[KI-LC] [BoT] Round 2 FTC Kantara Input regarding Security and Privacy

Salvatore D'Agostino sal at idmachines.com
Wed May 29 16:39:39 CDT 2013


A couple more touches.  

 

From: Dagg, Kenneth [mailto:Kenneth.Dagg at tbs-sct.gc.ca] 
Sent: Wednesday, May 29, 2013 4:04 PM
To: 'Joni Brennan'; 'Salvatore D'Agostino'
Cc: 'ingo.friese at telekom.de'; 'Smedinghoff, Tom'; 'Colin Soutar';
'LC at kantarainitiative.org'; 'trustees at kantarainitiative.org'; 'Anna
Slomovic/Equifax'; 'Mark Lizar'
Subject: RE: [KI-LC] [BoT] Round 2 FTC Kantara Input regarding Security and
Privacy

 

Joni,

 

I took a fast crack at editing as I found some of the wording rough. I also
tried to incorporate the ideas around Access Control more explicitly.

 

I liked the concept you introduced that the IoT is not all new – just a new
application of or way of looking at the existing. I tried to build upon that
idea.

 

Hopefully they help.

 

Ken

 

Kenneth Dagg
Senior Project Co-ordinator | Coordonnateur de projet supérieur
Security and Identity Management | Sécurité et gestion des identités
Chief Information Officer Branch | Direction du dirigeant principal de
l'information
Treasury Board of Canada Secretariat | Secrétariat du Conseil du Trésor du
Canada
Ottawa, Canada K1A 0R5
Kenneth.Dagg at tbs-sct.gc.ca

Telephone | Téléphone 613-957-7041 / Facsimile | Télécopieur 613-954-6642 /
Teletypewriter | Téléimprimeur 613-957-9090
Government of Canada | Gouvernement du Canada

cid:image001.gif at 01CDF886.3DB7BC50

 

From: jonibrennan at gmail.com [mailto:jonibrennan at gmail.com] On Behalf Of Joni
Brennan
Sent: May-29-13 3:04 PM
To: Salvatore D'Agostino
Cc: Dagg, Kenneth; ingo.friese at telekom.de; Smedinghoff, Tom; Colin Soutar;
LC at kantarainitiative.org; trustees at kantarainitiative.org; Anna
Slomovic/Equifax; Mark Lizar
Subject: Re: [KI-LC] [BoT] Round 2 FTC Kantara Input regarding Security and
Privacy

 

Dear All,

Please find attached draft 2 of the FTC comments where I have attempted to
reconcile the use cases and comments shared to date.  

Heather would you please start an overall editorial pass on this document
noting that there may be a few more comments of substance for inclusion.  

Let's set a goal that we conclude revisions on the draft by not later than
mid day (PT) tomorrow.  

ACTION: Please start reviewing content now if you have not done so already.
If there are no objections from LC or BoT by CoB PT on Friday I will send
the final draft as a letter from the Executive director with a short forward
that indicates comments included were gathered from the Trustees and LC but
not necessarily representative of the entire organization. 

Thank you for pulling this together in such a short time! 

 

On Wed, May 29, 2013 at 10:41 AM, Joni Brennan <joni at ieee-isto.org> wrote:

And Sal I know you have the real world experience in some of this Truck use
case model and appreciate all the comments thus far.  Ken, Sal, Ingo, Colin,
etc... I'm taking a pass at working all of this in over the next hour.  Then
I'll push it back to this group and ask Heather to take an editor pass.
Hopefully this brings us our final "light-touch" comments to FTC. 

I am working on a similar statement in another identity and I hope to
incorporate similar concepts across both approaches where I am holder of pen
for this item.  I hope that this admission is not an issue and, rather, I
suspect it can bolster the importance of the issues we are raising as a
community.  If there are any concerns please contact me directly. 

Next draft in ~ 1 hour.

 

On Wed, May 29, 2013 at 8:15 AM, Salvatore D'Agostino <sal at idmachines.com>
wrote:

So in previous lives “we” made vehicle and part identification systems and
have in fact used the quality control and the intelligent transportation
experience as a very useful paradigm for security and access control.  Think
of a toll booth, electronic ID (leave aside authentication for now), check
for valid account, check attributes (vehicle type), flag violation (error
report, time stamp), update account and create log among other things (and
improve user experience..).  Same thing applies to parts in production and
can be extended to process control.  So perhaps a light touch is a way to
look at how these do relate.

