4
Blockchain supply chains v0.4
 
Blockchain For Enhancing Enterprise Cybersecurity.pdf
Blockchain For Enhancing Enterprise Cybersecurity.pdfBlockchain For Enhancing Enterprise Cybersecurity.pdf
Blockchain For Enhancing Enterprise Cybersecurity.pdf
 
"Does blockchain hold the key to a new age of supply chain transparency and t...
"Does blockchain hold the key to a new age of supply chain transparency and t..."Does blockchain hold the key to a new age of supply chain transparency and t...
"Does blockchain hold the key to a new age of supply chain transparency and t...
 
Digital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdoxDigital signatures whitepaper_thinkdox
Digital signatures whitepaper_thinkdox
 
How could Smart Contracts affect the Insurance Industry?
How could Smart Contracts affect the Insurance Industry?How could Smart Contracts affect the Insurance Industry?
How could Smart Contracts affect the Insurance Industry?
 
Blockchain Technology in Insurance Vertical
Blockchain Technology in Insurance Vertical Blockchain Technology in Insurance Vertical
Blockchain Technology in Insurance Vertical
 
Authorization
AuthorizationAuthorization
Authorization
 
How Does Blockchain Technology Help In Health Insurance
How Does Blockchain Technology Help In Health Insurance How Does Blockchain Technology Help In Health Insurance
How Does Blockchain Technology Help In Health Insurance
 
Blockchain and Supply Chain
Blockchain and Supply ChainBlockchain and Supply Chain
Blockchain and Supply Chain
 
Blockchain and Supply Chain
Blockchain and Supply ChainBlockchain and Supply Chain
Blockchain and Supply Chain
 
Blockchain and IoT For Supply Chain Traceability
Blockchain and IoT For Supply Chain TraceabilityBlockchain and IoT For Supply Chain Traceability
Blockchain and IoT For Supply Chain Traceability
 
Blockchain: A Potential Game-Changer for Life Insurance
Blockchain: A Potential Game-Changer for Life InsuranceBlockchain: A Potential Game-Changer for Life Insurance
Blockchain: A Potential Game-Changer for Life Insurance
 
Mis assignment 2013
Mis assignment 2013Mis assignment 2013
Mis assignment 2013
 
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
IRJET - A Survey of Issues in Health Insurance System and Solution through Bl...
 

More from Guy Huntington

One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017Guy Huntington
 
Identity Federation: Governments and Economic Growth
Identity Federation: Governments and Economic GrowthIdentity Federation: Governments and Economic Growth
Identity Federation: Governments and Economic GrowthGuy Huntington
 
Identity federation = Biometrics and Governments Sept 2017
Identity federation = Biometrics and Governments Sept 2017Identity federation = Biometrics and Governments Sept 2017
Identity federation = Biometrics and Governments Sept 2017Guy Huntington
 
Identity federation – Mitigating Risks and Liabilities
Identity federation – Mitigating Risks and Liabilities Identity federation – Mitigating Risks and Liabilities
Identity federation – Mitigating Risks and Liabilities Guy Huntington
 
National Citizen Target SOA Architecture Sept 2016
National Citizen Target SOA Architecture Sept 2016National Citizen Target SOA Architecture Sept 2016
National Citizen Target SOA Architecture Sept 2016Guy Huntington
 
Citizen identity lifecycle july 2016
Citizen identity lifecycle july 2016Citizen identity lifecycle july 2016
Citizen identity lifecycle july 2016Guy Huntington
 
National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...
National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...
National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...Guy Huntington
 
Global & National Identity Projects Failures and Successes
Global & National Identity Projects Failures and SuccessesGlobal & National Identity Projects Failures and Successes
Global & National Identity Projects Failures and SuccessesGuy Huntington
 
Developing Countries National ICT Identity Governance Strategy
Developing Countries National ICT Identity Governance StrategyDeveloping Countries National ICT Identity Governance Strategy
Developing Countries National ICT Identity Governance StrategyGuy Huntington
 
