[WG-P3] [WG-IDAssurance] What to call a Relying Party in terms of aTrust Framework

Mark Lizar mark at smartspecies.com
Fri Mar 11 08:05:52 EST 2011


That was Principal not Principle.  Subtle but important difference.

On 11 Mar 2011, at 12:59, Mark Lizar wrote:

> Rainer,
> The term Principle came from a restricted ISO Privacy Standard's doc
> that I recently read. I dont think  I can reference directly.(I will
> check)
> It pertains to the term Principle Actor.  As Iain Henderson points
> out.  There is no active term for Data Subject that is commonly used,
> perhaps Principle gets closest to the description. Still, I like the
> term Master Controller as invented the term in this context in a paper
> I wrote in 2005 called building a Master Controller Access Framework).
> Currently in the Privacy Framework WG, led by Anna Solomovic  we are
> reviewing global priacy principles for use in the Privacy Trust
> Framework analysis of Identity Management and the IAF.  It would be
> great to combine or link efforts in area's where we are doing the same
> thing for similar purpose.
> .
> - Mark
> On 11 Mar 2011, at 08:33, Rainer Hörbe wrote:
>> Mark,
>> I need to rephrase my question: What does Principal mean in the data
>> protection context (receiver, data subject or something else)? Did
>> you refer to a particular terminology?
>> Scott David did a quite broad terminology comparison for his
>> upcoming global grid glossary. Besides various IDM sources he
>> researched 3 privacy frameworks, 2 from ITU-T and "Generally
>> Accepted Privacy Principles: A Global Privacy Network". From this
>> comparison it seems that controller, processor, recipient and data
>> subject seem to be the most common terms.
>> - Rainer
>> On 10 Mar 2011, at 17:19, John Bradley wrote:
>>> Principal is used in the protocol domain to refer to entity that the
>>> assertion is about.
>>> In many cases it is the same as Data Subject but as assertions can
>>> be used for many things that is not always true.
>>> John B.
>>> On 2011-03-10, at 11:41 AM, Rainer Hörbe wrote:
>>>> Am 10.03.2011 um 12:26 schrieb Mark Lizar:
>>>>> In Data Protection, there are Roles: Controller, Processor and
>>>>> Principle.
>>>> I am only familiar with the terminology from the European DPD:
>>>> Controller, Processor, Requester and Data subject. In which domain
>>>> is Principle defined, and how does it map?
>>>> - Rainer
> _______________________________________________
> WG-P3 mailing list
> WG-P3 at kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-p3

More information about the WG-P3 mailing list