[WG-P3] [WG-IDAssurance] What to call a Relying Party in terms of aTrust Framework

Mark Lizar mark at smartspecies.com
Fri Mar 11 07:59:12 EST 2011


Rainer,

The term Principle came from a restricted ISO Privacy Standard's doc  
that I recently read. I dont think  I can reference directly.(I will  
check)

It pertains to the term Principle Actor.  As Iain Henderson points  
out.  There is no active term for Data Subject that is commonly used,  
perhaps Principle gets closest to the description. Still, I like the  
term Master Controller as invented the term in this context in a paper  
I wrote in 2005 called building a Master Controller Access Framework).

Currently in the Privacy Framework WG, led by Anna Solomovic  we are  
reviewing global priacy principles for use in the Privacy Trust  
Framework analysis of Identity Management and the IAF.  It would be  
great to combine or link efforts in area's where we are doing the same  
thing for similar purpose.
.
- Mark

On 11 Mar 2011, at 08:33, Rainer Hörbe wrote:

> Mark,
>
> I need to rephrase my question: What does Principal mean in the data  
> protection context (receiver, data subject or something else)? Did  
> you refer to a particular terminology?
>
> Scott David did a quite broad terminology comparison for his  
> upcoming global grid glossary. Besides various IDM sources he  
> researched 3 privacy frameworks, 2 from ITU-T and "Generally  
> Accepted Privacy Principles: A Global Privacy Network". From this  
> comparison it seems that controller, processor, recipient and data  
> subject seem to be the most common terms.
>
> - Rainer
>
> On 10 Mar 2011, at 17:19, John Bradley wrote:
>
>> Principal is used in the protocol domain to refer to entity that the
>> assertion is about.
>> In many cases it is the same as Data Subject but as assertions can
>> be used for many things that is not always true.
>>
>> John B.
>> On 2011-03-10, at 11:41 AM, Rainer Hörbe wrote:
>>
>>>
>>> Am 10.03.2011 um 12:26 schrieb Mark Lizar:
>>>
>>>> In Data Protection, there are Roles: Controller, Processor and
>>>> Principle.
>>>
>>> I am only familiar with the terminology from the European DPD:
>>> Controller, Processor, Requester and Data subject. In which domain
>>> is Principle defined, and how does it map?
>>>
>>> - Rainer
>



More information about the WG-P3 mailing list