National ICT & Citizen Payments Strategy
National ICT & Citizen Payments StrategyNational ICT & Citizen Payments Strategy
National ICT & Citizen Payments StrategyGuy Huntington
 
National Identity ICT Defence and Intelligence Strategy
National Identity ICT Defence and Intelligence StrategyNational Identity ICT Defence and Intelligence Strategy
National Identity ICT Defence and Intelligence StrategyGuy Huntington
 
National ICT & Healthcare Strategy
National ICT & Healthcare Strategy National ICT & Healthcare Strategy
National ICT & Healthcare StrategyGuy Huntington
 
National ICT & Education Strategy July 2016
National ICT & Education Strategy July 2016National ICT & Education Strategy July 2016
National ICT & Education Strategy July 2016Guy Huntington
 
National identity strategy presentation may 10, 2016
National identity strategy presentation may 10, 2016National identity strategy presentation may 10, 2016
National identity strategy presentation may 10, 2016Guy Huntington
 
National citizen identity strategy
National citizen identity strategyNational citizen identity strategy
National citizen identity strategyGuy Huntington
 
Proposed country identity strategy july 24, 2015
Proposed country identity strategy july 24, 2015Proposed country identity strategy july 24, 2015
Proposed country identity strategy july 24, 2015Guy Huntington
 

More from Guy Huntington (16)

One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017One pager - "Trust in an Interdependent World" - October 2017
One pager - "Trust in an Interdependent World" - October 2017
 
Identity Federation: Governments and Economic Growth
Identity Federation: Governments and Economic GrowthIdentity Federation: Governments and Economic Growth
Identity Federation: Governments and Economic Growth
 
Identity federation = Biometrics and Governments Sept 2017
Identity federation = Biometrics and Governments Sept 2017Identity federation = Biometrics and Governments Sept 2017
Identity federation = Biometrics and Governments Sept 2017
 
Identity federation – Mitigating Risks and Liabilities
Identity federation – Mitigating Risks and Liabilities Identity federation – Mitigating Risks and Liabilities
Identity federation – Mitigating Risks and Liabilities
 
National Citizen Target SOA Architecture Sept 2016
National Citizen Target SOA Architecture Sept 2016National Citizen Target SOA Architecture Sept 2016
National Citizen Target SOA Architecture Sept 2016
 
Citizen identity lifecycle july 2016
Citizen identity lifecycle july 2016Citizen identity lifecycle july 2016
Citizen identity lifecycle july 2016
 
National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...
National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...
National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...
 
Global & National Identity Projects Failures and Successes
Global & National Identity Projects Failures and SuccessesGlobal & National Identity Projects Failures and Successes
Global & National Identity Projects Failures and Successes
 
Developing Countries National ICT Identity Governance Strategy
Developing Countries National ICT Identity Governance StrategyDeveloping Countries National ICT Identity Governance Strategy
Developing Countries National ICT Identity Governance Strategy
 
National ICT & Citizen Payments Strategy
National ICT & Citizen Payments StrategyNational ICT & Citizen Payments Strategy
National ICT & Citizen Payments Strategy
 
National Identity ICT Defence and Intelligence Strategy
National Identity ICT Defence and Intelligence StrategyNational Identity ICT Defence and Intelligence Strategy
National Identity ICT Defence and Intelligence Strategy
 
National ICT & Healthcare Strategy
National ICT & Healthcare Strategy National ICT & Healthcare Strategy
National ICT & Healthcare Strategy
 
National ICT & Education Strategy July 2016
National ICT & Education Strategy July 2016National ICT & Education Strategy July 2016
National ICT & Education Strategy July 2016
 
National identity strategy presentation may 10, 2016
National identity strategy presentation may 10, 2016National identity strategy presentation may 10, 2016
National identity strategy presentation may 10, 2016
 
National citizen identity strategy
National citizen identity strategyNational citizen identity strategy
National citizen identity strategy
 
