---------- Forwarded message ---------- From: Owen Thomas <owen.paul.thomas@gmail.com> Date: 9 May 2013 13:17 Subject: Re: [community] survey of privacy features of authentication technologies To: David Chadwick <d.w.chadwick@kent.ac.uk> Cc: Peter Bachman <peterb@cequs.com>, Stephen Wilson < swilson@lockstep.com.au>, "community@lists.idcommons.net" < community@lists.idcommons.net>, Samer Wazan <aswazan@gmail.com> Hello again. I apologise that I'm not too well informed of the debate in privacy; x.509 certificates, IETF, OASIS are acronyms that fly too far above my head to reach. However, I would like to give my own view of privacy and authentication in relation to my Clique Space idea. Hopefully, the example I use here will illustrate some general features people consider salient. Say, I and three others are going out to have a dinner at a restaurant. The occasion is that it is a mother's day dinner out, and I am taking my mother (one of the other three people) out to dinner. I am paying for her dinner, but the other two individual is paying for themselves. Say, we all live in a world where Clique Space is commonplace. What, you might wonder, does this mean? At the most abstract level, this means that you possess one or more Agent Devices and you use your Agent Devices to cooperate with Agent Devices of other people in Cliques which form, grow, shrink, and disband within and between administrative domains called Clique Spaces. Agent Devices are devices like any other and have a physical manifestation like phones, cars, and computers. Other things like credit cards, Facebook pages, twitter accounts, bank accounts, and other abstract entities having no physical existence can be considered devices in Clique Space if they can exchange state information with one or more Agent Devices. Now, back to the restaurant example, myself and the other three co-diners walk into the restaurant and meet the waiter. Before we are ushered to our table, the waiter verifies with us who is in our Clique, and who the Clique's Owner will be. I say I will be the Clique's Owner as I know who will be paying for who's meal; the waiter, an individual who has activated their "waiter" Affiliation through a selected Identity, gives me the Identity through which they have done this. I possess relevant Identities of my co-diners, and I use all Identities to form the Clique that I will own. This Clique lasts for the duration of our meal. The restaurant uses the information in their account and in the service record of our waiter. I use the Clique to assert that I will pay for myself and my mother. The third diner accepts the condition that they pay for their own meal or the Clique wouldn't have been able to form. The waiter has joined my Clique because the Clique I have formed accepts that payment will be automatically deducted from each diner's account into the restaurant's account sufficient to pay the bill of service. Each Participant has the opportunity to persist their individual Clique Space activity; interactions with others constitute this activity, and so each Participant has the opportunity to keep a record of this Clique in case there is any contention as to the bill, the proportion of the bill payed by each diner, the service offered by the waiter, or the activity recorded against other media like the bank's transaction system. Each Participant except my mother disclosed their bank's transaction facility as a medium in this Clique. When the Clique formed, the devices that compose each Participant's transaction facility were nominated in the relevant Participant as Connections - activated against the relevant Identities by these identities to be expressed in the corresponding Participant. Again, the Clique cannot form if the media requirements set by the Clique's Owner candidate (my candidate Participant) are not met by all other candidate Participants. Hence, the Clique will only form if the medium and all constraints regarding the usage of this medium are met by all candidate Participants. Actual Participant instances will only be instantiated when constraint affinity can be met, and can only exist while ever constraint affinity can continue to be met. I think my example fits in with privacy and an authentication mechanisms featured by other contributors in this thread, and there might be others who would like to discuss how these mechanisms might work. Owen. -- Employment-from-home. Make mine part-time. Yes you can. Software developers certainly can be salaried and superannuated part-time from home. Make it so for this one. Clique Space(TM): A seat for the soul. www.owenpaulthomas.blogspot.com -- Employment-from-home. Make mine part-time. Yes you can. Software developers certainly can be salaried and superannuated part-time from home. Make it so for this one. Clique Space(TM): A seat for the soul. www.owenpaulthomas.blogspot.com