[WG-P3] [WG-IDAssurance] What to call a Relying Party in terms of aTrust Framework

Mark Lizar mark at smartspecies.com
Fri Mar 11 08:05:52 EST 2011


Oops,

That was Principal not Principle.  Subtle but important difference.


On 11 Mar 2011, at 12:59, Mark Lizar wrote:

> Rainer,
>
> The term Principle came from a restricted ISO Privacy Standard's doc
> that I recently read. I dont think  I can reference directly.(I will
> check)
>
> It pertains to the term Principle Actor.  As Iain Henderson points
> out.  There is no active term for Data Subject that is commonly used,
> perhaps Principle gets closest to the description. Still, I like the
> term Master Controller as invented the term in this context in a paper
> I wrote in 2005 called building a Master Controller Access Framework).
>
> Currently in the Privacy Framework WG, led by Anna Solomovic  we are
> reviewing global priacy principles for use in the Privacy Trust
> Framework analysis of Identity Management and the IAF.  It would be
> great to combine or link efforts in area's where we are doing the same
> thing for similar purpose.
> .
> - Mark
>
> On 11 Mar 2011, at 08:33, Rainer Hörbe wrote:
>
>> Mark,
>>
>> I need to rephrase my question: What does Principal mean in the data
>> protection context (receiver, data subject or something else)? Did
>> you refer to a particular terminology?
>>
>> Scott David did a quite broad terminology comparison for his
>> upcoming global grid glossary. Besides various IDM sources he
>> researched 3 privacy frameworks, 2 from ITU-T and "Generally
>> Accepted Privacy Principles: A Global Privacy Network". From this
>> comparison it seems that controller, processor, recipient and data
>> subject seem to be the most common terms.
>>
>> - Rainer
>>
>> On 10 Mar 2011, at 17:19, John Bradley wrote:
>>
>>> Principal is used in the protocol domain to refer to entity that the
>>> assertion is about.
>>> In many cases it is the same as Data Subject but as assertions can
>>> be used for many things that is not always true.
>>>
>>> John B.
>>> On 2011-03-10, at 11:41 AM, Rainer Hörbe wrote:
>>>
>>>>
>>>> Am 10.03.2011 um 12:26 schrieb Mark Lizar:
>>>>
>>>>> In Data Protection, there are Roles: Controller, Processor and
>>>>> Principle.
>>>>
>>>> I am only familiar with the terminology from the European DPD:
>>>> Controller, Processor, Requester and Data subject. In which domain
>>>> is Principle defined, and how does it map?
>>>>
>>>> - Rainer
>>
>
> _______________________________________________
> WG-P3 mailing list
> WG-P3 at kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-p3



More information about the WG-P3 mailing list