Proposed country identity strategy july 24, 2015
Proposed country identity strategy july 24, 2015Proposed country identity strategy july 24, 2015
Proposed country identity strategy july 24, 2015
 

Recently uploaded

VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一Fs
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 

Recently uploaded (20)

Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
定制(UAL学位证)英国伦敦艺术大学毕业证成绩单原版一比一
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 

Identity Federation: Citizen Consent and the Internet of Things - October 2017

  • 1. Identity Federation: Citizen Consent and the Internet of Things Author: Guy Huntington, President, Huntington Ventures Ltd. Date: October 2017
  • 2. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 2 Table of Contents Executive Summary ..................................................................................................................................................3 Introduction................................................................................................................................................................4 Internet of Things Consent Principles .......................................................................................................................5 Governments and Consent .......................................................................................................................................8 User Managed Access - Privacy and Security ..........................................................................................................9 Summary .................................................................................................................................................................10 About the Author .....................................................................................................................................................11
  • 3. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 3 Executive Summary With nanotechnology, devices are shrinking down to an almost molecular level and have the ability to communicate wirelessly via the Internet. These devices are beginning to proliferate in almost all aspects of our lives be it medical, transportation, government, clothing, appliances, and so on. Since device owners have to access many different systems to manage their authorization consents, it becomes unwieldy. This paper addresses the simple question of “How do I manage all my consents across a wide variety of different devices, suppliers, and their systems in one place?” The paper lays out Internet of Things Consent Principles, explaining each one in greater detail: • End user consent must be required to use the device except those cases where it is mandated by laws and regulations. • The chain of custody for consent must exist at all levels, i.e. from vendor through to final user or users based on risk and laws/regulations. • The device, the system that controls it, and/or the identity management system the device is a part of must be able to use “User Managed Access” and also “OpenID Connect” protocols. • Any individual, government, or enterprise offering a centralized user consent service must be mandated by laws and regulations. • Any consent management service must adhere to regulatory security best practices including identity and credential assurance, data storage and transmission as well as archival processes. • Based on risk, the identity assurance and the credential assurance must be applied to obtain and/or transfer consent between the user and various enterprises and/or other Internet of Things devices. • Secure, delegated access of consent should be part of the device’s consent management system. • The user of a centralized consent management service should have the ability to transfer this service to other enterprises offering this service in a secure manner. • When a user leaves a centralized consent management service, the service must securely store the data for a predetermined amount of time according to the timeframes set forth by laws and regulations. The paper then identifies areas where governments need to be involved with identity and credential assurance as well as laws and regulations pertaining to consent management. User Managed Access (UMA) is discussed from a privacy and security perspective. Users want to ensure their centrally managed consent service is secure. They won’t want unauthorized access and/or someone masquerading as them, learning about, and/or changing their consents. The paper then concludes by noting that identity federation is the heart of creating an interdependent world. The user should be securely in control of how this technology is deployed and used.