 

From: lc-bounces at kantarainitiative.org
[mailto:lc-bounces at kantarainitiative.org] On Behalf Of Dagg, Kenneth
Sent: Wednesday, May 29, 2013 10:49 AM
To: 'Ingo.Friese at telekom.de'; 'joni at ieee-isto.org'


Cc: 'Smedinghoff at wildman.com'; 'email at colinsoutar.com';
'LC at kantarainitiative.org'; 'trustees at kantarainitiative.org';
'anna.slomovic at equifax.com'; 'mark.lizar at gmail.com'

Subject: Re: [KI-LC] [BoT] Round 2 FTC Kantara Input regarding Security and
Privacy

 

Ingo,

 

I would suggest that the use-cases where it appears that access-control (as
it currently is known) need to be re-examined with a view to either updating
the use-case or access-control.  

 

For the use-case of a truck accessing Hamburg harbor I am not clear why the
truck is not able to authenticate. It may not be able to provide a
traditional LOA2 username/password but it should be able to provide some
sort of equivalent LOA2 token. Or maybe the truck, the driver and the
truck-driver association are all validated and access-control is
strengthened.

 

The “fake” product scenario is also interesting.  However, it is very
similar, at least in my mind, to ensuring that the credential remains under
the control of the entity (a part in this case) to which it was issued and
that it is not a “fake/counterfeit” credential.  These are challenges that
high-level (2 and above) authentication is supposed to address.

 

It is my still my belief (I’m not sure how yet) that a vast majority of
these scenarios should be addressable / enhancable by the approaches
suggested in Attribute Based Access Control (ABAC). That is not to say that
we won’t have to explore new and different directions but rather that we
work hard to scope the these to a few exceptions rather than the norm.

 

All this being said, I would endorse the approach that Kantara’s
contribution should be a light touch at this time. I would endorse Colin’s
suggestion that we use our response to raise some issues/questions and
identify some potentially applicable approaches that don’t leave people with
the impression that the IoT is a brand new thing.

 

Ken

 


Kenneth Dagg
Senior Project Co-ordinator | Coordonnateur de projet supérieur
Security and Identity Management | Sécurité et gestion des identités
Chief Information Officer Branch | Direction du dirigeant principal de
l'information
Treasury Board of Canada Secretariat | Secrétariat du Conseil du Trésor du
Canada
Ottawa, Canada K1A 0R5
Kenneth.Dagg at tbs-sct.gc.ca

Telephone | Téléphone 613-957-7041 / Facsimile | Télécopieur 613-954-6642 /
Teletypewriter | Téléimprimeur 613-957-9090
Government of Canada | Gouvernement du Canada

cid:image001.gif at 01CDF886.3DB7BC50

 

From: Ingo.Friese at telekom.de [mailto:Ingo.Friese at telekom.de] 

Sent: May-29-13 10:27 AM
To: joni at ieee-isto.org; Dagg, Kenneth
Cc: Smedinghoff at wildman.com; email at colinsoutar.com;
LC at kantarainitiative.org; trustees at kantarainitiative.org;
anna.slomovic at equifax.com; mark.lizar at gmail.com

Subject: RE: [KI-LC] [BoT] Round 2 FTC Kantara Input regarding Security and
Privacy

 

Hi Joni,

Hi Ken,

 

Thank you for revising the paper. I like it. Joni I agree, this should be
(like you said) a n early light touch contribution. 

Ken , thank you for your comments. Let me try to answer:

 

Frist of all it would be great if we could apply access control as known
also to the IoT, because we don’t want to re-invent the wheel.

Unfortunately we have many use-cases where the old way won’t work.

e.g.: A truck accessing Hamburg harbor is not able to use username/password
for authentication. In this case we need generic identifiers and other ways
for authentication

Another example – faked products or machine parts (companies think they
bought a high-tech Siemens rotor – and they get a low cost plagiarism). 

So how to check and authenticate parts online along their way from
production to the customer? I think sometimes we can apply known access
control stuff and sometimes we have to go new directions.

 

 

Regarding your architecture comment : You are right, we should help to
develop an IoT architecture at least from an IdM part of view.

 

Joni it’s a good paper (considering the few days we had for preparation).
Like Colin said lets integrate, e.g. the architecture remark etc. and that’s
it.