  • 4. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 4 Introduction With the development of nanotechnology and wireless communication, the size of wireless computer chips is becoming almost molecular in level. Nanotechnology is being implemented in everything including automotive components, medical devices, buildings and process controls, appliances, and will even eventually be implemented in clothing. While most of the industry’s focus is on producing new ways of interacting with devices, not a lot of attention is focused on user consent. Why is this important? Come with me on a journey… 5 years into the future. You will likely be interacting daily with 20-100 or more different devices such as your fridge. Your fridge is now smart. It actually knows what is inside it, how much has been consumed, what groceries you are running low on, and the ages of the food. You are a busy person who does not have time to shop. So, you give authorization consent to a company like Amazon or Walmart so the fridge information is automatically sent to them with predefined ordering information. You come home and find the food you need to replenish your fridge on your doorstep, which was automatically drop shipped by Amazon or Walmart using a drone. Perhaps your fridge was automatically restocked for you (https://www.foodbeast.com/news/walmart-delivery-service- home-access). Now let’s say that while you shop at Amazon or Walmart, there are some specialty stores you also like to shop at. You give your consent to the fridge to send the specialty retailers information on only the products they supply. When the product level gets low, the fridge automatically sends out information to them and the specialty retailer ships it to you. As your food preferences, budgets, and retailers change, or when you sell your fridge, you change your consent. This is just your fridge. Imagine the complex world of consent management when you have 20-100 different Internet of Things! Since the device owners have to access many different systems to manage their consents, it becomes unwieldly. This paper addresses the simple question of “How do I manage all my consents across a wide variety of different devices, suppliers, and their systems in one place?” First, some underlying principles of consent management are required. These principles will provide a legislative, vendor, and user framework to operate within.
  • 5. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 5 Internet of Things Consent Principles • End user consent must be required to use the device except in those cases where consent is mandated by laws and regulations. • The chain of custody for consent must exist at all levels, i.e. from vendor through to final user or users based on risk and laws/regulations. • The device, the system that controls it, and/or the identity management system the device is part of, must be able to use “User Managed Access” and also “OpenID Connect” protocols. • Any individual, government, or enterprise offering a centralized user consent service must be mandated by laws and regulations. • Any consent management service must adhere to regulatory security best practices including identity and credential assurance, data storage and transmission as well as archival processes. • Based on risk, the identity assurance and the credential assurance must be applied to obtain and/or transfer consent between the user and various enterprises and/or other Internet of Things devices. • Secure, delegated access of consent should be part of the device’s consent management system. • The user of a centralized consent management service should have the ability to transfer this service to other enterprises offering this service in a secure manner. • When a user leaves a centralized consent management service, the service must securely store the data for a predetermined amount of time according to the timeframes set forth by laws and regulations.
  • 6. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 6 End user consent must be required to use the device except those cases mandated by laws and regulations Consent to use and/or receive data or a service from a device should be required based on any applicable laws/regulations and/or risk. For example, a T-shirt you own that has a smart chip within it, will likely be low and require little or no consent, e.g. sending information to your washing machine. A driverless car owner may grant access to a driver of her vehicle. This is a higher risk and may or may not fall under certain legal laws and regulations about consent being obtained. The chain of custody for consent must exist at all levels, i.e. from vendor through to final user or users, based on risk and laws/regulations Chain of custody for consent, i.e. a historical record of who was granted authorizations, must exist for a device dependent upon risk and any laws or regulations applicable. Let’s take two devices as examples: a fridge and the pacemaker. The fridge consent chain of custody is not high risk. Therefore, the history of consents given for the fridge might not be held that long nor is required by law. Pacemakers are high risk with sensitive information. Therefore, the chain of custody of all consents given for this device, from the manufacturer onwards, needs to be kept for a specific period set forth by laws and regulations. The device, the system that controls it, and/or the identity management system the device is part of must be able to use “User Managed Access” and also “OpenID Connect” protocols “User Managed Access” (UMA) (https://kantarainitiative.org/confluence/display/uma/Home) is a vendor agnostic protocol designed to allow a user to centralize their authorization consents based on OAuth 2.0 (https://oauth.net/2/). It allows for one place for a user to go to view, change, or grant their authorizations for devices in different locations, networks, and enterprises. Devices should also be compatible with OpenID Connect (OIDC) (http://openid.net/connect/), which is a protocol built on top of OAuth to provide identity and credential assurance. As other principles state, based on risk, the consent obtained will use higher levels of identity and credential assurance where required. All devices and/or their control systems and/or identity management systems that control the device must be compliant with these protocols. Any individual, government, enterprise or individual offering a centralized user consent management service must be mandated by laws and regulations The potentially sensitive content of a user’s consent means that any government, enterprise, or third party offering a centralized user consent management service must be in compliance with laws and regulations pertaining to the service.
  • 7. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 7 Any consent management service must adhere to regulatory security best practices including Identity and credential assurance, data storage and transmission as well as archival processes. Governments should have laws and regulations pertaining to consent management. This should include specifications for different identity and credential assurance levels, the way the consent data is stored, accessed, transmitted, and archived. Based on risk, identity and credential assurance must be applied to validate the identity before applying consent How the user provides their consent should be based upon risk. For low risk consent, low identity and credential assurances levels will be used. However, as the risk rises, higher identity and credential assurance levels should be required. Let’s use the fridge and pacemaker as examples. The fridge is a low risk device, thus requiring low levels of identity and credential assurance to ensure that you, the owner, are who you claim to be, when assigning consent. A username and password might be sufficient with no identity verification required. A pacemaker is a high-risk device. Any changes to the authorization consent for the information this device produces should require high levels of identity and credential assurance. Identity verification from a government identity verification service and also a biometric plus a password might be required to authenticate in order to apply or change consent. Secure, delegated access of consent should be part of the device’s consent management system A user should have the ability to delegate some or all their consent to another. Let’s use the fridge as an example. You, the fridge owner, are the principal consent manager. You choose to give your partner the same abilities to manage consent. However, you decide to restrict consent abilities to your children, only allowing them to manage a small portion of the food consent within the fridge. The user of a centralized consent management service should have the ability to transfer this service to other enterprises offering this service in a secure manner If a user wants to switch suppliers of their central consent management service, it should be done in compliance with laws and regulations in a secure manner. Let’s use the example of a user deciding to switch from Acme Inc. as the centralized consent management service to a bank offering the same service. Laws and regulations need to be in place prescribing standards by which the user notifies Acme Inc. of their intent to terminate the agreement and the transfer to the bank. The history of the authorization consents, the time limit that Acme Inc. retains the information, and how the information should be transferred, should be mandated by laws and regulations.
  • 8. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 8 When a user leaves a centralized consent management service, the service must securely store the data for a predetermined amount of time according to the timeframes set forth by laws and regulations Laws and regulations should apply to how long a centralized consent management services retains their records after a user leaves the service. Governments and Consent From the above principles, it becomes apparent that governments need to be involved in creating a citizen consent system in the following areas: • Identity assurance • Credential assurance • Laws and regulations pertaining to consent management Identity and Credential Assurance What is identity and credential assurance? • Identity assurance is a rating scale of risk versus identity verification processes used • Credential assurance is a rating scale of risk versus the type of authentication used For low risk usage, whatever the vendor and user agree to will likely be sufficient. However, as the risk rises, higher levels of both identity and credential assurance are required. Governments are usually involved in determining identity assurance levels. Higher levels of identity assurance usually require biometrics. The same applies to credential assurance. The following paper illustrates how the old ways of doing this are no longer effective: Identity Federation: Biometrics and Governments (https://www.slideshare.net/ghuntington/identity-federation-biometrics-and-governments- sept-2017-80192336). Governments need to lay the foundational pieces for protecting a citizen’s biometrics. They also need to create a high-level identity verification assurance service upon which other levels of government and third parties use to verify and authenticate an identity. Laws and Regulations Governments should conduct a gap analysis illustrating where changes need to be made pertaining to citizen authorization consent. There are also cross-border authorization rights to consider. In Europe in 2018 the General Data Protection Regulation (GDPR) regulations come into effect. In this presentation by Eve Maler, Chair of the Consumer Identity World, Work Group she lays out how UMA will assist enterprise in meeting their compliance: https://kantarainitiative.org/confluence/download/attachments/17760302/CIWUSA%20Kantara%20wor kshop%20GDPR%20UMA%202017-09-11.pdf?api=v2. This is just the first of many similar requirements as governments all over the world create new identity protection laws.