 

 

Best regards,

 

                Ingo 

 

 

From: lc-bounces at kantarainitiative.org
[mailto:lc-bounces at kantarainitiative.org] On Behalf Of Joni Brennan
Sent: Donnerstag, 23. Mai 2013 21:35
To: Dagg, Kenneth
Cc: Smedinghoff, Tom; Colin Soutar; LC at kantarainitiative.org;
trustees at kantarainitiative.org; Anna Slomovic/Equifax; Mark Lizar
Subject: Re: [KI-LC] [BoT] Round 2 FTC Kantara Input regarding Security and
Privacy

 

Thank you for the comments Ken.  I will seek to work them in to a next
draft.  The paper is very comprehensive and the original intent of LC was to
make an early light touch contribution.  Note that there is likely soon to
be an Identity of Things (IDoT) DG in Kantara which would explore the issues
in much more detail and then potentially develop some recommendations about
how Kantara might provide value in the space etc.  Modeling that you
described could very likely be a part of the IDoT DG early approach if not
as recommended for a WG to take action on. 

We continue to welcome comments from others as well.  

Best Regards,
Joni

 

On Thu, May 23, 2013 at 12:29 PM, Dagg, Kenneth <Kenneth.Dagg at tbs-sct.gc.ca>
wrote:

Joni,

 

I reviewed the document and found some shortcomings. My personal concerns
could be mitigated if there are other documents that describe the context of
the Internet of Things (IoT). I have used COMMENTS to voice my personal
concerns. My apologies, but given the short turnaround time, I regret not
being able to recommend how the text could be changed but I just do not have
the cycles.

 

It appears to me, with my minimal technical knowledge about the IoT, that
the basic concepts of Access Control should apply to the IoT. If this is
true, then I would suggest that a lot of the privacy and security
implications have been identified. The prime difference, in my personal
opinion, with traditional Access Control is the components, like they are in
Trust Frameworks and Federations, are decoupled.

 

I also believe that a conceptual architecture of the IoT needs to be
developed (if it already exists then I stand corrected). Without this type
of understanding, it is my personal opinion that any standards / frameworks
/ infrastructures that are developed will be tend to be restrictive rather
than accommodating. If my belief that Access Control applies then the
architecture may essentially be done (could be based on the Attribute Based
Access Control – NIST Special Publication 800-162).

 

The conceptual architecture would also include an architecture for “things”
that identifies the type of information they contain, its functions (e.g.,
authentication), etc.

 

Ken

 

Kenneth Dagg
Senior Project Co-ordinator | Coordonnateur de projet supérieur
Security and Identity Management | Sécurité et gestion des identités
Chief Information Officer Branch | Direction du dirigeant principal de
l'information
Treasury Board of Canada Secretariat | Secrétariat du Conseil du Trésor du
Canada
Ottawa, Canada K1A 0R5
Kenneth.Dagg at tbs-sct.gc.ca

Telephone | Téléphone 613-957-7041 / Facsimile | Télécopieur 613-954-6642 /
Teletypewriter | Téléimprimeur 613-957-9090
Government of Canada | Gouvernement du Canada

cid:image001.gif at 01CDF886.3DB7BC50

 

From: trustees-bounces at kantarainitiative.org
[mailto:trustees-bounces at kantarainitiative.org] On Behalf Of Joni Brennan
Sent: May-23-13 2:10 PM
To: trustees at kantarainitiative.org; LC at kantarainitiative.org
Cc: Smedinghoff, Tom; Mark Lizar; Colin Soutar; Anna Slomovic/Equifax
Subject: [BoT] Round 2 FTC Kantara Input regarding Security and Privacy

 

Hello,

Thank you Ingo for your first take at the FTC comments [1]!  I have edited
them slightly and made some contributions to the document.  

Please see attached.  Trustees and LC please advise of suggested inclusions
or edits for the document.  I'm hopeful that some of our Privacy based
membership will have additional comments. (I've copied a few of you directly
but this is an open paper so don't hesitate to add others!)

Ideally we need to have the document finalized by May 29 (with no LC
objections).  I would then like to submit the document as the Kantara ED and
on behalf of the Leadership Council.  

Please advise with any further comments or considerations to this activity.


[1] http://www.ftc.gov/opa/2013/04/internetthings.shtm

Best Regards,
Joni

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/lc/attachments/20130529/1bdef131/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 7226 bytes
Desc: not available
URL: <http://kantarainitiative.org/pipermail/lc/attachments/20130529/1bdef131/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: FTC-KI-Comments-v2 KD01-sda01.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 47489 bytes
Desc: not available
URL: <http://kantarainitiative.org/pipermail/lc/attachments/20130529/1bdef131/attachment-0001.docx>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6085 bytes
Desc: not available
URL: <http://kantarainitiative.org/pipermail/lc/attachments/20130529/1bdef131/attachment-0001.bin>


More information about the LC mailing list