  • 9. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 9 User Managed Access - Privacy and Security The protocol for User Managed Access (UMA) is dependent upon OAuth 2.0 for authorization. It has been designed to work with OpenID Connect for authentication. What does this really mean? In the Federation Protocols section of Enterprise Identity Federation: Mitigating Risks and Liabilities (https://www.slideshare.net/ghuntington/identity-federation-mitigating-risks-and-liabilities-79942481), it describes the following: Imagine that you are constructing a strong structure using blocks. At the bottom of the structure you use six large blocks. This is the foundational piece. However, there are many different ways to assemble each of the foundational blocks, i.e. each of the large blocks is composed of smaller blocks that can be assembled differently to make the larger foundational one. On top of the large foundational blocks, you then assemble five mid-tier blocks. Like the foundational ones supporting them, they too have different ways for each of them to be configured, i.e. each mid-tier block is made up of smaller blocks. • The foundational blocks are JSON components and WebFinger • Mid-tier blocks are the OAuth components Depending upon how the blocks are configured, then the protocol that uses them, i.e. UMA, may or may not be secure. This paper by Jim Manico1 illustrates some of the OAuth token countermeasures that need to be addressed: https://handouts.secappdev.org/handouts/2017/Jim%20Manico/04a.%20OAUTH%20Security%20Introd uction%20MODULE%202-9-2017.pdf Regulators, vendors, identity system providers, and users need to realize that the security and privacy of their Internet of Things centralized consent is dependent on how UMA and OAuth are configured. Any enterprise embarking on a deployment of UMA centralized consent service must first consider both the legal and security implications to mitigate risk and potential liabilities. From an end user’s perspective, they will want to ensure that their centrally managed consent service is secure. They won’t want unauthorized access and/or someone masquerading as them, learning about and/or changing their consents. 1 https://manicode.com/
  • 10. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 10 Summary The noted NY Times Columnist, Thomas Friedman, in a recent column stated2 : “We’re going through a change in the “climate” of globalization — going from an interconnected world to an interdependent one, from a world of walls where you build your wealth by hoarding the most resources to a world of webs where you build your wealth by having the most connections to the flow of ideas, networks, innovators and entrepreneurs. In this interdependent world, connectivity leads to prosperity and isolation leads to poverty. We got rich by being “America Connected” not “America First. Finally, we’re going through a change in the “climate” of technology and work. We’re moving into a world where computers and algorithms can analyze (reveal previously hidden patterns); optimize (tell a plane which altitude to fly each mile to get the best fuel efficiency); prophesize (tell you when your elevator will break or what your customer is likely to buy); customize (tailor any product or service for you alone); and digitize and automatize more and more products and services. Any company that doesn’t deploy all six elements will struggle, and this is changing every job and industry.” Identity federation is at the heart of this change. It is the “interdependent glue” allowing an enterprise, application, service, or a smart thing to trust one or more other entities and/or things. This occurs immediately, allowing secure authorized access from anywhere on the globe. Identities needs to control their privacy as well as their authorizations in a centralized fashion. This is achieved by establishing laws and regulations pertaining to authorization consent and adopting User Managed Access with OpenID Connect. A sweeping change is now upon us. The user should be securely in control of how this technology is deployed and used. 2 https://www.nytimes.com/2017/09/27/opinion/globalization-trump-american- progress.html?rref=collection%2Fcolumn%2Fthomas-l- friedman&action=click&contentCollection=opinion&region=stream&module=stream_unit&version=lat est&contentPlacement=1&pgtype=collection
  • 11. Huntington Ventures Ltd – The Business of Identity Management 6262 Wellington Avenue, West Vancouver, BC V7W 2H4 1-780-289-2776 www.hvl.net Page 11 About the Author Guy Huntington is a veteran identity architect, program and project manager who’s lead as well as rescued many large identity projects with many of them involving identity federation. His past clients include Boeing, Capital One, Kaiser Permanente, WestJet, Government of Alberta’s Digital Citizen Identity and Authentication Program and Alberta Blue Cross. As one of his past clients said “He is a great find, because he is able to do high quality strategic work, but is also well-versed in project management and technical details, so he can traverse easily from wide to deep. With Guy, you get skills that would typically be encompassed in a small team of people.”